From d78cef065efb51f338a580b6f50e4394c4ad7843 Mon Sep 17 00:00:00 2001 From: AlvoBen <144705560+AlvoBen@users.noreply.github.com> Date: Tue, 18 Jun 2024 15:54:22 +0300 Subject: [PATCH] CLI | Add parallel GetSastMetadetaByID functionality (AST-40381) (#737) * Add Pagination req * Add Pagination req * Add GetSastMetadataByIDsInParallel func in sast-metadata-http.go * revert pagination * add sastMetaDataInParallel func to mock * change signature of func in mock * Add integration test * encapsulate getSastMetadata function * revert changes in util command * added integration test * Update internal/wrappers/sast-metadata.go Co-authored-by: tamarleviCm <110327792+tamarleviCm@users.noreply.github.com> * Added semaphore to limit go routines * Added semaphore to limit go routines * add sast metadata service * change sast metadata mock * add unit tests * add unit tests * add unit tests * add unit tests * add unit tests * remove sorting response functionality * remove sorting response functionality * add service name explanation * change to semaphore pkg * change to semaphore pkg * change to semaphore pkg * add missing dependencies * re trigger pipeline * check * check * skip failing tests * revert skipping --------- Co-authored-by: AlvoBen Co-authored-by: tamarleviCm <110327792+tamarleviCm@users.noreply.github.com> Co-authored-by: Or Shamir Checkmarx <93518641+OrShamirCM@users.noreply.github.com> --- go.mod | 1 + go.sum | 2 + internal/commands/scan.go | 5 +- internal/services/sast-metadata.go | 81 ++++ internal/services/sast-metadata_test.go | 78 ++++ internal/wrappers/mock/sast-metadata-mock.go | 36 +- internal/wrappers/sast-metadata-http.go | 1 - test/integration/scan_test.go | 416 ++++++++++--------- 8 files changed, 415 insertions(+), 205 deletions(-) create mode 100644 internal/services/sast-metadata.go create mode 100644 internal/services/sast-metadata_test.go diff --git a/go.mod b/go.mod index 39e981505..2f6505b0d 100644 --- a/go.mod +++ b/go.mod @@ -17,6 +17,7 @@ require ( github.com/stretchr/testify v1.9.0 github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80 golang.org/x/crypto v0.22.0 + golang.org/x/sync v0.6.0 golang.org/x/text v0.14.0 google.golang.org/grpc v1.63.2 google.golang.org/protobuf v1.33.0 diff --git a/go.sum b/go.sum index 7e22d8762..38e76693a 100644 --- a/go.sum +++ b/go.sum @@ -88,6 +88,8 @@ golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjs golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= +golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= diff --git a/internal/commands/scan.go b/internal/commands/scan.go index c0e2e0052..836768659 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -2002,7 +2002,6 @@ func runListScansCommand(scansWrapper wrappers.ScansWrapper, sastMetadataWrapper if err != nil { return errors.Wrapf(err, "%s", failedGettingAll) } - allScansModel, errorModel, err = scansWrapper.Get(params) if err != nil { return errors.Wrapf(err, "%s\n", failedGettingAll) @@ -2200,9 +2199,7 @@ func toScanViews(scans []wrappers.ScanResponseModel, sastMetadataWrapper wrapper scanIDs[i] = scans[i].ID } - paramsToSast := map[string]string{"scan-ids": strings.Join(scanIDs, ",")} - - sastMetadata, err := sastMetadataWrapper.GetSastMetadataByIDs(paramsToSast) + sastMetadata, err := services.GetSastMetadataByIDs(sastMetadataWrapper, scanIDs) if err != nil { logger.Printf("error getting sast metadata: %v", err) return nil, err diff --git a/internal/services/sast-metadata.go b/internal/services/sast-metadata.go new file mode 100644 index 000000000..0005790a0 --- /dev/null +++ b/internal/services/sast-metadata.go @@ -0,0 +1,81 @@ +package services + +import ( + "context" + "strings" + "sync" + + commonParams "github.com/checkmarx/ast-cli/internal/params" + "github.com/checkmarx/ast-cli/internal/wrappers" + "golang.org/x/sync/semaphore" +) + +const ( + BatchSize = 200 +) + +func GetSastMetadataByIDs(sastMetaDataWrapper wrappers.SastMetadataWrapper, scanIDs []string) (*wrappers.SastMetadataModel, error) { + totalBatches := (len(scanIDs) + BatchSize - 1) / BatchSize + maxConcurrentGoRoutines := 10 + sem := semaphore.NewWeighted(int64(maxConcurrentGoRoutines)) + + var wg sync.WaitGroup + results := make(chan wrappers.SastMetadataModel, totalBatches) + errors := make(chan error, totalBatches) + ctx := context.Background() + + for i := 0; i < totalBatches; i++ { + start := i * BatchSize + end := start + BatchSize + if end > len(scanIDs) { + end = len(scanIDs) + } + + batchParams := map[string]string{ + commonParams.ScanIDsQueryParam: strings.Join(scanIDs[start:end], ","), + } + + wg.Add(1) + err := sem.Acquire(ctx, 1) + if err != nil { + return nil, err + } + go func() { + defer wg.Done() + defer sem.Release(1) + + result, err := sastMetaDataWrapper.GetSastMetadataByIDs(batchParams) + if err != nil { + errors <- err + return + } + results <- *result + }() + } + + go func() { + wg.Wait() + close(results) + close(errors) + }() + + if len(errors) > 0 { + return nil, <-errors + } + + var models []wrappers.SastMetadataModel + for result := range results { + models = append(models, result) + } + return makeSastMetadataModelFromResults(models), nil +} + +func makeSastMetadataModelFromResults(results []wrappers.SastMetadataModel) *wrappers.SastMetadataModel { + finalResult := &wrappers.SastMetadataModel{} + for _, result := range results { + finalResult.TotalCount += result.TotalCount + finalResult.Scans = append(finalResult.Scans, result.Scans...) + finalResult.Missing = append(finalResult.Missing, result.Missing...) + } + return finalResult +} diff --git a/internal/services/sast-metadata_test.go b/internal/services/sast-metadata_test.go new file mode 100644 index 000000000..ac96bfb82 --- /dev/null +++ b/internal/services/sast-metadata_test.go @@ -0,0 +1,78 @@ +package services + +import ( + "fmt" + "strconv" + "strings" + "testing" + + "github.com/checkmarx/ast-cli/internal/wrappers" + "github.com/checkmarx/ast-cli/internal/wrappers/mock" + "github.com/stretchr/testify/assert" //nolint:depguard +) + +func TestGetSastMetadataByIDs(t *testing.T) { + tests := []struct { + name string + scanIDs []string + }{ + { + name: "Multiple batches", + scanIDs: createScanIDs(5000), + }, + { + name: "Single batch", + scanIDs: createScanIDs(100), + }, + { + name: "Empty slice", + scanIDs: []string{}, + }, + { + name: "Multiple batches with partial last batch", + scanIDs: createScanIDs(893), + }, + } + + for _, tt := range tests { + tt := tt + t.Run(tt.name, func(t *testing.T) { + wrapper := &mock.SastMetadataMockWrapper{} + actual, err := GetSastMetadataByIDs(wrapper, tt.scanIDs) + if err != nil { + t.Errorf("GetSastMetadataByIDs(%v) returned an error: %v", tt.scanIDs, err) + } + assert.True(t, checkAllScanExists(actual.Scans, "ConcurrentTest", len(tt.scanIDs))) + assert.Equal(t, len(tt.scanIDs), len(actual.Scans)) + }) + } +} + +func createScanIDs(count int) []string { + scanIDs := make([]string, count) + for i := 0; i < count; i++ { + scanIDs[i] = fmt.Sprintf("ConcurrentTest%d", i) + } + return scanIDs +} + +func checkAllScanExists(scans []wrappers.Scans, prefix string, count int) bool { + existingScans := make(map[int]bool) + + for i := range scans { + scan := &scans[i] + if strings.HasPrefix(scan.ScanID, prefix) { + scanNumberStr := scan.ScanID[len(prefix):] + if scanNumber, err := strconv.Atoi(scanNumberStr); err == nil { + existingScans[scanNumber] = true + } + } + } + + for i := 0; i < count; i++ { + if !existingScans[i] { + return false + } + } + return true +} diff --git a/internal/wrappers/mock/sast-metadata-mock.go b/internal/wrappers/mock/sast-metadata-mock.go index caf7965ba..5ea41dc78 100644 --- a/internal/wrappers/mock/sast-metadata-mock.go +++ b/internal/wrappers/mock/sast-metadata-mock.go @@ -1,13 +1,29 @@ package mock -import "github.com/checkmarx/ast-cli/internal/wrappers" +import ( + "strings" + + "github.com/checkmarx/ast-cli/internal/wrappers" +) type SastMetadataMockWrapper struct{} +const ( + scanIDParam = "scan-ids" + concurrent = "ConcurrentTest" +) + func (s SastMetadataMockWrapper) GetSastMetadataByIDs(params map[string]string) ( *wrappers.SastMetadataModel, error, ) { + if strings.Contains(params[scanIDParam], concurrent) { + scanIDs := strings.Split(params[scanIDParam], ",") + return &wrappers.SastMetadataModel{ + TotalCount: len(scanIDs), + Scans: convertScanIDsToScans(scanIDs), + }, nil + } return &wrappers.SastMetadataModel{ TotalCount: 2, Scans: []wrappers.Scans{ @@ -27,7 +43,7 @@ func (s SastMetadataMockWrapper) GetSastMetadataByIDs(params map[string]string) FileCount: 70, IsIncremental: false, IsIncrementalCanceled: true, - IncrementalCancelReason: "Some reason", + IncrementalCancelReason: "some reason", BaseID: "baseID", DeletedFilesCount: 3, }, @@ -35,3 +51,19 @@ func (s SastMetadataMockWrapper) GetSastMetadataByIDs(params map[string]string) Missing: []string{"missing1", "missing2"}, }, nil } + +func convertScanIDsToScans(scanIDs []string) []wrappers.Scans { + scans := make([]wrappers.Scans, 0, len(scanIDs)) + for i, scanID := range scanIDs { + scans = append(scans, wrappers.Scans{ + ScanID: scanID, + ProjectID: "project" + scanID, + Loc: 100 + i, + FileCount: 50 + i, + IsIncremental: i%2 == 0, + AddedFilesCount: 10 + i, + ChangedFilesCount: 5 + i, + }) + } + return scans +} diff --git a/internal/wrappers/sast-metadata-http.go b/internal/wrappers/sast-metadata-http.go index 0d437f690..7fa5139f5 100644 --- a/internal/wrappers/sast-metadata-http.go +++ b/internal/wrappers/sast-metadata-http.go @@ -23,7 +23,6 @@ func NewSastIncrementalHTTPWrapper(path string) SastMetadataWrapper { func (s *SastIncrementalHTTPWrapper) GetSastMetadataByIDs(params map[string]string) (*SastMetadataModel, error) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - resp, err := SendPrivateHTTPRequestWithQueryParams(http.MethodGet, s.path, params, http.NoBody, clientTimeout) if err != nil { return nil, err diff --git a/test/integration/scan_test.go b/test/integration/scan_test.go index e2132e68e..7b708936f 100644 --- a/test/integration/scan_test.go +++ b/test/integration/scan_test.go @@ -59,6 +59,216 @@ type ScanWorkflowResponse struct { Information string `json:"info"` } +func TestCreateScan_WithOnlyValidApikeyFlag_Success(t *testing.T) { + originals := getOriginalEnvVars() + + setEnvVars(map[string]string{ + params.AstAPIKeyEnv: invalidAPIKey, + params.AccessKeyIDEnv: invalidClientID, + params.AccessKeySecretEnv: invalidClientSecret, + params.TenantEnv: invalidTenant, + }) + + defer setEnvVars(originals) + + args := []string{ + "scan", "create", + flag(params.ProjectName), "project", + flag(params.SourcesFlag), "data/insecure.zip", + flag(params.ScanTypes), "iac-security", + flag(params.BranchFlag), "dummy_branch", + flag(params.AstAPIKeyFlag), originals[params.AstAPIKeyEnv], + } + + err, _ := executeCommand(t, args...) + assert.NilError(t, err) +} + +func TestCreateScan_WithOnlyValidApikeyEnvVar_Success(t *testing.T) { + originals := getOriginalEnvVars() + + setEnvVars(map[string]string{ + params.AccessKeyIDEnv: invalidClientID, + params.AccessKeySecretEnv: invalidClientSecret, + params.TenantEnv: invalidTenant, + }) + + defer setEnvVars(originals) + + args := []string{ + "scan", "create", + flag(params.ProjectName), "project", + flag(params.SourcesFlag), "data/insecure.zip", + flag(params.ScanTypes), "iac-security", + flag(params.BranchFlag), "dummy_branch", + } + + err, _ := executeCommand(t, args...) + assert.NilError(t, err) +} + +func TestCreateScan_WithOnlyInvalidApikeyEnvVar_Fail(t *testing.T) { + originals := getOriginalEnvVars() + + setEnvVars(map[string]string{ + params.AstAPIKeyEnv: invalidAPIKey, + params.AccessKeyIDEnv: invalidClientID, + params.AccessKeySecretEnv: invalidClientSecret, + params.TenantEnv: invalidTenant, + }) + + defer setEnvVars(originals) + + args := []string{ + "scan", "create", + flag(params.ProjectName), "project", + flag(params.SourcesFlag), "data/insecure.zip", + flag(params.ScanTypes), "iac-security", + flag(params.BranchFlag), "dummy_branch", + } + + err, _ := executeCommand(t, args...) + assert.Error(t, err, "Error validating scan types: Token decoding error: token contains an invalid number of segments") +} + +func TestCreateScan_WithOnlyInvalidApikeyFlag_Fail(t *testing.T) { + originals := getOriginalEnvVars() + + setEnvVars(map[string]string{ + params.AstAPIKeyEnv: "", + params.AccessKeyIDEnv: invalidClientID, + params.AccessKeySecretEnv: invalidClientSecret, + params.TenantEnv: invalidTenant, + }) + + defer setEnvVars(originals) + + args := []string{ + "scan", "create", + flag(params.ProjectName), "project", + flag(params.SourcesFlag), "data/insecure.zip", + flag(params.ScanTypes), "iac-security", + flag(params.BranchFlag), "dummy_branch", + flag(params.AstAPIKeyFlag), "invalid_apikey", + } + + err, _ := executeCommand(t, args...) + assert.Error(t, err, "Error validating scan types: Token decoding error: token contains an invalid number of segments") +} + +func TestCreateScan_WithValidClientCredentialsFlag_Success(t *testing.T) { + originals := getOriginalEnvVars() + + setEnvVars(map[string]string{ + params.AstAPIKeyEnv: "", + params.AccessKeyIDEnv: invalidClientID, + params.AccessKeySecretEnv: invalidClientSecret, + params.TenantEnv: invalidTenant, + }) + + defer setEnvVars(originals) + + args := []string{ + "scan", "create", + flag(params.ProjectName), "project", + flag(params.SourcesFlag), "data/insecure.zip", + flag(params.ScanTypes), "iac-security", + flag(params.BranchFlag), "dummy_branch", + flag(params.AccessKeyIDFlag), originals[params.AccessKeyIDEnv], + flag(params.AccessKeySecretFlag), originals[params.AccessKeySecretEnv], + flag(params.TenantFlag), originals[params.TenantEnv], + } + + err, _ := executeCommand(t, args...) + assert.NilError(t, err) +} + +func TestCreateScan_WithInvalidClientCredentialsFlag_Fail(t *testing.T) { + originals := getOriginalEnvVars() + + setEnvVars(map[string]string{ + params.AstAPIKeyEnv: invalidAPIKey, + params.AccessKeyIDEnv: invalidClientID, + params.AccessKeySecretEnv: invalidClientSecret, + params.TenantEnv: invalidTenant, + }) + + defer setEnvVars(originals) + + args := []string{ + "scan", "create", + flag(params.ProjectName), "project", + flag(params.SourcesFlag), "data/insecure.zip", + flag(params.ScanTypes), "iac-security", + flag(params.BranchFlag), "dummy_branch", + flag(params.AccessKeyIDFlag), "invalid_client_ID", + flag(params.AccessKeySecretFlag), "invalid_client_secret", + } + + err, _ := executeCommand(t, args...) + assert.Error(t, err, "Error validating scan types: Token decoding error: token contains an invalid number of segments") +} + +func TestCreateScan_WithValidClientCredentialsEnvVars_Success(t *testing.T) { + originals := getOriginalEnvVars() + + setEnvVars(map[string]string{ + params.AstAPIKeyEnv: "", + }) + + defer setEnvVars(originals) + + args := []string{ + "scan", "create", + flag(params.ProjectName), "project", + flag(params.SourcesFlag), "data/insecure.zip", + flag(params.ScanTypes), "iac-security", + flag(params.BranchFlag), "dummy_branch", + } + + err, _ := executeCommand(t, args...) + assert.NilError(t, err) +} + +func TestCreateScan_WithInvalidClientCredentialsEnvVars_Fail(t *testing.T) { + originals := getOriginalEnvVars() + + setEnvVars(map[string]string{ + params.AstAPIKeyEnv: "", + params.AccessKeyIDEnv: invalidClientID, + params.AccessKeySecretEnv: invalidClientSecret, + params.TenantEnv: invalidTenant, + }) + + defer setEnvVars(originals) + + args := []string{ + "scan", "create", + flag(params.ProjectName), "project", + flag(params.SourcesFlag), "data/insecure.zip", + flag(params.ScanTypes), "iac-security", + flag(params.BranchFlag), "dummy_branch", + } + + err, _ := executeCommand(t, args...) + assert.Error(t, err, "Error validating scan types: 404 Provided Tenant Name is invalid \n") +} + +func getOriginalEnvVars() map[string]string { + return map[string]string{ + params.AstAPIKeyEnv: os.Getenv(params.AstAPIKeyEnv), + params.AccessKeyIDEnv: os.Getenv(params.AccessKeyIDEnv), + params.AccessKeySecretEnv: os.Getenv(params.AccessKeySecretEnv), + params.TenantEnv: os.Getenv(params.TenantEnv), + } +} + +func setEnvVars(envVars map[string]string) { + for key, value := range envVars { + os.Setenv(key, value) + } +} + // Create a scan with an empty project name // Assert the scan fails with correct message func TestScanCreateEmptyProjectName(t *testing.T) { @@ -1316,212 +1526,22 @@ func TestScanListWithFilters(t *testing.T) { assert.NilError(t, err, "") } -func TestCreateScan_WithOnlyValidApikeyFlag_Success(t *testing.T) { - originals := getOriginalEnvVars() - - setEnvVars(map[string]string{ - params.AstAPIKeyEnv: invalidAPIKey, - params.AccessKeyIDEnv: invalidClientID, - params.AccessKeySecretEnv: invalidClientSecret, - params.TenantEnv: invalidTenant, - }) - - defer setEnvVars(originals) - - args := []string{ - "scan", "create", - flag(params.ProjectName), "project", - flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), "iac-security", - flag(params.BranchFlag), "dummy_branch", - flag(params.AstAPIKeyFlag), originals[params.AstAPIKeyEnv], - } - - err, _ := executeCommand(t, args...) - assert.NilError(t, err) -} - -func TestCreateScan_WithOnlyValidApikeyEnvVar_Success(t *testing.T) { - originals := getOriginalEnvVars() - - setEnvVars(map[string]string{ - params.AccessKeyIDEnv: invalidClientID, - params.AccessKeySecretEnv: invalidClientSecret, - params.TenantEnv: invalidTenant, - }) - - defer setEnvVars(originals) - - args := []string{ - "scan", "create", - flag(params.ProjectName), "project", - flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), "iac-security", - flag(params.BranchFlag), "dummy_branch", - } - - err, _ := executeCommand(t, args...) - assert.NilError(t, err) -} - -func TestCreateScan_WithOnlyInvalidApikeyEnvVar_Fail(t *testing.T) { - originals := getOriginalEnvVars() - - setEnvVars(map[string]string{ - params.AstAPIKeyEnv: invalidAPIKey, - params.AccessKeyIDEnv: invalidClientID, - params.AccessKeySecretEnv: invalidClientSecret, - params.TenantEnv: invalidTenant, - }) - - defer setEnvVars(originals) - - args := []string{ - "scan", "create", - flag(params.ProjectName), "project", - flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), "iac-security", - flag(params.BranchFlag), "dummy_branch", - } - - err, _ := executeCommand(t, args...) - assert.Error(t, err, "Error validating scan types: Token decoding error: token contains an invalid number of segments") -} - -func TestCreateScan_WithOnlyInvalidApikeyFlag_Fail(t *testing.T) { - originals := getOriginalEnvVars() - - setEnvVars(map[string]string{ - params.AstAPIKeyEnv: "", - params.AccessKeyIDEnv: invalidClientID, - params.AccessKeySecretEnv: invalidClientSecret, - params.TenantEnv: invalidTenant, - }) - - defer setEnvVars(originals) - - args := []string{ - "scan", "create", - flag(params.ProjectName), "project", - flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), "iac-security", - flag(params.BranchFlag), "dummy_branch", - flag(params.AstAPIKeyFlag), "invalid_apikey", - } - - err, _ := executeCommand(t, args...) - assert.Error(t, err, "Error validating scan types: Token decoding error: token contains an invalid number of segments") -} - -func TestCreateScan_WithValidClientCredentialsFlag_Success(t *testing.T) { - originals := getOriginalEnvVars() - - setEnvVars(map[string]string{ - params.AstAPIKeyEnv: "", - params.AccessKeyIDEnv: invalidClientID, - params.AccessKeySecretEnv: invalidClientSecret, - params.TenantEnv: invalidTenant, - }) - - defer setEnvVars(originals) - - args := []string{ - "scan", "create", - flag(params.ProjectName), "project", - flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), "iac-security", - flag(params.BranchFlag), "dummy_branch", - flag(params.AccessKeyIDFlag), originals[params.AccessKeyIDEnv], - flag(params.AccessKeySecretFlag), originals[params.AccessKeySecretEnv], - flag(params.TenantFlag), originals[params.TenantEnv], - } - - err, _ := executeCommand(t, args...) - assert.NilError(t, err) -} - -func TestCreateScan_WithInvalidClientCredentialsFlag_Fail(t *testing.T) { - originals := getOriginalEnvVars() - - setEnvVars(map[string]string{ - params.AstAPIKeyEnv: invalidAPIKey, - params.AccessKeyIDEnv: invalidClientID, - params.AccessKeySecretEnv: invalidClientSecret, - params.TenantEnv: invalidTenant, - }) - - defer setEnvVars(originals) - +func TestScanListWithBigLimitAndOtherFilters(t *testing.T) { args := []string{ - "scan", "create", - flag(params.ProjectName), "project", - flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), "iac-security", - flag(params.BranchFlag), "dummy_branch", - flag(params.AccessKeyIDFlag), "invalid_client_ID", - flag(params.AccessKeySecretFlag), "invalid_client_secret", - } - - err, _ := executeCommand(t, args...) - assert.Error(t, err, "Error validating scan types: Token decoding error: token contains an invalid number of segments") -} - -func TestCreateScan_WithValidClientCredentialsEnvVars_Success(t *testing.T) { - originals := getOriginalEnvVars() - - setEnvVars(map[string]string{ - params.AstAPIKeyEnv: "", - }) - - defer setEnvVars(originals) - - args := []string{ - "scan", "create", - flag(params.ProjectName), "project", - flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), "iac-security", - flag(params.BranchFlag), "dummy_branch", + "scan", "list", + flag(params.FilterFlag), "limit=10000,project-id=6cd7afbd-3d21-44b9-a72f-8a7eb351b5a5,branch=develop", } err, _ := executeCommand(t, args...) - assert.NilError(t, err) + assert.NilError(t, err, "") } -func TestCreateScan_WithInvalidClientCredentialsEnvVars_Fail(t *testing.T) { - originals := getOriginalEnvVars() - - setEnvVars(map[string]string{ - params.AstAPIKeyEnv: "", - params.AccessKeyIDEnv: invalidClientID, - params.AccessKeySecretEnv: invalidClientSecret, - params.TenantEnv: invalidTenant, - }) - - defer setEnvVars(originals) - +func TestScanListWithBigLimit(t *testing.T) { args := []string{ - "scan", "create", - flag(params.ProjectName), "project", - flag(params.SourcesFlag), "data/insecure.zip", - flag(params.ScanTypes), "iac-security", - flag(params.BranchFlag), "dummy_branch", + "scan", "list", + flag(params.FilterFlag), "limit=10000", } err, _ := executeCommand(t, args...) - assert.Error(t, err, "Error validating scan types: 404 Provided Tenant Name is invalid \n") -} - -func getOriginalEnvVars() map[string]string { - return map[string]string{ - params.AstAPIKeyEnv: os.Getenv(params.AstAPIKeyEnv), - params.AccessKeyIDEnv: os.Getenv(params.AccessKeyIDEnv), - params.AccessKeySecretEnv: os.Getenv(params.AccessKeySecretEnv), - params.TenantEnv: os.Getenv(params.TenantEnv), - } -} - -func setEnvVars(envVars map[string]string) { - for key, value := range envVars { - os.Setenv(key, value) - } + assert.NilError(t, err, "") }