Project Application association Issue - Workaround - AST-40286

go.sum

@@ -85,6 +85,7 @@ golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
 golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k=
+golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
 golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=

internal/commands/groups.go

@@ -74,7 +74,7 @@ func getGroupIds(groups []*wrappers.Group) []string {
 	return groupIds
 }
 
-func assignGroupsToProject(projectID string, projectName string, groups []*wrappers.Group,
+func assignGroupsToProjectNewAccessManagement(projectID string, projectName string, groups []*wrappers.Group,
 	accessManagement wrappers.AccessManagementWrapper) error {
 	if !wrappers.FeatureFlags[accessManagementEnabled] {
 		return nil

internal/commands/project.go

@@ -22,18 +22,18 @@ import (
 )
 
 const (
-	failedCreatingProj = "Failed creating a project"
-	failedUpdatingProj = "Failed updating a project"
-
-	failedGettingProj     = "Failed getting a project"
-	failedDeletingProj    = "Failed deleting a project"
-	failedGettingBranches = "Failed getting branches for project"
-	failedFindingGroup    = "Failed finding groups"
-	projOriginLevel       = "Project"
-	repoConfKey           = "scan.handler.git.repository"
-	sshConfKey            = "scan.handler.git.sshKey"
-	mandatoryRepoURLError = "flag --repo-url is mandatory when --ssh-key is provided"
-	invalidRepoURL        = "provided repository url doesn't need a key. Make sure you are defining the right repository or remove the flag --ssh-key"
+	failedCreatingProj                  = "Failed creating a project"
+	failedUpdatingProj                  = "Failed updating a project"
+	failedProjectApplicationAssociation = "Failed association project to application"
+	failedGettingProj                   = "Failed getting a project"
+	failedDeletingProj                  = "Failed deleting a project"
+	failedGettingBranches               = "Failed getting branches for project"
+	failedFindingGroup                  = "Failed finding groups"
+	projOriginLevel                     = "Project"
+	repoConfKey                         = "scan.handler.git.repository"
+	sshConfKey                          = "scan.handler.git.sshKey"
+	mandatoryRepoURLError               = "flag --repo-url is mandatory when --ssh-key is provided"
+	invalidRepoURL                      = "provided repository url doesn't need a key. Make sure you are defining the right repository or remove the flag --ssh-key"
 )
 
 var (
@@ -291,7 +291,7 @@ func runCreateProjectCommand(
 				return errors.Wrapf(err, "%s", failedCreatingProj)
 			}
 		}
-		err = assignGroupsToProject(projResponseModel.ID, projResponseModel.Name, groups, accessManagementWrapper)
+		err = assignGroupsToProjectNewAccessManagement(projResponseModel.ID, projResponseModel.Name, groups, accessManagementWrapper)
 		if err != nil {
 			return err
 		}

internal/commands/scan.go

@@ -14,6 +14,7 @@ import (
 	"path"
 	"path/filepath"
 	"reflect"
+	"slices"
 	"strconv"
 	"strings"
 	"time"
@@ -603,6 +604,7 @@ func findProject(
 	projectsWrapper wrappers.ProjectsWrapper,
 	groupsWrapper wrappers.GroupsWrapper,
 	accessManagementWrapper wrappers.AccessManagementWrapper,
+	applicationWrapper wrappers.ApplicationsWrapper,
 ) (string, error) {
 	params := make(map[string]string)
 	params["names"] = projectName
@@ -613,10 +615,10 @@ func findProject(
 
 	for i := 0; i < len(resp.Projects); i++ {
 		if resp.Projects[i].Name == projectName {
-			return updateProject(resp, cmd, projectsWrapper, groupsWrapper, accessManagementWrapper, projectName, applicationID)
+			return updateProject(resp, cmd, projectsWrapper, groupsWrapper, accessManagementWrapper, applicationWrapper, projectName, applicationID)
 		}
 	}
-	projectID, err := createProject(projectName, cmd, projectsWrapper, groupsWrapper, accessManagementWrapper, applicationID)
+	projectID, err := createProject(projectName, cmd, projectsWrapper, groupsWrapper, accessManagementWrapper, applicationWrapper, applicationID)
 	if err != nil {
 		return "", err
 	}
@@ -629,18 +631,15 @@ func createProject(
 	projectsWrapper wrappers.ProjectsWrapper,
 	groupsWrapper wrappers.GroupsWrapper,
 	accessManagementWrapper wrappers.AccessManagementWrapper,
+	applicationsWrapper wrappers.ApplicationsWrapper,
 	applicationID []string,
 ) (string, error) {
 	projectGroups, _ := cmd.Flags().GetString(commonParams.ProjectGroupList)
 	projectTags, _ := cmd.Flags().GetString(commonParams.ProjectTagList)
 	projectPrivatePackage, _ := cmd.Flags().GetString(commonParams.ProjecPrivatePackageFlag)
-	groupsMap, err := createGroupsMap(projectGroups, groupsWrapper)
-	if err != nil {
-		return "", err
-	}
+
 	var projModel = wrappers.Project{}
 	projModel.Name = projectName
-	projModel.Groups = getGroupsForRequest(groupsMap)
 	projModel.ApplicationIds = applicationID
 
 	if projectPrivatePackage != "" {
@@ -654,17 +653,54 @@ func createProject(
 	}
 	if err == nil {
 		projectID = resp.ID
-		err = assignGroupsToProject(projectID, projectName, groupsMap, accessManagementWrapper)
+
+		if len(applicationID) > 0 {
+			err = verifyApplicationAssociationDone(applicationID, projectID, applicationsWrapper)
+			if err != nil {
+				return projectID, err
+			}
+		}
+
+		if projectGroups != "" {
+			err = UpsertProjectGroups(groupsWrapper, &projModel, projectsWrapper, accessManagementWrapper, nil, projectGroups, projectID, projectName)
+			if err != nil {
+				return projectID, err
+			}
+		}
 	}
 	return projectID, err
 }
 
+func verifyApplicationAssociationDone(applicationID []string, projectID string, applicationsWrapper wrappers.ApplicationsWrapper) error {
+	var applicationRes *wrappers.ApplicationsResponseModel
+	var err error
+	params := make(map[string]string)
+	params["id"] = applicationID[0]
+
+	logger.PrintIfVerbose("polling application until project association done or timeout of 2 min")
+	start := time.Now()
+	timeout := 2 * time.Minute
+	for applicationRes != nil && len(applicationRes.Applications) > 0 &&
+		!slices.Contains(applicationRes.Applications[0].ProjectIds, projectID) {
+		applicationRes, err = applicationsWrapper.Get(params)
+		if err != nil {
+			return err
+		} else if time.Since(start) < timeout {
+			return errors.Errorf("%s: %v", failedProjectApplicationAssociation, "timeout of 2 min for association")
+		}
+	}
+
+	logger.PrintIfVerbose("application association done successfully")
+	return nil
+}
+
 func updateProject(
 	resp *wrappers.ProjectsCollectionResponseModel,
 	cmd *cobra.Command,
 	projectsWrapper wrappers.ProjectsWrapper,
 	groupsWrapper wrappers.GroupsWrapper,
 	accessManagementWrapper wrappers.AccessManagementWrapper,
+	applicationsWrapper wrappers.ApplicationsWrapper,
 	projectName string,
 	applicationID []string,
 
@@ -703,18 +739,7 @@ func updateProject(
 	projModel.Groups = projModelResp.Groups
 	projModel.Tags = projModelResp.Tags
 	projModel.ApplicationIds = projModelResp.ApplicationIds
-	if projectGroups != "" {
-		groupsMap, groupErr := createGroupsMap(projectGroups, groupsWrapper)
-		if groupErr != nil {
-			return "", errors.Errorf("%s: %v", failedUpdatingProj, groupErr)
-		}
-		logger.PrintIfVerbose("Updating project groups")
-		projModel.Groups = getGroupsForRequest(groupsMap)
-		err = assignGroupsToProject(projectID, projectName, groupsMap, accessManagementWrapper)
-		if err != nil {
-			return "", err
-		}
-	}
+
 	if projectTags != "" {
 		logger.PrintIfVerbose("Updating project tags")
 		projModel.Tags = createTagMap(projectTags)
@@ -727,9 +752,50 @@ func updateProject(
 	if err != nil {
 		return "", errors.Errorf("%s: %v", failedUpdatingProj, err)
 	}
+
+	if len(applicationID) > 0 {
+		err = verifyApplicationAssociationDone(applicationID, projectID, applicationsWrapper)
+		if err != nil {
+			return projectID, err
+		}
+	}
+
+	if projectGroups != "" {
+		err = UpsertProjectGroups(groupsWrapper, &projModel, projectsWrapper, accessManagementWrapper, projModelResp, projectGroups, projectID, projectName)
+		if err != nil {
+			return projectID, err
+		}
+	}
 	return projectID, nil
 }
 
+func UpsertProjectGroups(groupsWrapper wrappers.GroupsWrapper, projModel *wrappers.Project, projectsWrapper wrappers.ProjectsWrapper,
+	accessManagementWrapper wrappers.AccessManagementWrapper, projModelResp *wrappers.ProjectResponseModel,
+	projectGroups string, projectID string, projectName string) error {
+	groupsMap, groupErr := createGroupsMap(projectGroups, groupsWrapper)
+	if groupErr != nil {
+		return errors.Errorf("%s: %v", failedUpdatingProj, groupErr)
+	}
+
+	projModel.Groups = getGroupsForRequest(groupsMap)
+	if projModelResp != nil {
+		groups := append(getGroupsForRequest(groupsMap), projModelResp.Groups...)
+		projModel.Groups = groups
+	}
+
+	err := assignGroupsToProjectNewAccessManagement(projectID, projectName, groupsMap, accessManagementWrapper)
+	if err != nil {
+		return err
+	}
+
+	logger.PrintIfVerbose("Updating project groups")
+	err = projectsWrapper.Update(projectID, projModel)
+	if err != nil {
+		return errors.Errorf("%s: %v", failedUpdatingProj, err)
+	}
+	return nil
+}
+
 func createApplicationIds(applicationID, existingApplicationIds []string) []string {
 	for _, id := range applicationID {
 		if !util.Contains(existingApplicationIds, id) {
@@ -828,6 +894,7 @@ func setupScanTypeProjectAndConfig(
 		projectsWrapper,
 		groupsWrapper,
 		accessManagementWrapper,
+		applicationsWrapper,
 	)
 	if findProjectErr != nil {
 		return findProjectErr

internal/commands/scan_test.go

@@ -282,9 +282,9 @@ func TestCreateScanBranches(t *testing.T) {
 func TestCreateScanWithProjectGroup(t *testing.T) {
 	err := execCmdNotNilAssertion(
 		t,
-		"scan", "create", "--project-name", "invalidGroup", "-s", ".", "--project-groups", "invalidGroup",
+		"scan", "create", "--project-name", "invalidGroup", "-s", ".", "--branch", "main", "--project-groups", "invalidGroup",
 	)
-	assert.Assert(t, err.Error() == "Failed finding groups: [invalidGroup]", "\n the received error is:", err.Error())
+	assert.Assert(t, err.Error() == "Failed updating a project: Failed finding groups: [invalidGroup]", "\n the received error is:", err.Error())
 }
 
 func TestScanWorkflowMissingID(t *testing.T) {