Skip to content

Make containers scan by default on cloud (AST-84506) #1029

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 50 commits into
base: main
Choose a base branch
from
Open

Make containers scan by default on cloud (AST-84506) #1029

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
50 commits
Select commit Hold shift + click to select a range
efeaa27
Remove ContainersEngineCLIEnabled Flag
cx-alex-cohen Jan 29, 2025
3f1361a
Remove ContainersEngineCLIEnabled Flag
cx-alex-cohen Jan 29, 2025
51b3e2c
Remove ContainersEngineCLIEnabled Flag
cx-alex-cohen Jan 29, 2025
01b2f6d
Handling Tar and starting cloud flow
cx-alex-cohen Jan 30, 2025
23bfa96
Fix containers resolver temp folder cleanup
cx-alex-cohen Jan 30, 2025
3d04367
Fix containers resolver temp folder cleanup
cx-alex-cohen Feb 3, 2025
8639152
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Feb 3, 2025
bdfbf30
Fix containers resolver temp folder cleanup
cx-alex-cohen Feb 3, 2025
589a60d
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Feb 4, 2025
2c27185
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Feb 5, 2025
9ab4152
Update Container-Resolver
cx-alex-cohen Feb 5, 2025
4956b0e
Fix local resolve condition handling
cx-alex-cohen Feb 5, 2025
1998a8f
fix unitest
cx-alex-cohen Feb 5, 2025
14c2c8d
fix unitest
cx-alex-cohen Feb 5, 2025
89f1cbd
fix unitest
cx-alex-cohen Feb 6, 2025
52b5807
fix unitest
cx-alex-cohen Feb 6, 2025
5d9d983
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Feb 6, 2025
5e3fade
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Feb 10, 2025
f298715
fix unitest
cx-alex-cohen Feb 10, 2025
6118644
fix unitest
cx-alex-cohen Feb 10, 2025
530ff4d
fix unitest
cx-alex-cohen Feb 10, 2025
f5e1f9e
fix unitest
cx-alex-cohen Feb 11, 2025
99b2e2c
add path validation for tar files
cx-alex-cohen Feb 11, 2025
072eef7
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Feb 11, 2025
748e6a3
fix
cx-alex-cohen Feb 11, 2025
9c1cd46
fix
cx-alex-cohen Feb 11, 2025
b36d547
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Feb 12, 2025
7feb0c7
Add tests
cx-alex-cohen Feb 12, 2025
f63f08f
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Feb 12, 2025
f5514d7
Merge branch 'main' into feature/alex-containers-default-cloud
cx-ben-alvo Feb 13, 2025
2b5830c
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Feb 13, 2025
0dc7602
Fix Code Review
cx-alex-cohen Feb 13, 2025
5ada6b5
Fix Code Review
cx-alex-cohen Feb 17, 2025
077963a
Merge branch 'main' into feature/alex-containers-default-cloud
cx-ben-alvo Feb 17, 2025
62a25d7
rename the flag
cx-alex-cohen Feb 18, 2025
89dbaef
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Feb 25, 2025
7fc1be7
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Mar 3, 2025
9d1cf00
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Mar 26, 2025
9c0bbbe
fix merge issues
cx-alex-cohen Mar 26, 2025
f5e3eb3
update resolver
cx-alex-cohen Mar 26, 2025
1868604
Merge branch 'main' into feature/alex-containers-default-cloud
cx-alex-cohen Mar 28, 2025
907f714
zip file done
cx-dmitri-rivin Apr 23, 2025
0ee032d
code done
cx-dmitri-rivin May 22, 2025
5176670
merge with main
cx-dmitri-rivin May 22, 2025
1d48604
fix for UserCustomImages
cx-dmitri-rivin May 22, 2025
a21ce6a
test for images added
cx-dmitri-rivin May 22, 2025
f75f39c
Merge branch 'main' into feature/alex-containers-default-cloud
cx-dmitri-rivin May 22, 2025
622bc50
Merge remote-tracking branch 'origin/feature/alex-containers-default-…
cx-dmitri-rivin May 22, 2025
7275638
test for images added
cx-dmitri-rivin May 22, 2025
a971c9b
test log fix
cx-dmitri-rivin May 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 3 additions & 5 deletions internal/commands/result.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1111,10 +1111,8 @@ func setIsSCSEnabled(featureFlagsWrapper wrappers.FeatureFlagsWrapper) {
wrappers.IsSCSEnabled = scsEngineCLIEnabled.Status
}

func setIsContainersEnabled(agent string, featureFlagsWrapper wrappers.FeatureFlagsWrapper) {
agentSupported := !containsIgnoreCase(containerEngineUnsupportedAgents, agent)
containerEngineCLIEnabled, _ := wrappers.GetSpecificFeatureFlag(featureFlagsWrapper, wrappers.ContainerEngineCLIEnabled)
wrappers.IsContainersEnabled = containerEngineCLIEnabled.Status && agentSupported
func setIsContainersEnabled(agent string) {
wrappers.IsContainersEnabled = !containsIgnoreCase(containerEngineUnsupportedAgents, agent)
}

func filterResultsByType(results *wrappers.ScanResultsCollection, excludedTypes map[string]struct{}) *wrappers.ScanResultsCollection {
Expand Down Expand Up @@ -1173,7 +1171,7 @@ func CreateScanReport(
reportList := strings.Split(reportTypes, ",")
results := &wrappers.ScanResultsCollection{}
setIsSCSEnabled(featureFlagsWrapper)
setIsContainersEnabled(agent, featureFlagsWrapper)
setIsContainersEnabled(agent)
summary, err := convertScanToResultsSummary(scan, resultsWrapper)
if err != nil {
return nil, err
Expand Down
60 changes: 19 additions & 41 deletions internal/commands/result_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -312,7 +312,6 @@ func TestRunGetResultsByScanIdSarifFormat(t *testing.T) {
}
func TestRunGetResultsByScanIdSarifFormatWithContainers(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "sarif")
// Remove generated sarif file
removeFileBySuffix(t, printer.FormatSarif)
Expand All @@ -334,7 +333,6 @@ func TestRunGetResultsByScanIdSonarFormat(t *testing.T) {

func TestRunGetResultsByScanIdSonarFormatWithContainers(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "sonar")
// Remove generated sonar file
removeFile(t, fileName+"_"+printer.FormatSonar, printer.FormatJSON)
Expand Down Expand Up @@ -367,7 +365,6 @@ func TestDecodeHTMLEntitiesInResults(t *testing.T) {

func TestRunGetResultsByScanIdJsonFormatWithContainers(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "json")

// Remove generated json file
Expand All @@ -390,7 +387,6 @@ func TestRunGetResultsByScanIdSummaryJsonFormat(t *testing.T) {

func TestRunGetResultsByScanIdSummaryJsonFormatWithContainers(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "summaryJSON")

// Remove generated json file
Expand All @@ -406,7 +402,6 @@ func TestRunGetResultsByScanIdSummaryHtmlFormat(t *testing.T) {

func TestRunGetResultsByScanIdSummaryHtmlFormatWithContainers(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "summaryHTML")

// Remove generated html file
Expand All @@ -425,13 +420,11 @@ func TestRunGetResultsByScanIdSummaryMarkdownFormatWithContainers(t *testing.T)

func TestRunGetResultsByScanIdSummaryConsoleFormatWithContainers(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "summaryConsole")
}

func TestRunGetResultsByScanIdSummaryMarkdownFormat(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "markdown")
// Remove generated md file
removeFileBySuffix(t, "md")
Expand Down Expand Up @@ -480,7 +473,6 @@ func TestRunGetResultsByScanIdPDFFormat(t *testing.T) {

func TestRunGetResultsByScanIdPDFFormatWithContainers(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "pdf")
_, err := os.Stat(fmt.Sprintf("%s.%s", fileName, printer.FormatPDF))
assert.NilError(t, err, "Report file should exist for extension "+printer.FormatPDF)
Expand Down Expand Up @@ -759,7 +751,6 @@ func TestSBOMReportXML(t *testing.T) {

func TestSBOMReportJsonWithContainers(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "sbom")
_, err := os.Stat(fmt.Sprintf("%s.%s", fileName+"_"+printer.FormatSbom, printer.FormatJSON))
assert.NilError(t, err, "Report file should exist for extension "+printer.FormatJSON)
Expand All @@ -769,7 +760,6 @@ func TestSBOMReportJsonWithContainers(t *testing.T) {

func TestSBOMReportXMLWithContainers(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "sbom", "--report-sbom-format", "CycloneDxXml")
_, err := os.Stat(fmt.Sprintf("%s.%s", fileName+"_"+printer.FormatSbom, printer.FormatXML))
assert.NilError(t, err, "Report file should exist for extension "+printer.FormatXML)
Expand All @@ -782,26 +772,17 @@ func TestRunGetResultsByScanIdGLFormat(t *testing.T) {
// Run test for gl-sast report type
os.Remove(fmt.Sprintf("%s.%s", fileName, printer.FormatGLSast))
}

func TestRunResultsShow_ContainersFFIsOn_includeContainersResult(t *testing.T) {
clearFlags()
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "json")
assertTypePresentJSON(t, params.ContainersType, 1)
// Remove generated json file
removeFileBySuffix(t, printer.FormatJSON)
}
func TestRunResultsShow_ContainersFFIsOff_excludeContainersResult(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: false}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "json")
assertTypePresentJSON(t, params.ContainersType, 0)
// Remove generated json file
removeFileBySuffix(t, printer.FormatJSON)
}

func TestRunResultsShow_jetbrainsIsNotSupported_excludeContainersResult(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "json", "--agent", "jetbrains")
assertTypePresentJSON(t, params.ContainersType, 0)
// Remove generated json file
Expand All @@ -810,7 +791,6 @@ func TestRunResultsShow_jetbrainsIsNotSupported_excludeContainersResult(t *testi

func TestRunResultsShow_EclipseIsNotSupported_excludeContainersResult(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "json", "--agent", "Eclipse")
assertTypePresentJSON(t, params.ContainersType, 0)
// Remove generated json file
Expand All @@ -819,7 +799,6 @@ func TestRunResultsShow_EclipseIsNotSupported_excludeContainersResult(t *testing

func TestRunResultsShow_VsCodeIsNotSupported_excludeContainersResult(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "json", "--agent", "vs code")
assertTypePresentJSON(t, params.ContainersType, 0)
// Remove generated json file
Expand All @@ -828,7 +807,6 @@ func TestRunResultsShow_VsCodeIsNotSupported_excludeContainersResult(t *testing.

func TestRunResultsShow_VisualStudioIsNotSupported_excludeContainersResult(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: true}
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "json", "--agent", "Visual Studio")
assertTypePresentJSON(t, params.ContainersType, 0)
// Remove generated json file
Expand Down Expand Up @@ -952,11 +930,7 @@ func assertResultsPresentSummaryJSON(t *testing.T, isResultsEnabled bool, scanTy
assert.Assert(t, false, "%s result summary should be present", scanType)
}
}
func TestRunGetResultsShow_ContainersFFOffAndResultsHasContainersResultsOnly_NilAssertion(t *testing.T) {
clearFlags()
mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.ContainerEngineCLIEnabled, Status: false}
execCmdNilAssertion(t, "results", "show", "--scan-id", "CONTAINERS_ONLY", "--report-format", "summaryConsole")
}

func TestRunGetResultsByScanIdGLSastAndAScaFormat(t *testing.T) {
execCmdNilAssertion(t, "results", "show", "--scan-id", "MOCK", "--report-format", "gl-sast,gl-sca")
// Run test for gl-sast report type
Expand Down Expand Up @@ -1215,7 +1189,7 @@ func TestGetResultsSummaryConsoleFormatWithCriticalDisabled(t *testing.T) {
stdoutString := buffer.String()
fmt.Print(stdoutString)

totalSummary := "| TOTAL N/A 5 1 1 0 Completed |"
totalSummary := "| TOTAL N/A 5 2 1 0 Completed |"
assert.Equal(t, strings.Contains(stdoutString, totalSummary), true,
"Expected Total summary without critical:"+totalSummary)

Expand All @@ -1234,7 +1208,7 @@ func Test_enhanceWithScanSummary(t *testing.T) {
name: "scan summary with no vulnerabilities",
summary: createEmptyResultSummary(),
results: &wrappers.ScanResultsCollection{
Results: nil,
Results: []*wrappers.ScanResult{},
TotalCount: 0,
ScanID: "MOCK",
},
Expand All @@ -1252,17 +1226,21 @@ func Test_enhanceWithScanSummary(t *testing.T) {
}

func createEmptyResultSummary() *wrappers.ResultSummary {
var containersIssues = new(int)
*containersIssues = 0

return &wrappers.ResultSummary{
TotalIssues: 0,
CriticalIssues: 0,
HighIssues: 0,
MediumIssues: 0,
LowIssues: 0,
InfoIssues: 0,
SastIssues: 0,
ScaIssues: 0,
KicsIssues: 0,
SCSOverview: &wrappers.SCSOverview{},
TotalIssues: 0,
CriticalIssues: 0,
HighIssues: 0,
MediumIssues: 0,
LowIssues: 0,
InfoIssues: 0,
SastIssues: 0,
ScaIssues: 0,
KicsIssues: 0,
ContainersIssues: containersIssues,
SCSOverview: &wrappers.SCSOverview{},
APISecurity: wrappers.APISecResult{
APICount: 0,
TotalRisksCount: 0,
Expand Down
Loading
Loading