Deleting a copy file of sca.json when scan runnig with ScaResolver (A…

…ST-48074) (#924)

* bug/remove sca temp file when using sca resolver

* fix test

* change function test name and add comments

* Fix test with comments

* pull from main

* Fix lint error in test

---------

Co-authored-by: Or Shamir Checkmarx <93518641+OrShamirCM@users.noreply.github.com>

internal/commands/scan.go

@@ -1362,10 +1362,17 @@ func runScaResolver(sourceDir, scaResolver, scaResolverParams, projectName strin
 func addScaResults(zipWriter *zip.Writer) error {
 	logger.PrintIfVerbose("Included SCA Results: " + ".cxsca-results.json")
 	dat, err := ioutil.ReadFile(scaResolverResultsFile)
+	scaResultsFile := strings.TrimSuffix(scaResolverResultsFile, ".json")
 	_ = os.Remove(scaResolverResultsFile)
 	if err != nil {
 		return err
 	}
+	removeErr := os.Remove(scaResultsFile)
+	if removeErr != nil {
+		log.Printf("Failed to remove file %s: %v", scaResultsFile, removeErr)
+	} else {
+		log.Printf("Successfully removed file %s", scaResultsFile)
+	}
 	f, err := zipWriter.Create(".cxsca-results.json")
 	if err != nil {
 		return err

internal/commands/scan_test.go

@@ -3,7 +3,11 @@
 package commands
 
 import (
+	"archive/zip"
+	"bytes"
 	"fmt"
+	"log"
+	"os"
 	"reflect"
 	"strings"
 	"testing"
@@ -1188,6 +1192,60 @@ func TestValidateContainerImageFormat(t *testing.T) {
 	}
 }
 
+func Test_WhenScaResolverAndResultsFileExist_ThenAddScaResultsShouldRemoveThemAfterAddingToZip(t *testing.T) {
+	// Step 1: Create a temporary file to  simulate the SCA results file and check for errors.
+	tempFile, err := os.CreateTemp("", "sca_results_test")
+	assert.NilError(t, err)
+
+	// Step 2: Schedule deletion of the temporary file after the test completes.
+	defer os.Remove(tempFile.Name())
+
+	// Step 3: Define the path for scaResolverResultsFile, adding ".json" extension.
+	scaResolverResultsFile = tempFile.Name() + ".json"
+
+	// Step 4: Create scaResolverResultsFile on disk to simulate its existence before running addScaResults.
+	_, err = os.Create(scaResolverResultsFile)
+	assert.NilError(t, err, "Expected scaResolverResultsFile to be created")
+
+	// Step 5: Define and create scaResultsFile (without ".json" extension) to simulate another required file.
+	scaResultsFile := strings.TrimSuffix(scaResolverResultsFile, ".json")
+	_, err = os.Create(scaResultsFile)
+	assert.NilError(t, err, "Expected scaResultsFile to be created")
+
+	// Step 6: Set up a buffer to collect the zip file's contents.
+	var buffer bytes.Buffer
+	zipWriter := zip.NewWriter(&buffer)
+
+	// Step 7: Redirect log output to logBuffer to capture logs for validation.
+	var logBuffer bytes.Buffer
+	log.SetOutput(&logBuffer)
+
+	// Step 8 : Ensure log output is reset to standard error after the test completes.
+	defer func() {
+		log.SetOutput(os.Stderr)
+	}()
+
+	// Step 9: Call addScaResults, which should add results to the zipWriter and delete temporary files.
+	err = addScaResults(zipWriter)
+	assert.NilError(t, err)
+
+	// Step 10: Close the zip writer to complete the writing process.
+	zipWriter.Close()
+
+	// Step 11: Check if scaResolverResultsFile was successfully deleted after addScaResults ran.
+	_, err = os.Stat(scaResolverResultsFile)
+	assert.Assert(t, os.IsNotExist(err), "Expected scaResolverResultsFile to be deleted")
+
+	// Step 12: Check if scaResultsFile was successfully deleted as well.
+	_, err = os.Stat(scaResultsFile)
+	assert.Assert(t, os.IsNotExist(err), "Expected scaResultsFile to be deleted")
+
+	// Step 13: Validate log output to confirm the success message for file removal is present.
+	logOutput := logBuffer.String()
+	t.Logf("Log output:\n%s", logOutput)
+	assert.Assert(t, strings.Contains(logOutput, "Successfully removed file"), "Expected success log for file removal")
+}
+
 func TestFilterMatched(t *testing.T) {
 	tests := []struct {
 		name     string