From d8e30697359e734766bc8fc624707102fa1e3803 Mon Sep 17 00:00:00 2001 From: ItayPaz <143506741+Korjen97@users.noreply.github.com> Date: Tue, 12 Nov 2024 15:26:55 +0200 Subject: [PATCH] Deleting a copy file of sca.json when scan runnig with ScaResolver (AST-48074) (#924) * bug/remove sca temp file when using sca resolver * fix test * change function test name and add comments * Fix test with comments * pull from main * Fix lint error in test --------- Co-authored-by: Or Shamir Checkmarx <93518641+OrShamirCM@users.noreply.github.com> --- internal/commands/scan.go | 7 ++++ internal/commands/scan_test.go | 58 ++++++++++++++++++++++++++++++++++ 2 files changed, 65 insertions(+) diff --git a/internal/commands/scan.go b/internal/commands/scan.go index 5fcb6c4be..d5b8c29f8 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -1362,10 +1362,17 @@ func runScaResolver(sourceDir, scaResolver, scaResolverParams, projectName strin func addScaResults(zipWriter *zip.Writer) error { logger.PrintIfVerbose("Included SCA Results: " + ".cxsca-results.json") dat, err := ioutil.ReadFile(scaResolverResultsFile) + scaResultsFile := strings.TrimSuffix(scaResolverResultsFile, ".json") _ = os.Remove(scaResolverResultsFile) if err != nil { return err } + removeErr := os.Remove(scaResultsFile) + if removeErr != nil { + log.Printf("Failed to remove file %s: %v", scaResultsFile, removeErr) + } else { + log.Printf("Successfully removed file %s", scaResultsFile) + } f, err := zipWriter.Create(".cxsca-results.json") if err != nil { return err diff --git a/internal/commands/scan_test.go b/internal/commands/scan_test.go index c752dfec7..6186bccf8 100644 --- a/internal/commands/scan_test.go +++ b/internal/commands/scan_test.go @@ -3,7 +3,11 @@ package commands import ( + "archive/zip" + "bytes" "fmt" + "log" + "os" "reflect" "strings" "testing" @@ -1188,6 +1192,60 @@ func TestValidateContainerImageFormat(t *testing.T) { } } +func Test_WhenScaResolverAndResultsFileExist_ThenAddScaResultsShouldRemoveThemAfterAddingToZip(t *testing.T) { + // Step 1: Create a temporary file to simulate the SCA results file and check for errors. + tempFile, err := os.CreateTemp("", "sca_results_test") + assert.NilError(t, err) + + // Step 2: Schedule deletion of the temporary file after the test completes. + defer os.Remove(tempFile.Name()) + + // Step 3: Define the path for scaResolverResultsFile, adding ".json" extension. + scaResolverResultsFile = tempFile.Name() + ".json" + + // Step 4: Create scaResolverResultsFile on disk to simulate its existence before running addScaResults. + _, err = os.Create(scaResolverResultsFile) + assert.NilError(t, err, "Expected scaResolverResultsFile to be created") + + // Step 5: Define and create scaResultsFile (without ".json" extension) to simulate another required file. + scaResultsFile := strings.TrimSuffix(scaResolverResultsFile, ".json") + _, err = os.Create(scaResultsFile) + assert.NilError(t, err, "Expected scaResultsFile to be created") + + // Step 6: Set up a buffer to collect the zip file's contents. + var buffer bytes.Buffer + zipWriter := zip.NewWriter(&buffer) + + // Step 7: Redirect log output to logBuffer to capture logs for validation. + var logBuffer bytes.Buffer + log.SetOutput(&logBuffer) + + // Step 8 : Ensure log output is reset to standard error after the test completes. + defer func() { + log.SetOutput(os.Stderr) + }() + + // Step 9: Call addScaResults, which should add results to the zipWriter and delete temporary files. + err = addScaResults(zipWriter) + assert.NilError(t, err) + + // Step 10: Close the zip writer to complete the writing process. + zipWriter.Close() + + // Step 11: Check if scaResolverResultsFile was successfully deleted after addScaResults ran. + _, err = os.Stat(scaResolverResultsFile) + assert.Assert(t, os.IsNotExist(err), "Expected scaResolverResultsFile to be deleted") + + // Step 12: Check if scaResultsFile was successfully deleted as well. + _, err = os.Stat(scaResultsFile) + assert.Assert(t, os.IsNotExist(err), "Expected scaResultsFile to be deleted") + + // Step 13: Validate log output to confirm the success message for file removal is present. + logOutput := logBuffer.String() + t.Logf("Log output:\n%s", logOutput) + assert.Assert(t, strings.Contains(logOutput, "Successfully removed file"), "Expected success log for file removal") +} + func TestFilterMatched(t *testing.T) { tests := []struct { name string