CLI | Improve Performance In Results Show Command (AST-70015) (#928)

* added policy skip when agent is from plugin.
remove second call to export service in calculating threshold

* return nil, error when err is not nil

* rcreate policy-management service

* added tests

* fix lint

* fix lint

---------

Co-authored-by: AlvoBen <alvo@post.bgu.ac.il>
Co-authored-by: Or Shamir Checkmarx <93518641+OrShamirCM@users.noreply.github.com>

internal/commands/result.go

@@ -16,7 +16,6 @@ import (
 	"time"
 
 	"github.com/MakeNowJust/heredoc"
-	"github.com/checkmarx/ast-cli/internal/commands/policymanagement"
 	"github.com/checkmarx/ast-cli/internal/commands/util"
 	"github.com/checkmarx/ast-cli/internal/commands/util/printer"
 	errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors"
@@ -113,62 +112,64 @@ const (
 	noFileForScorecardResultString          = "Issue Found in your GitHub repository"
 )
 
-var summaryFormats = []string{
-	printer.FormatSummaryConsole,
-	printer.FormatSummary,
-	printer.FormatSummaryJSON,
-	printer.FormatPDF,
-	printer.FormatSummaryMarkdown,
-	printer.FormatSbom,
-	printer.FormatGLSast,
-	printer.FormatGLSca,
-}
-
-var filterResultsListFlagUsage = fmt.Sprintf(
-	"Filter the list of results. Use ';' as the delimiter for arrays. Available filters are: %s",
-	strings.Join(
-		[]string{
-			commonParams.ScanIDQueryParam,
-			commonParams.LimitQueryParam,
-			commonParams.OffsetQueryParam,
-			commonParams.SortQueryParam,
-			commonParams.IncludeNodesQueryParam,
-			commonParams.NodeIDsQueryParam,
-			commonParams.QueryQueryParam,
-			commonParams.GroupQueryParam,
-			commonParams.StatusQueryParam,
-			commonParams.SeverityQueryParam,
-			commonParams.StateQueryParam,
-		}, ",",
-	),
-)
+var (
+	summaryFormats = []string{
+		printer.FormatSummaryConsole,
+		printer.FormatSummary,
+		printer.FormatSummaryJSON,
+		printer.FormatPDF,
+		printer.FormatSummaryMarkdown,
+		printer.FormatSbom,
+		printer.FormatGLSast,
+		printer.FormatGLSca,
+	}
 
-// Follows: over 9.0 is critical, 7.0 to 8.9 is high, 4.0 to 6.9 is medium and 3.9 or less is low.
-var securities = map[string]string{
-	infoCx:     "1.0",
-	lowCx:      "2.0",
-	mediumCx:   "4.0",
-	highCx:     "7.0",
-	criticalCx: "9.0",
-}
+	filterResultsListFlagUsage = fmt.Sprintf(
+		"Filter the list of results. Use ';' as the delimiter for arrays. Available filters are: %s",
+		strings.Join(
+			[]string{
+				commonParams.ScanIDQueryParam,
+				commonParams.LimitQueryParam,
+				commonParams.OffsetQueryParam,
+				commonParams.SortQueryParam,
+				commonParams.IncludeNodesQueryParam,
+				commonParams.NodeIDsQueryParam,
+				commonParams.QueryQueryParam,
+				commonParams.GroupQueryParam,
+				commonParams.StatusQueryParam,
+				commonParams.SeverityQueryParam,
+				commonParams.StateQueryParam,
+			}, ",",
+		),
+	)
 
-// Match cx severity with sonar severity
-var sonarSeverities = map[string]string{
-	infoCx:     infoSonar,
-	lowCx:      lowSonar,
-	mediumCx:   mediumSonar,
-	highCx:     highSonar,
-	criticalCx: criticalSonar,
-}
+	// Follows: over 9.0 is critical, 7.0 to 8.9 is high, 4.0 to 6.9 is medium and 3.9 or less is low.
+	securities = map[string]string{
+		infoCx:     "1.0",
+		lowCx:      "2.0",
+		mediumCx:   "4.0",
+		highCx:     "7.0",
+		criticalCx: "9.0",
+	}
 
-var containerEngineUnsupportedAgents = []string{
-	commonParams.JetbrainsAgent, commonParams.VSCodeAgent, commonParams.VisualStudioAgent, commonParams.EclipseAgent,
-}
+	// Match cx severity with sonar severity
+	sonarSeverities = map[string]string{
+		infoCx:     infoSonar,
+		lowCx:      lowSonar,
+		mediumCx:   mediumSonar,
+		highCx:     highSonar,
+		criticalCx: criticalSonar,
+	}
 
-var sscsEngineToOverviewEngineMap = map[string]string{
-	commonParams.SCSScorecardType:       commonParams.SCSScorecardOverviewType,
-	commonParams.SCSSecretDetectionType: commonParams.SCSSecretDetectionOverviewType,
-}
+	containerEngineUnsupportedAgents = []string{
+		commonParams.JetbrainsAgent, commonParams.VSCodeAgent, commonParams.VisualStudioAgent, commonParams.EclipseAgent,
+	}
+
+	sscsEngineToOverviewEngineMap = map[string]string{
+		commonParams.SCSScorecardType:       commonParams.SCSScorecardOverviewType,
+		commonParams.SCSSecretDetectionType: commonParams.SCSSecretDetectionOverviewType,
+	}
+)
 
 func NewResultsCommand(
 	resultsWrapper wrappers.ResultsWrapper,
@@ -959,6 +960,9 @@ func runGetResultCommand(
 		sastRedundancy, _ := cmd.Flags().GetBool(commonParams.SastRedundancyFlag)
 		agent, _ := cmd.Flags().GetString(commonParams.AgentFlag)
 		scaHideDevAndTestDep, _ := cmd.Flags().GetBool(commonParams.ScaHideDevAndTestDepFlag)
+		ignorePolicy, _ := cmd.Flags().GetBool(commonParams.IgnorePolicyFlag)
+		waitDelay, _ := cmd.Flags().GetInt(commonParams.WaitDelayFlag)
+		policyTimeout, _ := cmd.Flags().GetInt(commonParams.PolicyTimeoutFlag)
 
 		scanID, _ := cmd.Flags().GetString(commonParams.ScanIDFlag)
 		if scanID == "" {
@@ -982,42 +986,19 @@ func runGetResultCommand(
 			return errors.Errorf("%s: CODE: %d, %s", failedGettingScan, errorModel.Code, errorModel.Message)
 		}
 
-		policyResponseModel := &wrappers.PolicyResponseModel{}
-		policyOverrideFlag, _ := cmd.Flags().GetBool(commonParams.IgnorePolicyFlag)
-		waitDelay, _ := cmd.Flags().GetInt(commonParams.WaitDelayFlag)
-		if !policyOverrideFlag {
-			policyTimeout, _ := cmd.Flags().GetInt(commonParams.PolicyTimeoutFlag)
-			if policyTimeout < 0 {
-				return errors.Errorf("--%s should be equal or higher than 0", commonParams.PolicyTimeoutFlag)
-			}
-			policyResponseModel, err = policymanagement.HandlePolicyWait(waitDelay, policyTimeout, policyWrapper, scan.ID, scan.ProjectID, cmd)
-			if err != nil {
-				return err
-			}
-		} else {
-			logger.PrintIfVerbose("Skipping policy evaluation")
+		policyResponseModel, err := services.HandlePolicyEvaluation(cmd, policyWrapper, scan, ignorePolicy, agent, waitDelay, policyTimeout)
+		if err != nil {
+			return err
 		}
+
 		if sastRedundancy {
 			resultsParams[commonParams.SastRedundancyFlag] = ""
 		}
 
-		return CreateScanReport(
-			resultsWrapper,
-			risksOverviewWrapper,
-			scsScanOverviewWrapper,
-			exportWrapper,
-			policyResponseModel,
-			resultsPdfReportsWrapper,
-			scan,
-			format,
-			formatPdfToEmail,
-			formatPdfOptions,
-			formatSbomOptions,
-			targetFile,
-			targetPath,
-			agent,
-			resultsParams,
-			featureFlagsWrapper)
+		_, err = CreateScanReport(resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, exportWrapper,
+			policyResponseModel, resultsPdfReportsWrapper, scan, format, formatPdfToEmail, formatPdfOptions,
+			formatSbomOptions, targetFile, targetPath, agent, resultsParams, featureFlagsWrapper)
+		return err
 	}
 }
 
@@ -1124,42 +1105,42 @@ func CreateScanReport(
 	agent string,
 	resultsParams map[string]string,
 	featureFlagsWrapper wrappers.FeatureFlagsWrapper,
-) error {
+) (*wrappers.ScanResultsCollection, error) {
 	reportList := strings.Split(reportTypes, ",")
 	results := &wrappers.ScanResultsCollection{}
 	setIsSCSEnabled(featureFlagsWrapper)
 	setIsContainersEnabled(agent, featureFlagsWrapper)
 	summary, err := convertScanToResultsSummary(scan, resultsWrapper)
 	if err != nil {
-		return err
+		return nil, err
 	}
 	scanPending := isScanPending(summary.Status)
 
 	err = createDirectory(targetPath)
 	if err != nil {
-		return err
+		return nil, err
 	}
 	if !scanPending {
 		results, err = ReadResults(resultsWrapper, exportWrapper, scan, resultsParams, agent)
 		if err != nil {
-			return err
+			return nil, err
 		}
 	}
 	isSummaryNeeded := verifyFormatsByReportList(reportList, summaryFormats...)
 	if isSummaryNeeded && !scanPending {
 		summary, err = summaryReport(summary, policyResponseModel, risksOverviewWrapper, scsScanOverviewWrapper, featureFlagsWrapper, results)
 		if err != nil {
-			return err
+			return nil, err
 		}
 	}
 	for _, reportType := range reportList {
 		err = createReport(reportType, formatPdfToEmail, formatPdfOptions, formatSbomOptions, targetFile,
 			targetPath, results, summary, exportWrapper, resultsPdfReportsWrapper, featureFlagsWrapper, agent)
 		if err != nil {
-			return err
+			return nil, err
 		}
 	}
-	return nil
+	return results, nil
 }
 
 func countResult(summary *wrappers.ResultSummary, result *wrappers.ScanResult) {

internal/commands/scan.go

@@ -33,7 +33,6 @@ import (
 	"github.com/pkg/errors"
 
 	"github.com/MakeNowJust/heredoc"
-	"github.com/checkmarx/ast-cli/internal/commands/policymanagement"
 	commonParams "github.com/checkmarx/ast-cli/internal/params"
 	"github.com/checkmarx/ast-cli/internal/wrappers"
 	"github.com/mssola/user_agent"
@@ -1682,33 +1681,28 @@ func runCreateScanCommand(
 			if err != nil {
 				return err
 			}
-			// Handling policy response
-			policyOverrideFlag, _ := cmd.Flags().GetBool(commonParams.IgnorePolicyFlag)
-			if !policyOverrideFlag {
-				policyTimeout, _ := cmd.Flags().GetInt(commonParams.PolicyTimeoutFlag)
-				if policyTimeout < 0 {
-					return errors.Errorf("--%s should be equal or higher than 0", commonParams.PolicyTimeoutFlag)
-				}
-				policyResponseModel, err = policymanagement.HandlePolicyWait(waitDelay, policyTimeout, policyWrapper, scanResponseModel.ID, scanResponseModel.ProjectID, cmd)
-				if err != nil {
-					return err
-				}
-			} else {
-				logger.PrintIfVerbose("Skipping policy evaluation")
-			}
-			err = createReportsAfterScan(cmd, scanResponseModel.ID, scansWrapper, exportWrapper, resultsPdfReportsWrapper,
-				resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, policyResponseModel, featureFlagsWrapper)
+
+			agent, _ := cmd.Flags().GetString(commonParams.AgentFlag)
+			ignorePolicy, _ := cmd.Flags().GetBool(commonParams.IgnorePolicyFlag)
+			policyTimeout, _ := cmd.Flags().GetInt(commonParams.PolicyTimeoutFlag)
+			policyResponseModel, err = services.HandlePolicyEvaluation(cmd, policyWrapper, scanResponseModel, ignorePolicy, agent, waitDelay, policyTimeout)
 			if err != nil {
 				return err
 			}
 
-			err = applyThreshold(cmd, resultsWrapper, exportWrapper, scanResponseModel, thresholdMap, risksOverviewWrapper)
+			results, reportErr := createReportsAfterScan(cmd, scanResponseModel.ID, scansWrapper, exportWrapper, resultsPdfReportsWrapper,
+				resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, policyResponseModel, featureFlagsWrapper)
+			if reportErr != nil {
+				return reportErr
+			}
+
+			err = applyThreshold(cmd, scanResponseModel, thresholdMap, risksOverviewWrapper, results)
 
 			if err != nil {
 				return err
 			}
 		} else {
-			err = createReportsAfterScan(cmd, scanResponseModel.ID, scansWrapper, exportWrapper, resultsPdfReportsWrapper, resultsWrapper,
+			_, err = createReportsAfterScan(cmd, scanResponseModel.ID, scansWrapper, exportWrapper, resultsPdfReportsWrapper, resultsWrapper,
 				risksOverviewWrapper, scsScanOverviewWrapper, nil, featureFlagsWrapper)
 			if err != nil {
 				return err
@@ -1907,7 +1901,7 @@ func createReportsAfterScan(
 	scsScanOverviewWrapper wrappers.ScanOverviewWrapper,
 	policyResponseModel *wrappers.PolicyResponseModel,
 	featureFlagsWrapper wrappers.FeatureFlagsWrapper,
-) error {
+) (*wrappers.ScanResultsCollection, error) {
 	// Create the required reports
 	targetFile, _ := cmd.Flags().GetString(commonParams.TargetFlag)
 	targetPath, _ := cmd.Flags().GetString(commonParams.TargetPathFlag)
@@ -1920,7 +1914,7 @@ func createReportsAfterScan(
 
 	resultsParams, err := getFilters(cmd)
 	if err != nil {
-		return err
+		return nil, err
 	}
 
 	if scaHideDevAndTestDep {
@@ -1932,10 +1926,10 @@ func createReportsAfterScan(
 	}
 	scan, errorModel, scanErr := scansWrapper.GetByID(scanID)
 	if scanErr != nil {
-		return errors.Wrapf(scanErr, "%s", failedGetting)
+		return nil, errors.Wrapf(scanErr, "%s", failedGetting)
 	}
 	if errorModel != nil {
-		return errors.Errorf("%s: CODE: %d, %s", failedGettingScan, errorModel.Code, errorModel.Message)
+		return nil, errors.Errorf("%s: CODE: %d, %s", failedGettingScan, errorModel.Code, errorModel.Message)
 	}
 	return CreateScanReport(
 		resultsWrapper,
@@ -1959,24 +1953,22 @@ func createReportsAfterScan(
 
 func applyThreshold(
 	cmd *cobra.Command,
-	resultsWrapper wrappers.ResultsWrapper,
-	exportWrapper wrappers.ExportWrapper,
 	scanResponseModel *wrappers.ScanResponseModel,
 	thresholdMap map[string]int,
 	risksOverviewWrapper wrappers.RisksOverviewWrapper,
+	results *wrappers.ScanResultsCollection,
 ) error {
 	if len(thresholdMap) == 0 {
 		return nil
 	}
 
 	sastRedundancy, _ := cmd.Flags().GetBool(commonParams.SastRedundancyFlag)
-	agent, _ := cmd.Flags().GetString(commonParams.AgentFlag)
 	params := make(map[string]string)
 	if sastRedundancy {
 		params[commonParams.SastRedundancyFlag] = ""
 	}
 
-	summaryMap, err := getSummaryThresholdMap(resultsWrapper, exportWrapper, scanResponseModel, params, risksOverviewWrapper, agent)
+	summaryMap, err := getSummaryThresholdMap(scanResponseModel, risksOverviewWrapper, results)
 
 	if err != nil {
 		return err
@@ -2061,19 +2053,12 @@ func parseThresholdLimit(limit string) (engineName string, intLimit int, err err
 }
 
 func getSummaryThresholdMap(
-	resultsWrapper wrappers.ResultsWrapper,
-	exportWrapper wrappers.ExportWrapper,
 	scan *wrappers.ScanResponseModel,
-	resultsParams map[string]string,
 	risksOverviewWrapper wrappers.RisksOverviewWrapper,
-	agent string,
+	results *wrappers.ScanResultsCollection,
 ) (map[string]int, error) {
 	summaryMap := make(map[string]int)
-	results, err := ReadResults(resultsWrapper, exportWrapper, scan, resultsParams, agent)
 
-	if err != nil {
-		return nil, err
-	}
 	for _, result := range results.Results {
 		if isExploitable(result.State) {
 			key := strings.ToLower(fmt.Sprintf("%s-%s", strings.Replace(result.Type, commonParams.KicsType, commonParams.IacType, 1), result.Severity))
@@ -2176,7 +2161,7 @@ func isScanRunning(
 	log.Println("Scan Finished with status: ", scanResponseModel.Status)
 	if scanResponseModel.Status == wrappers.ScanPartial {
 		_ = printer.Print(cmd.OutOrStdout(), scanResponseModel.StatusDetails, printer.FormatList)
-		reportErr := createReportsAfterScan(
+		_, reportErr := createReportsAfterScan(
 			cmd,
 			scanResponseModel.ID,
 			scansWrapper,