Skip to content

Commit

Permalink
Added validate branch before config as code (#1405)
Browse files Browse the repository at this point in the history 
* added validate branch before config as code

* added mock for branch validation
  • Loading branch information
@itsKedar
itsKedar authored Dec 10, 2024
1 parent dd11a9a commit 67b7506
Show file tree
Hide file tree
Showing 2 changed files with 53 additions and 11 deletions.
44 changes: 35 additions & 9 deletions src/main/java/com/checkmarx/flow/service/GitHubService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@
import com.checkmarx.sdk.ShardManager.ShardSession;
import com.checkmarx.sdk.ShardManager.ShardSessionTracker;
import com.checkmarx.sdk.config.CxProperties;
import com.checkmarx.sdk.config.CxPropertiesBase;
import com.checkmarx.sdk.dto.cx.CxProject;
import com.checkmarx.sdk.dto.sast.CxConfig;
import com.checkmarx.sdk.dto.ScanResults;
Expand All @@ -42,10 +41,7 @@
import org.json.JSONException;
import org.json.JSONObject;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;
import org.springframework.http.*;
import org.springframework.stereotype.Service;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestClientException;
Expand All @@ -54,8 +50,6 @@

import javax.naming.ConfigurationException;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.*;
Expand Down Expand Up @@ -84,6 +78,7 @@ public class GitHubService extends RepoService {
private final CxClient cxService;

private static final String FILE_CONTENT = "/{namespace}/{repo}/contents/{config}?ref={branch}";
private static final String VALIDATE_BRANCH ="/{namespace}/{repo}/branches/{branch}";
private static final String LANGUAGE_TYPES = "/{namespace}/{repo}/languages";
private static final String REPO_CONTENT = "/{namespace}/{repo}/contents?ref={branch}";

Expand Down Expand Up @@ -560,9 +555,13 @@ public CxConfig getCxConfigOverride(ScanRequest request) {

private CxConfig loadConfigAsCode(String filename, ScanRequest request) {
CxConfig result = null;

String fileContent = null;
String effectiveBranch = determineConfigAsCodeBranch(request);
String fileContent = downloadFileContent(filename, request, effectiveBranch);
if (!validateBranch( effectiveBranch,request )) {
log.warn("Branch '{}' does not exist", effectiveBranch);
return null; // Exit early if the branch doesn't exist
}
fileContent = downloadFileContent(filename, request, effectiveBranch);
if (fileContent == null) {
log.warn(HTTP_BODY_IS_NULL);
} else {
Expand All @@ -579,6 +578,33 @@ private CxConfig loadConfigAsCode(String filename, ScanRequest request) {
return result;
}

private boolean validateBranch(String branch, ScanRequest request) {
ResponseEntity<String> response = null;

if (StringUtils.isNotEmpty(branch)) {
log.info("validating branch if exists...");
HttpHeaders headers = createAuthHeaders(request);
String urlTemplate = scmConfigOverrider.determineConfigApiUrl(properties, request).concat(VALIDATE_BRANCH);
try {
response = restTemplate.exchange(
urlTemplate,
HttpMethod.GET,
new HttpEntity<>(headers),
String.class,
request.getNamespace(),
request.getRepoName(),
branch);
} catch (HttpClientErrorException e) {
if(e.getStatusCode().value()!=404){
log.error("Error occurred while validating branch. Http Error {} ", e.getStatusCode());
}
}
} else {
log.warn("Unable to validate branch");
}
return response != null && response.getStatusCode().value() == 200;
}

private String downloadFileContent(String filename, ScanRequest request, String branch) {
ResponseEntity<String> response = null;

Expand Down
20 changes: 18 additions & 2 deletions src/test/java/com/checkmarx/flow/cucumber/integration/cxconfig/ConfigAsCodeBranchSteps.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
@RequiredArgsConstructor
public class ConfigAsCodeBranchSteps {
private static final int BRANCH_ARGUMENT_INDEX = 7;

private static final int BRANCH_ARGUMENT_INDEX1 = 6;
private final GitHubProperties gitHubProperties;
private final FlowProperties flowProperties;
private final CxProperties cxProperties;
Expand Down Expand Up @@ -57,6 +57,22 @@ public void githubRepoDefaultBranchIs(String defaultBranch) {
public void githubNotifiesCxFlow(String srcBranch) {
log.info("Creating RestTemplate mock.");
RestTemplate restTemplateMock = mock(RestTemplate.class);

//added mock for branch validation
when(restTemplateMock.exchange(
anyString(), // Match any URL
eq(HttpMethod.GET), // Match GET method
any(HttpEntity.class), // Match any HttpEntity
eq(String.class), // Match response type
anyString(), // Match namespace
anyString(), // Match repoName
anyString() // Match branch
)).thenAnswer(invocation ->{
assertEquals(BRANCH_ARGUMENT_INDEX1 + 1, invocation.getArguments().length,
"Unexpected argument count for the restTemplate call.");
actualBranch = invocation.getArgument(BRANCH_ARGUMENT_INDEX1);
return new ResponseEntity<>(actualBranch, HttpStatus.OK);});

when(gettingFileFromRepo(restTemplateMock)).thenAnswer(this::interceptConfigAsCodeBranch);

PullEvent pullEvent = CxConfigSteps.createPullEventDto(srcBranch, defaultBranch, gitHubProperties);
Expand Down Expand Up @@ -116,6 +132,6 @@ private Object interceptConfigAsCodeBranch(InvocationOnMock invocation) {
"Unexpected argument count for the restTemplate call.");

actualBranch = invocation.getArgument(BRANCH_ARGUMENT_INDEX);
return null;
return new ResponseEntity<>(actualBranch, HttpStatus.OK);
}
}

0 comments on commit 67b7506

Please sign in to comment.