Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor: create only one project group per execution #3262

Merged
merged 1 commit into from
Jun 2, 2022
Merged

refactor: create only one project group per execution #3262

merged 1 commit into from
Jun 2, 2022

Conversation

francescomari
Copy link
Contributor

@francescomari francescomari commented May 23, 2022
edited
Loading

What does this PR do?

This PR changes the behaviour of the iac test command when multiple paths are passed on the command line. This PR changes the behaviour of the --report flag, too. The implemented behaviour is the following:

  • iac test recursively scans the current working directory by default.
  • If one or more paths are passed on the command line, those paths must be relative to the current working directory.
  • If one or more paths are passed on the command line, only those files or directories are scanned. If a path is a directory, it will be recursively scanned.
  • If the --report flag is used, the iac test command creates one project group in the platform named after the name of the current working directory.
  • If the current working directory is a Git repository, additional information will be extracted and attached to the projects and the project group.

Where should the reviewer start?

This PR extracts the scan logic into src/cli/commands/test/iac/scan.ts. You can start the review fro there.

How should this be manually tested?

Move anywhere on the file system and run snyk iac test ... The command will fail with an error, because the only provided path is outside of the current working directory.

$ snyk iac test ..

Testing .....

Path ".." is outside the current working directory

Move in the root of this repository and run snyk iac test --report. This command creates only one project group in the platform, named after this repository. All the project names will be the paths of the IaC files in this repository, relative from the current working directory.

image

Move into the test/fixtures/iac directory and run snyk iac test --report. The command creates only one project group named iac, because the current working directory is not a Git repository. All the project names are relative from the current working directory.

image

Any background context you want to provide?

This behaviour has been discussed in this document. The document contains additional links to interesting conversations that shaped the implementation in this PR.

What are the relevant tickets?

CFG-1840

@francescomari francescomari force-pushed the fix/project-groups-share-results-test branch from fa5fee4 to 9c997ab Compare May 23, 2022 10:25
@francescomari francescomari changed the title fix: extract the scan logic away from the command fix: let the "iac test --report" command create only one project group May 23, 2022
@francescomari francescomari force-pushed the fix/project-groups-share-results-test branch from 34ca9ef to 2ea40d3 Compare May 23, 2022 13:10
@francescomari francescomari requested a review from ipapast May 23, 2022 13:22
@francescomari francescomari marked this pull request as ready for review May 23, 2022 14:07
@francescomari francescomari requested a review from a team as a code owner May 23, 2022 14:07
@francescomari francescomari force-pushed the fix/project-groups-share-results-test branch from 2ea40d3 to 6f0c180 Compare May 24, 2022 08:11
ipapast
ipapast reviewed May 24, 2022
View reviewed changes
Copy link
Contributor

@ipapast ipapast left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We had a chat with @francescomari and Esra regarding the expected design and also some edge cases that fail, such as snyk iac test . .. --report.
Francesco is making some changes and we are going to review again

@francescomari francescomari force-pushed the fix/project-groups-share-results-test branch from 6f0c180 to ed48bcc Compare May 24, 2022 11:15
@francescomari
Copy link
Contributor Author

@ipapast I added a new error class in scan.ts. That will need to be updated as soon as we have more details by the content team.

@ipapast
Copy link
Contributor

ipapast commented May 24, 2022
edited
Loading

@francescomari I tested different scenarios we discussed on the call, including snyk iac . .. --report and they all look good now.

But I also tried out something more weird, like:

cwd=/Users/iliannapapastefanou/snyk-repos/snyk/test/fixtures/iac/terraform

Then run:

snyk-dev iac test . .. ../arm/ var_deref --report

You will see in the last line a project name appearing as 'var_deref" which is not true. When I check the platform everything is correctly grouped under "snyk"

image

@francescomari francescomari force-pushed the fix/project-groups-share-results-test branch 2 times, most recently from 20c6679 to 73d30c6 Compare May 24, 2022 13:22
@francescomari
Copy link
Contributor Author

@ipapast that was a really good catch. It should be fixed at 73d30c66, according to the unit tests. Let's see what the acceptance tests say.

@francescomari francescomari force-pushed the fix/project-groups-share-results-test branch from 73d30c6 to 12ee279 Compare May 24, 2022 14:45
@francescomari francescomari force-pushed the fix/project-groups-share-results-test branch 2 times, most recently from 5502bf1 to 636e3cd Compare May 24, 2022 15:40
@ipapast
Copy link
Contributor

ipapast commented May 25, 2022

@ipapast that was a really good catch. It should be fixed at 73d30c6, according to the unit tests. Let's see what the acceptance tests say.

they pass now and running it manually looked good 👍 I'll approve and let's see how the product discussion goes.

@francescomari francescomari force-pushed the fix/project-groups-share-results-test branch 3 times, most recently from ebb8065 to 08e4038 Compare June 1, 2022 15:05
@francescomari
Copy link
Contributor Author

Given the latest conversations about this feature, the scope of this PR changed. Instead of replacing the current implementation for processing results, the PR adds a new implementation (single project group) in src/cli/commands/test/iac/local-execution/process-results/v2 and keeps the old one (multiple project groups) as-is in src/cli/commands/test/iac/local-execution/process-results/v1.

The code in src/cli/commands/test/iac/scan.ts choses the implementation at runtime depending on the presence of a projectRoot. Because no projectRoot is currently passed to scan(), the new implementation is inactive and the old one is still in use, as before.

I could have been more granular when splitting the two implementations, but I decided not to at the cost of some code duplication. When the new implementation will become the default, removing the old one will be as easy as deleting the v1 module, removing the class MultipleGroupsResultsProcessor, and adjusting scan(). I didn't want to introduce granular if statements buried deep in the implementation of the result processor. In this case, I believe that some code duplication makes the code easier to maintain.

Some tests are missing for SingleGroupResultsProcessor. I will add those in a separate PR.

@francescomari francescomari force-pushed the fix/project-groups-share-results-test branch from 08e4038 to fd3c0ce Compare June 1, 2022 15:08
@francescomari francescomari changed the title fix: let the "iac test --report" command create only one project group refactor: create only one project group per execution Jun 2, 2022
@francescomari francescomari merged commit 7ba8da4 into master Jun 2, 2022
@francescomari francescomari deleted the fix/project-groups-share-results-test branch June 2, 2022 09:03
This was referenced May 13, 2024
Open
Open
Open
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ofekatr ofekatr ofekatr left review comments

@ipapast ipapast ipapast approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@francescomari @ipapast @ofekatr