From 2b01ebda7293c3e3a33f4ebffe1f6a3388edf175 Mon Sep 17 00:00:00 2001 From: shubhamyadavCx <199061586+cx-shubham-yadav@users.noreply.github.com> Date: Wed, 15 Oct 2025 00:18:42 +0530 Subject: [PATCH 1/4] AST-113569 adding additional itegartion testcases for CLI help command --- .../data/console-help-text-log/cxHelpText.txt | 59 ++ .../projectCreateHelpText.txt | 53 ++ .../resultsShowHelpLog.txt | 55 ++ .../scanCreateHelpLog.txt | 102 ++++ .../triageUpdateHelpLog.txt | 56 ++ test/integration/help_test.go | 533 ++++++++++++++++++ test/integration/ignore-policy | 99 ++++ test/integration/test_helperFunctions.go | 45 ++ test/integration/util_command.go | 2 +- 9 files changed, 1003 insertions(+), 1 deletion(-) create mode 100644 test/integration/data/console-help-text-log/cxHelpText.txt create mode 100644 test/integration/data/console-help-text-log/projectCreateHelpText.txt create mode 100644 test/integration/data/console-help-text-log/resultsShowHelpLog.txt create mode 100644 test/integration/data/console-help-text-log/scanCreateHelpLog.txt create mode 100644 test/integration/data/console-help-text-log/triageUpdateHelpLog.txt create mode 100644 test/integration/help_test.go create mode 100644 test/integration/ignore-policy create mode 100644 test/integration/test_helperFunctions.go diff --git a/test/integration/data/console-help-text-log/cxHelpText.txt b/test/integration/data/console-help-text-log/cxHelpText.txt new file mode 100644 index 000000000..44de26515 --- /dev/null +++ b/test/integration/data/console-help-text-log/cxHelpText.txt @@ -0,0 +1,59 @@ +The Checkmarx One CLI is a fully functional Command Line Interface (CLI) that interacts with the Checkmarx One server + +USAGE + cx [flags] + +COMMANDS + auth: Validate authentication and create OAuth2 credentials + completion: Generate the autocompletion script for the specified shell + configure: Configure authentication and global properties + help: Help about any command + hooks: Manage Git hooks + project: Manage projects + results: Retrieve results + scan: Manage scans + telemetry: Telemetry user events + triage: Manage results + utils: Utility functions + version: Prints the version number + +FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + -h, --help help for cx + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type (supported types: basic, ntlm, kerberos or kerberos-native) + --proxy-kerberos-ccache string Path to Kerberos credential cache (optional, default uses KRB5CCNAME env or OS default) + --proxy-kerberos-krb5-conf string Path to Kerberos configuration file(default: /etc/krb5.conf on linux and C:\Windows\krb5.ini on windows) + --proxy-kerberos-spn string Service Principal Name (SPN) for Kerberos proxy authentication + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx configure + $ cx scan create -s . --project-name my_project_name + $ cx scan list + +DOCUMENTATION + https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/data/console-help-text-log/projectCreateHelpText.txt b/test/integration/data/console-help-text-log/projectCreateHelpText.txt new file mode 100644 index 000000000..412eebf3e --- /dev/null +++ b/test/integration/data/console-help-text-log/projectCreateHelpText.txt @@ -0,0 +1,53 @@ +The project create command enables the ability to create a new project in Checkmarx One + +USAGE + cx project create [flags] + +FLAGS + --application-name string Name of the application to assign with the project + --branch string Main branch + --format string Format for the output. One of [json list table] (default "table") + --groups string List of groups, ex: (PowerUsers,etc) + -h, --help help for create + --project-name string Name of project + --repo-url string Repository URL + --ssh-key string Path to ssh private key + --tags string List of tags, ex: (tagA,tagB:val,etc) + +GLOBAL FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type (supported types: basic, ntlm, kerberos or kerberos-native) + --proxy-kerberos-ccache string Path to Kerberos credential cache (optional, default uses KRB5CCNAME env or OS default) + --proxy-kerberos-krb5-conf string Path to Kerberos configuration file(default: /etc/krb5.conf on linux and C:\Windows\krb5.ini on windows) + --proxy-kerberos-spn string Service Principal Name (SPN) for Kerberos proxy authentication + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx project create --project-name + +DOCUMENTATION + https://checkmarx.com/resource/documents/en/34965-68634-project.html#UUID-44ecd672-8f1f-32de-6c2e-838b680a0bf4 + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/data/console-help-text-log/resultsShowHelpLog.txt b/test/integration/data/console-help-text-log/resultsShowHelpLog.txt new file mode 100644 index 000000000..0d1d87657 --- /dev/null +++ b/test/integration/data/console-help-text-log/resultsShowHelpLog.txt @@ -0,0 +1,55 @@ +The show command enables the ability to show results about a requested scan in Checkmarx One + +USAGE + cx results show [flags] + +FLAGS + --filter strings Filter the list of results. Use ';' as the delimiter for arrays. Available filters are: scan-id,limit,offset,sort,include-nodes,node-ids,query,group,status,severity,state + -h, --help help for show + --ignore-policy Skip policy evaluation. Requires override-policy-management permission. + --output-name string Output file (default "cx_result") + --output-path string Output Path (default ".") + --policy-timeout int Cancel the policy evaluation and fail after the timeout in minutes (default 1) + --report-format string Format for the output. One of [json-v2 summaryHTML summaryConsole sarif summaryJSON sbom pdf markdown gl-sast gl-sca sonar json] (default "json") + --report-pdf-email string Send the PDF report to the specified email address. Use "," as the delimiter for multiple emails + --report-pdf-options string Sections to generate PDF report. Available options: Iac-Security,Sast,Sca,ScanSummary,ExecutiveSummary,ScanResults (default "ScanSummary,ExecutiveSummary,ScanResults") + --report-sbom-format string Sections to generate SBOM report. Available options: CycloneDxJson,CycloneDxXml,SpdxJson (default "CycloneDxJson") + --sast-redundancy Populate SAST results 'data.redundancy' with values 'fix' (to fix) or 'redundant' (no need to fix) + --sca-hide-dev-test-dependencies Filter SCA results to exclude dev and test dependencies + --scan-id string ID to report on + --wait-delay int Polling wait time in seconds (default 5) + +GLOBAL FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type (supported types: basic, ntlm, kerberos or kerberos-native) + --proxy-kerberos-ccache string Path to Kerberos credential cache (optional, default uses KRB5CCNAME env or OS default) + --proxy-kerberos-krb5-conf string Path to Kerberos configuration file(default: /etc/krb5.conf on linux and C:\Windows\krb5.ini on windows) + --proxy-kerberos-spn string Service Principal Name (SPN) for Kerberos proxy authentication + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx results show --scan-id + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/data/console-help-text-log/scanCreateHelpLog.txt b/test/integration/data/console-help-text-log/scanCreateHelpLog.txt new file mode 100644 index 000000000..2c3d7ed92 --- /dev/null +++ b/test/integration/data/console-help-text-log/scanCreateHelpLog.txt @@ -0,0 +1,102 @@ +The create command enables the ability to create and run a new scan in Checkmarx One + +USAGE + cx scan create [flags] + +FLAGS + --apisec-swagger-filter string Swagger folder/file filter for API-Security scan. Example: ./swagger.json + --application-name string Name of the application to assign with the project + --async Do not wait for scan completion + -b, --branch string Branch to scan + --branch-primary This flag sets the branch specified in --branch as the PRIMARY branch for the project + --container-images string List of container images to scan, ex: manuelbcd/vulnapp:latest,debian:10 + --containers-exclude-non-final-stages Scan only the final deployable image + --containers-file-folder-filter string Specify files and folders to be included or excluded from scans, ex: "!*.log" + --containers-image-tag-filter string Exclude images by image name and/or tag, ex: "*dev" + --containers-local-resolution Execute container resolver locally. + --containers-package-filter string Exclude packages by package name or file path using regex, ex: "^internal-.*" + -f, --file-filter string Source file filtering pattern + -i, --file-include string Only files scannable by AST are included by default. Add a comma separated list of extra inclusions, ex: *zip,file.txt + -s, --file-source string Sources like: directory, zip file or git URL + --filter strings Filter the list of results. Use ';' as the delimiter for arrays. Available filters are: scan-id,limit,offset,sort,include-nodes,node-ids,query,group,status,severity,state + -h, --help help for create + --iac-security-filter string IaC Security filter + --iac-security-platforms strings IaC Security Platform Flag + --iac-security-preset-id string The ID of the IaC Security Preset to use (must be a valid UUID) + --ignore-policy Skip policy evaluation. Requires override-policy-management permission. + --output-name string Output file (default "cx_result") + --output-path string Output Path (default ".") + --policy-timeout int Cancel the policy evaluation and fail after the timeout in minutes (default 4) + --project-groups string List of groups to associate to project + --project-name string Name of the project + --project-private-package string Enable or disable project private package. Available options: true,false + --project-tags string List of tags to associate to project + --report-format string Format for the output. One of [json json-v2 summaryHTML sarif sbom pdf markdown gl-sast gl-sca summaryConsole] (default "summaryConsole") + --report-pdf-email string Send the PDF report to the specified email address. Use "," as the delimiter for multiple emails + --report-pdf-options string Sections to generate PDF report. Available options: Iac-Security,Sast,Sca,ScanSummary,ExecutiveSummary,ScanResults (default "ScanSummary,ExecutiveSummary,ScanResults") + --report-sbom-format string Sections to generate SBOM report. Available options: CycloneDxJson,CycloneDxXml,SpdxJson (default "CycloneDxJson") + --resubmit Create a scan with the configurations used in the most recent scan in the project + --sast-fast-scan Enable SAST Fast Scan configuration + --sast-filter string SAST filter + --sast-incremental Incremental SAST scan should be performed. + --sast-light-queries Enable SAST scan using light query configuration + --sast-preset-name string The name of the Checkmarx preset to use. + --sast-recommended-exclusions Enable recommended exclusions configuration for SAST scan + --sast-redundancy Populate SAST results 'data.redundancy' with values 'fix' (to fix) or 'redundant' (no need to fix) + --sbom-only Scan only the specified SBOM file (supported formats xml or json) + --sca-exploitable-path string Enable or disable exploitable path in scan. Available options: true,false + --sca-filter string SCA filter + --sca-hide-dev-test-dependencies Filter SCA results to exclude dev and test dependencies + --sca-last-sast-scan-time string SCA last scan time. Available options: integer above 1 + --sca-private-package-version string SCA project private package version. Example: 0.1.1 + --sca-resolver string Resolve SCA project dependencies (path to SCA Resolver executable) + --sca-resolver-params string Parameters to use in SCA resolver (requires --sca-resolver) + --scan-info-format string Format for the output. One of [table json list] (default "list") + --scan-timeout int Cancel the scan and fail after the timeout in minutes + --scan-types string Scan types, ex: (sast,iac-security,sca,api-security) + --scs-engines string Specify which scs engines will run (default: all licensed engines) + --scs-repo-token string Provide a token with read permission for the repo that you are scanning (for scorecard scans) + --scs-repo-url string The URL of the repo that you are scanning with scs (for scorecard scans) + --ssh-key string Path to ssh private key + --tags string List of tags, ex: (tagA,tagB:val,etc) + --threshold string Local build threshold. Format -=. Example: scan --threshold "sast-high=10;sca-high=5;iac-security-low=10" + --use-gitignore Exclude files and directories from the scan based on the patterns defined in the directory's .gitignore file + --wait-delay int Polling wait time in seconds (default 5) + +GLOBAL FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type (supported types: basic, ntlm, kerberos or kerberos-native) + --proxy-kerberos-ccache string Path to Kerberos credential cache (optional, default uses KRB5CCNAME env or OS default) + --proxy-kerberos-krb5-conf string Path to Kerberos configuration file(default: /etc/krb5.conf on linux and C:\Windows\krb5.ini on windows) + --proxy-kerberos-spn string Service Principal Name (SPN) for Kerberos proxy authentication + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx scan create --project-name -s + +DOCUMENTATION + https://checkmarx.com/resource/documents/en/34965-68643-scan.html#UUID-a0bb20d5-5182-3fb4-3da0-0e263344ffe7 + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/data/console-help-text-log/triageUpdateHelpLog.txt b/test/integration/data/console-help-text-log/triageUpdateHelpLog.txt new file mode 100644 index 000000000..8a658b5e9 --- /dev/null +++ b/test/integration/data/console-help-text-log/triageUpdateHelpLog.txt @@ -0,0 +1,56 @@ +The update command enables the ability to triage the results in Checkmarx One + +USAGE + cx triage update [flags] + +FLAGS + --comment string Optional comment + -h, --help help for update + --project-id string Project ID + --scan-type string Scan Type + --severity string Severity + --similarity-id string Similarity ID + --state string Specify the state that you would like to apply. Can be a pre-configured state (e.g., not_exploitable) or a custom state created in your account + --state-id int Specify the ID of the states that you would like to apply to this result (default -1) + +GLOBAL FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type (supported types: basic, ntlm, kerberos or kerberos-native) + --proxy-kerberos-ccache string Path to Kerberos credential cache (optional, default uses KRB5CCNAME env or OS default) + --proxy-kerberos-krb5-conf string Path to Kerberos configuration file(default: /etc/krb5.conf on linux and C:\Windows\krb5.ini on windows) + --proxy-kerberos-spn string Service Principal Name (SPN) for Kerberos proxy authentication + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx triage update + --similarity-id + --project-id + --state + --state-id + --severity + --comment + --scan-type + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/help_test.go b/test/integration/help_test.go new file mode 100644 index 000000000..f62bd5c7f --- /dev/null +++ b/test/integration/help_test.go @@ -0,0 +1,533 @@ +//go:build integration + +package integration + +import ( + "gotest.tools/assert" + "strings" + "testing" +) + +/* +This function helps to validate all the cx --help command content. +Expected help content value is stored in the "integration/data/cxHelpText.txt" +We compare the command output with the above txt file, if there is any new flag introduced +or content is changed then user this testcase will help to capture it +*/ +func TestHelpFlag_Validate_CxHelpOutput(t *testing.T) { + referenceFile := "data/console-help-text-log/cxHelpText.txt" + + _, outputText := executeCommand(t, "help") + + ValidateCompleteConsoleLog(t, outputText, referenceFile) +} + +// Auth + +// Validate cx auth register --help command +func TestHelpFlag_Validate_AuthRegisterHelpMessage(t *testing.T) { + + args := []string{ + "auth", + "register", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Register new OAuth2 client and outputs its generated credentials in the format =", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx auth validate --help command +func TestHelpFlag_Validate_AuthValidateHelpMessage(t *testing.T) { + + args := []string{ + "auth", + "validate", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Validates if CLI is able to communicate with Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Configure + +// Validate cx configure --help command +func TestHelpFlag_Validate_ConfigureHelpMessage(t *testing.T) { + + args := []string{ + "configure", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The configure command is the fastest way to set up your AST CLI", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx configure set --help command +func TestHelpFlag_Validate_ConfigureSetHelpMessage(t *testing.T) { + + args := []string{ + "configure", + "set", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Set configuration properties", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx configure show --help command +func TestHelpFlag_Validate_ConfigureShowHelpMessage(t *testing.T) { + + args := []string{ + "configure", + "show", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Shows effective profile configuration", textCapturedForValidation, "Incorrect help text found") +} + +// Hooks + +// Validate cx configure show --help command +func TestHelpFlag_Validate_HooksPreCommitHelpMessage(t *testing.T) { + + args := []string{ + "hooks", + "pre-commit", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The pre-commit command enables the ability to manage Git pre-commit hooks for secret detection.", textCapturedForValidation, "Incorrect help text found") +} + +// Project Help Validation + +// Validate cx project list --help command +func TestHelpFlag_ValidateProjectListHelpMessage(t *testing.T) { + + args := []string{ + "project", + "list", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "List all projects in the system", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx project create --help +func TestHelpFlag_ValidateProjectCreateHelpMessage(t *testing.T) { + + referenceFile := "data/console-help-text-log/projectCreateHelpText.txt" + + args := []string{ + "project", + "create", + "--help", + } + + _, outputText := executeCommand(t, args...) + + ValidateCompleteConsoleLog(t, outputText, referenceFile) +} + +// Validate cx project delete --help command +func TestHelpFlag_ValidateProjectDeleteHelpMessage(t *testing.T) { + + args := []string{ + "project", + "delete", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Delete a project", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx project show --help command +func TestHelpFlag_ValidateProjectShowHelpMessage(t *testing.T) { + + args := []string{ + "project", + "show", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Show information about a project", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx project tags --help command +func TestHelpFlag_ValidateProjectTagsHelpMessage(t *testing.T) { + + args := []string{ + "project", + "tags", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Get a list of all available tags", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx project branch --help command +func TestHelpFlag_ValidateProjectBranchHelpMessage(t *testing.T) { + + args := []string{ + "project", + "branches", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Show list of branches from a project", textCapturedForValidation, "Incorrect help text found") +} + +// Results + +// Validate cx results --help command +func TestHelpFlag_Validate_ResultsHelpMessage(t *testing.T) { + + args := []string{ + "results", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Retrieve results", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx results show --help command +func TestHelpFlag_Validate_ResultsShowHelpOutput(t *testing.T) { + referenceFile := "data/console-help-text-log/resultsShowHelpLog.txt" + + args := []string{ + "results", + "show", + "--help", + } + _, outputText := executeCommand(t, args...) + + ValidateCompleteConsoleLog(t, outputText, referenceFile) +} + +// Validate cx results codebashing --help command +func TestHelpFlag_Validate_ResultsCodeBashingHelpMessage(t *testing.T) { + + args := []string{ + "results", + "codebashing", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The codebashing command enables the ability to retrieve the link about a specific vulnerability", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx results exit-code --help command +func TestHelpFlag_Validate_ResultsExitCodeHelpMessage(t *testing.T) { + + args := []string{ + "results", + "exit-code", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The exit-code command enables you to get the exit code and failure details of a requested scan in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx triage --help command +func TestHelpFlag_Validate_TriageHelpMessage(t *testing.T) { + + args := []string{ + "triage", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The 'triage' command enables the ability to manage results in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx triage get-states --help command +func TestHelpFlag_Validate_TriageGetStatesHelpMessage(t *testing.T) { + + args := []string{ + "triage", + "get-states", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The get-states command shows information about each of the custom states that have been configured in your tenant account", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx triage update --help command +func TestHelpFlag_Validate_TriageUpdateHelpMessage(t *testing.T) { + + args := []string{ + "triage", + "update", + "--help", + } + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The update command enables the ability to triage the results in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx triage show --help command +func TestHelpFlag_Validate_TriageShowHelpMessage(t *testing.T) { + + args := []string{ + "triage", + "show", + "--help", + } + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The show command provides a list of all the predicates in the issue", textCapturedForValidation, "Incorrect help text found") +} + +// Scan Help Validation + +// Validate cx scan cancel --help command +func TestHelpFlag_Validate_ScanCancelHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "cancel", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The cancel command enables the ability to cancel one or more running scans in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan cancel --help command +func TestHelpFlag_Validate_CxScanCreateHelpOutput(t *testing.T) { + referenceFile := "data/console-help-text-log/scanCreateHelpLog.txt" + + args := []string{ + "scan", + "create", + "--help", + } + _, outputText := executeCommand(t, args...) + + ValidateCompleteConsoleLog(t, outputText, referenceFile) +} + +// Validate cx scan delete --help command +func TestHelpFlag_Validate_ScanDeleteHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "delete", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Deletes one or more scans", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan list --help command +func TestHelpFlag_Validate_ScanListHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "list", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The list command provides a list of all the scans in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx tags show --help command +func TestHelpFlag_Validate_ScanShowHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "show", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The show command enables the ability to show information about a requested scan in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan tags --help command +func TestHelpFlag_Validate_ScanTagsHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "tags", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The tags command enables the ability to provide a list of all the available tags in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan workflow --help command +func TestHelpFlag_Validate_ScanWorkflowHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "workflow", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The workflow command enables the ability to provide information about a requested scan workflow in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan logs --help command +func TestHelpFlag_Validate_ScanLogsHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "logs", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Accepts a scan-id and scan type (sast, iac-security) and downloads the related scan log", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan sca-realtime --help command +func TestHelpFlag_Validate_ScanScaRealtimeHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "sca-realtime", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The sca-realtime command enables the ability to create, run and retrieve results from a sca scan using sca resolver", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan kics-realtime --help command +func TestHelpFlag_Validate_ScanKicsRealtimeHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "kics-realtime", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The kics-realtime command enables the ability to create, run and retrieve results from a kics scan using a docker image", textCapturedForValidation, "Incorrect help text found") +} diff --git a/test/integration/ignore-policy b/test/integration/ignore-policy new file mode 100644 index 000000000..881219081 --- /dev/null +++ b/test/integration/ignore-policy @@ -0,0 +1,99 @@ +The create command enables the ability to create and run a new scan in Checkmarx One + +USAGE + cx scan create [flags] + +FLAGS + --apisec-swagger-filter string Swagger folder/file filter for API-Security scan. Example: ./swagger.json + --application-name string Name of the application to assign with the project + --async Do not wait for scan completion + -b, --branch string Branch to scan + --branch-primary This flag sets the branch specified in --branch as the PRIMARY branch for the project + --container-images string List of container images to scan, ex: manuelbcd/vulnapp:latest,debian:10 + --containers-exclude-non-final-stages Scan only the final deployable image + --containers-file-folder-filter string Specify files and folders to be included or excluded from scans, ex: "!*.log" + --containers-image-tag-filter string Exclude images by image name and/or tag, ex: "*dev" + --containers-local-resolution Execute container resolver locally. + --containers-package-filter string Exclude packages by package name or file path using regex, ex: "^internal-.*" + -f, --file-filter string Source file filtering pattern + -i, --file-include string Only files scannable by AST are included by default. Add a comma separated list of extra inclusions, ex: *zip,file.txt + -s, --file-source string Sources like: directory, zip file or git URL + --filter strings Filter the list of results. Use ';' as the delimiter for arrays. Available filters are: scan-id,limit,offset,sort,include-nodes,node-ids,query,group,status,severity,state + -h, --help help for create + --iac-security-filter string IaC Security filter + --iac-security-platforms strings IaC Security Platform Flag + --iac-security-preset-id string The ID of the IaC Security Preset to use (must be a valid UUID) + --ignore-policy Skip policy evaluation. Requires override-policy-management permission. + --output-name string Output file (default "cx_result") + --output-path string Output Path (default ".") + --policy-timeout int Cancel the policy evaluation and fail after the timeout in minutes (default 4) + --project-groups string List of groups to associate to project + --project-name string Name of the project + --project-private-package string Enable or disable project private package. Available options: true,false + --project-tags string List of tags to associate to project + --report-format string Format for the output. One of [json json-v2 summaryHTML sarif sbom pdf markdown gl-sast gl-sca summaryConsole] (default "summaryConsole") + --report-pdf-email string Send the PDF report to the specified email address. Use "," as the delimiter for multiple emails + --report-pdf-options string Sections to generate PDF report. Available options: Iac-Security,Sast,Sca,ScanSummary,ExecutiveSummary,ScanResults (default "ScanSummary,ExecutiveSummary,ScanResults") + --report-sbom-format string Sections to generate SBOM report. Available options: CycloneDxJson,CycloneDxXml,SpdxJson (default "CycloneDxJson") + --resubmit Create a scan with the configurations used in the most recent scan in the project + --sast-fast-scan Enable SAST Fast Scan configuration + --sast-filter string SAST filter + --sast-incremental Incremental SAST scan should be performed. + --sast-light-queries Enable SAST scan using light query configuration + --sast-preset-name string The name of the Checkmarx preset to use. + --sast-recommended-exclusions Enable recommended exclusions configuration for SAST scan + --sast-redundancy Populate SAST results 'data.redundancy' with values 'fix' (to fix) or 'redundant' (no need to fix) + --sbom-only Scan only the specified SBOM file (supported formats xml or json) + --sca-exploitable-path string Enable or disable exploitable path in scan. Available options: true,false + --sca-filter string SCA filter + --sca-hide-dev-test-dependencies Filter SCA results to exclude dev and test dependencies + --sca-last-sast-scan-time string SCA last scan time. Available options: integer above 1 + --sca-private-package-version string SCA project private package version. Example: 0.1.1 + --sca-resolver string Resolve SCA project dependencies (path to SCA Resolver executable) + --sca-resolver-params string Parameters to use in SCA resolver (requires --sca-resolver) + --scan-info-format string Format for the output. One of [table json list] (default "list") + --scan-timeout int Cancel the scan and fail after the timeout in minutes + --scan-types string Scan types, ex: (sast,iac-security,sca,api-security) + --scs-engines string Specify which scs engines will run (default: all licensed engines) + --scs-repo-token string Provide a token with read permission for the repo that you are scanning (for scorecard scans) + --scs-repo-url string The URL of the repo that you are scanning with scs (for scorecard scans) + --ssh-key string Path to ssh private key + --tags string List of tags, ex: (tagA,tagB:val,etc) + --threshold string Local build threshold. Format -=. Example: scan --threshold "sast-high=10;sca-high=5;iac-security-low=10" + --use-gitignore Exclude files and directories from the scan based on the patterns defined in the directory's .gitignore file + --wait-delay int Polling wait time in seconds (default 5) + +GLOBAL FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type, (basic or ntlm) + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx scan create --project-name -s + +DOCUMENTATION + https://checkmarx.com/resource/documents/en/34965-68643-scan.html#UUID-a0bb20d5-5182-3fb4-3da0-0e263344ffe7 + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/test_helperFunctions.go b/test/integration/test_helperFunctions.go new file mode 100644 index 000000000..8bbf7ed66 --- /dev/null +++ b/test/integration/test_helperFunctions.go @@ -0,0 +1,45 @@ +package integration + +import ( + "bytes" + "gotest.tools/assert" + "io/ioutil" + "log" + "regexp" + "strings" + "testing" +) + +/* +When cli logs the output in console it prints some texts in the special format +e.g. COMMANDS this methos helps to strip this special format from the output +*/ +func Strip_ANSI(s string) string { + ansi := regexp.MustCompile(`\x1b\[[0-9;]*m`) + + return ansi.ReplaceAllString(s, "") +} + +// Returns the first line of information when --help flag is passed along a command +func GetFlagHelpText(s string) string { + + linesSepration := strings.SplitN(s, "\n", 2) + textCapturedForValidation := strings.TrimSpace(linesSepration[0]) + + return textCapturedForValidation +} + +// Compares the complete console log output against the given text file data +func ValidateCompleteConsoleLog(t *testing.T, consoleLog *bytes.Buffer, filePath string) { + //Read the reference file data + referenceData, err := ioutil.ReadFile(filePath) + + if err != nil { + log.Fatalf("Error reading help text: %s", err) + } + //formats console output and reference file data + normalizedRef := Strip_ANSI(strings.ReplaceAll(string(referenceData), "\r\n", "\n")) + normalizedOut := Strip_ANSI(strings.ReplaceAll(consoleLog.String(), "\r\n", "\n")) + + assert.Equal(t, normalizedRef, normalizedOut, "Command output doesn't match with given file") +} diff --git a/test/integration/util_command.go b/test/integration/util_command.go index c863fecd6..4290c5270 100644 --- a/test/integration/util_command.go +++ b/test/integration/util_command.go @@ -225,7 +225,7 @@ func executeCmdWithTimeOutNilAssertion( func executeWithTimeout(cmd *cobra.Command, timeout time.Duration, args ...string) error { args = append(args, flag(params.RetryFlag), "3", flag(params.RetryDelayFlag), "5") - args = appendProxyArgs(args) + // args = appendProxyArgs(args) cmd.SetArgs(args) ctx, cancel := context.WithTimeout(context.Background(), timeout) From 0434cddceaaaca97d641ec307895effc1676214a Mon Sep 17 00:00:00 2001 From: shubhamyadavCx <199061586+cx-shubham-yadav@users.noreply.github.com> Date: Wed, 15 Oct 2025 00:19:32 +0530 Subject: [PATCH 2/4] AST-113569 adding additional itegartion testcases for CLI help command --- test/integration/util_command.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/integration/util_command.go b/test/integration/util_command.go index 4290c5270..c863fecd6 100644 --- a/test/integration/util_command.go +++ b/test/integration/util_command.go @@ -225,7 +225,7 @@ func executeCmdWithTimeOutNilAssertion( func executeWithTimeout(cmd *cobra.Command, timeout time.Duration, args ...string) error { args = append(args, flag(params.RetryFlag), "3", flag(params.RetryDelayFlag), "5") - // args = appendProxyArgs(args) + args = appendProxyArgs(args) cmd.SetArgs(args) ctx, cancel := context.WithTimeout(context.Background(), timeout) From f3fc9a7f5cf87ef955c8b3f7663772d789a229ae Mon Sep 17 00:00:00 2001 From: shubhamyadavCx <199061586+cx-shubham-yadav@users.noreply.github.com> Date: Wed, 15 Oct 2025 00:34:28 +0530 Subject: [PATCH 3/4] removing incorrect file --- test/integration/ignore-policy | 99 ---------------------------------- 1 file changed, 99 deletions(-) delete mode 100644 test/integration/ignore-policy diff --git a/test/integration/ignore-policy b/test/integration/ignore-policy deleted file mode 100644 index 881219081..000000000 --- a/test/integration/ignore-policy +++ /dev/null @@ -1,99 +0,0 @@ -The create command enables the ability to create and run a new scan in Checkmarx One - -USAGE - cx scan create [flags] - -FLAGS - --apisec-swagger-filter string Swagger folder/file filter for API-Security scan. Example: ./swagger.json - --application-name string Name of the application to assign with the project - --async Do not wait for scan completion - -b, --branch string Branch to scan - --branch-primary This flag sets the branch specified in --branch as the PRIMARY branch for the project - --container-images string List of container images to scan, ex: manuelbcd/vulnapp:latest,debian:10 - --containers-exclude-non-final-stages Scan only the final deployable image - --containers-file-folder-filter string Specify files and folders to be included or excluded from scans, ex: "!*.log" - --containers-image-tag-filter string Exclude images by image name and/or tag, ex: "*dev" - --containers-local-resolution Execute container resolver locally. - --containers-package-filter string Exclude packages by package name or file path using regex, ex: "^internal-.*" - -f, --file-filter string Source file filtering pattern - -i, --file-include string Only files scannable by AST are included by default. Add a comma separated list of extra inclusions, ex: *zip,file.txt - -s, --file-source string Sources like: directory, zip file or git URL - --filter strings Filter the list of results. Use ';' as the delimiter for arrays. Available filters are: scan-id,limit,offset,sort,include-nodes,node-ids,query,group,status,severity,state - -h, --help help for create - --iac-security-filter string IaC Security filter - --iac-security-platforms strings IaC Security Platform Flag - --iac-security-preset-id string The ID of the IaC Security Preset to use (must be a valid UUID) - --ignore-policy Skip policy evaluation. Requires override-policy-management permission. - --output-name string Output file (default "cx_result") - --output-path string Output Path (default ".") - --policy-timeout int Cancel the policy evaluation and fail after the timeout in minutes (default 4) - --project-groups string List of groups to associate to project - --project-name string Name of the project - --project-private-package string Enable or disable project private package. Available options: true,false - --project-tags string List of tags to associate to project - --report-format string Format for the output. One of [json json-v2 summaryHTML sarif sbom pdf markdown gl-sast gl-sca summaryConsole] (default "summaryConsole") - --report-pdf-email string Send the PDF report to the specified email address. Use "," as the delimiter for multiple emails - --report-pdf-options string Sections to generate PDF report. Available options: Iac-Security,Sast,Sca,ScanSummary,ExecutiveSummary,ScanResults (default "ScanSummary,ExecutiveSummary,ScanResults") - --report-sbom-format string Sections to generate SBOM report. Available options: CycloneDxJson,CycloneDxXml,SpdxJson (default "CycloneDxJson") - --resubmit Create a scan with the configurations used in the most recent scan in the project - --sast-fast-scan Enable SAST Fast Scan configuration - --sast-filter string SAST filter - --sast-incremental Incremental SAST scan should be performed. - --sast-light-queries Enable SAST scan using light query configuration - --sast-preset-name string The name of the Checkmarx preset to use. - --sast-recommended-exclusions Enable recommended exclusions configuration for SAST scan - --sast-redundancy Populate SAST results 'data.redundancy' with values 'fix' (to fix) or 'redundant' (no need to fix) - --sbom-only Scan only the specified SBOM file (supported formats xml or json) - --sca-exploitable-path string Enable or disable exploitable path in scan. Available options: true,false - --sca-filter string SCA filter - --sca-hide-dev-test-dependencies Filter SCA results to exclude dev and test dependencies - --sca-last-sast-scan-time string SCA last scan time. Available options: integer above 1 - --sca-private-package-version string SCA project private package version. Example: 0.1.1 - --sca-resolver string Resolve SCA project dependencies (path to SCA Resolver executable) - --sca-resolver-params string Parameters to use in SCA resolver (requires --sca-resolver) - --scan-info-format string Format for the output. One of [table json list] (default "list") - --scan-timeout int Cancel the scan and fail after the timeout in minutes - --scan-types string Scan types, ex: (sast,iac-security,sca,api-security) - --scs-engines string Specify which scs engines will run (default: all licensed engines) - --scs-repo-token string Provide a token with read permission for the repo that you are scanning (for scorecard scans) - --scs-repo-url string The URL of the repo that you are scanning with scs (for scorecard scans) - --ssh-key string Path to ssh private key - --tags string List of tags, ex: (tagA,tagB:val,etc) - --threshold string Local build threshold. Format -=. Example: scan --threshold "sast-high=10;sca-high=5;iac-security-low=10" - --use-gitignore Exclude files and directories from the scan based on the patterns defined in the directory's .gitignore file - --wait-delay int Polling wait time in seconds (default 5) - -GLOBAL FLAGS - --agent string Scan origin name (default "ASTCLI") - --apikey string The API Key to login to Checkmarx One - --base-auth-uri string The base system IAM URI - --base-uri string The base system URI - --client-id string The OAuth2 client ID - --client-secret string The OAuth2 client secret - --config-file-path string Path to the configuration file - --debug Debug mode with detailed logs - --ignore-proxy Ignore proxy configuration - --insecure Ignore TLS certificate validations - --log-file string Saves logs to the specified file path only - --log-file-console string Saves logs to the specified file path as well as to the console - --proxy string Proxy server to send communication through - --proxy-auth-type string Proxy authentication type, (basic or ntlm) - --proxy-ntlm-domain string Window domain when using NTLM proxy - --retry uint Retry requests to Checkmarx One on connection failure (default 3) - --retry-delay uint Time between retries in seconds, use with --retry (default 20) - --tenant string Checkmarx tenant - --timeout string Timeout for network activity, (default 5 seconds) - -EXAMPLES - $ cx scan create --project-name -s - -DOCUMENTATION - https://checkmarx.com/resource/documents/en/34965-68643-scan.html#UUID-a0bb20d5-5182-3fb4-3da0-0e263344ffe7 - -QUICK START GUIDE - https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html - -LEARN MORE - Use 'cx --help' for more information about a command. - Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html - From 50fcb81bc390511a28b50cf27ec63be92dde1aa4 Mon Sep 17 00:00:00 2001 From: shubhamyadavCx <199061586+cx-shubham-yadav@users.noreply.github.com> Date: Wed, 15 Oct 2025 12:51:33 +0530 Subject: [PATCH 4/4] Fixing lint issues --- test/integration/help_test.go | 61 ++++++++++++------------ test/integration/test_helperFunctions.go | 21 ++++---- 2 files changed, 42 insertions(+), 40 deletions(-) diff --git a/test/integration/help_test.go b/test/integration/help_test.go index f62bd5c7f..e5728cb5d 100644 --- a/test/integration/help_test.go +++ b/test/integration/help_test.go @@ -3,11 +3,13 @@ package integration import ( - "gotest.tools/assert" "strings" "testing" + + "gotest.tools/assert" ) +// Help /* This function helps to validate all the cx --help command content. Expected help content value is stored in the "integration/data/cxHelpText.txt" @@ -23,7 +25,6 @@ func TestHelpFlag_Validate_CxHelpOutput(t *testing.T) { } // Auth - // Validate cx auth register --help command func TestHelpFlag_Validate_AuthRegisterHelpMessage(t *testing.T) { @@ -35,7 +36,7 @@ func TestHelpFlag_Validate_AuthRegisterHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Register new OAuth2 client and outputs its generated credentials in the format =", textCapturedForValidation, "Incorrect help text found") @@ -52,7 +53,7 @@ func TestHelpFlag_Validate_AuthValidateHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Validates if CLI is able to communicate with Checkmarx One", textCapturedForValidation, "Incorrect help text found") @@ -70,7 +71,7 @@ func TestHelpFlag_Validate_ConfigureHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The configure command is the fastest way to set up your AST CLI", textCapturedForValidation, "Incorrect help text found") @@ -87,7 +88,7 @@ func TestHelpFlag_Validate_ConfigureSetHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Set configuration properties", textCapturedForValidation, "Incorrect help text found") @@ -104,7 +105,7 @@ func TestHelpFlag_Validate_ConfigureShowHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Shows effective profile configuration", textCapturedForValidation, "Incorrect help text found") @@ -123,7 +124,7 @@ func TestHelpFlag_Validate_HooksPreCommitHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The pre-commit command enables the ability to manage Git pre-commit hooks for secret detection.", textCapturedForValidation, "Incorrect help text found") @@ -142,7 +143,7 @@ func TestHelpFlag_ValidateProjectListHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "List all projects in the system", textCapturedForValidation, "Incorrect help text found") @@ -175,7 +176,7 @@ func TestHelpFlag_ValidateProjectDeleteHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Delete a project", textCapturedForValidation, "Incorrect help text found") @@ -192,7 +193,7 @@ func TestHelpFlag_ValidateProjectShowHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Show information about a project", textCapturedForValidation, "Incorrect help text found") @@ -209,7 +210,7 @@ func TestHelpFlag_ValidateProjectTagsHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Get a list of all available tags", textCapturedForValidation, "Incorrect help text found") @@ -226,7 +227,7 @@ func TestHelpFlag_ValidateProjectBranchHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Show list of branches from a project", textCapturedForValidation, "Incorrect help text found") @@ -244,7 +245,7 @@ func TestHelpFlag_Validate_ResultsHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Retrieve results", textCapturedForValidation, "Incorrect help text found") @@ -275,7 +276,7 @@ func TestHelpFlag_Validate_ResultsCodeBashingHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The codebashing command enables the ability to retrieve the link about a specific vulnerability", textCapturedForValidation, "Incorrect help text found") @@ -292,7 +293,7 @@ func TestHelpFlag_Validate_ResultsExitCodeHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The exit-code command enables you to get the exit code and failure details of a requested scan in Checkmarx One", textCapturedForValidation, "Incorrect help text found") @@ -308,7 +309,7 @@ func TestHelpFlag_Validate_TriageHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The 'triage' command enables the ability to manage results in Checkmarx One", textCapturedForValidation, "Incorrect help text found") @@ -325,7 +326,7 @@ func TestHelpFlag_Validate_TriageGetStatesHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The get-states command shows information about each of the custom states that have been configured in your tenant account", textCapturedForValidation, "Incorrect help text found") @@ -341,7 +342,7 @@ func TestHelpFlag_Validate_TriageUpdateHelpMessage(t *testing.T) { } _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The update command enables the ability to triage the results in Checkmarx One", textCapturedForValidation, "Incorrect help text found") @@ -357,7 +358,7 @@ func TestHelpFlag_Validate_TriageShowHelpMessage(t *testing.T) { } _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The show command provides a list of all the predicates in the issue", textCapturedForValidation, "Incorrect help text found") @@ -376,13 +377,13 @@ func TestHelpFlag_Validate_ScanCancelHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The cancel command enables the ability to cancel one or more running scans in Checkmarx One", textCapturedForValidation, "Incorrect help text found") } -// Validate cx scan cancel --help command +// Validate cx scan create --help command func TestHelpFlag_Validate_CxScanCreateHelpOutput(t *testing.T) { referenceFile := "data/console-help-text-log/scanCreateHelpLog.txt" @@ -407,7 +408,7 @@ func TestHelpFlag_Validate_ScanDeleteHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Deletes one or more scans", textCapturedForValidation, "Incorrect help text found") @@ -424,7 +425,7 @@ func TestHelpFlag_Validate_ScanListHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The list command provides a list of all the scans in Checkmarx One", textCapturedForValidation, "Incorrect help text found") @@ -441,7 +442,7 @@ func TestHelpFlag_Validate_ScanShowHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The show command enables the ability to show information about a requested scan in Checkmarx One", textCapturedForValidation, "Incorrect help text found") @@ -458,7 +459,7 @@ func TestHelpFlag_Validate_ScanTagsHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The tags command enables the ability to provide a list of all the available tags in Checkmarx One", textCapturedForValidation, "Incorrect help text found") @@ -475,7 +476,7 @@ func TestHelpFlag_Validate_ScanWorkflowHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The workflow command enables the ability to provide information about a requested scan workflow in Checkmarx One", textCapturedForValidation, "Incorrect help text found") @@ -492,7 +493,7 @@ func TestHelpFlag_Validate_ScanLogsHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "Accepts a scan-id and scan type (sast, iac-security) and downloads the related scan log", textCapturedForValidation, "Incorrect help text found") @@ -509,7 +510,7 @@ func TestHelpFlag_Validate_ScanScaRealtimeHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The sca-realtime command enables the ability to create, run and retrieve results from a sca scan using sca resolver", textCapturedForValidation, "Incorrect help text found") @@ -526,7 +527,7 @@ func TestHelpFlag_Validate_ScanKicsRealtimeHelpMessage(t *testing.T) { _, outputText := executeCommand(t, args...) - normalizedOut := Strip_ANSI(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) textCapturedForValidation := GetFlagHelpText(normalizedOut) assert.Equal(t, "The kics-realtime command enables the ability to create, run and retrieve results from a kics scan using a docker image", textCapturedForValidation, "Incorrect help text found") diff --git a/test/integration/test_helperFunctions.go b/test/integration/test_helperFunctions.go index 8bbf7ed66..f3b63774a 100644 --- a/test/integration/test_helperFunctions.go +++ b/test/integration/test_helperFunctions.go @@ -2,19 +2,20 @@ package integration import ( "bytes" - "gotest.tools/assert" - "io/ioutil" "log" + "os" "regexp" "strings" "testing" + + "gotest.tools/assert" ) /* When cli logs the output in console it prints some texts in the special format e.g. COMMANDS this methos helps to strip this special format from the output */ -func Strip_ANSI(s string) string { +func StripAnsi(s string) string { ansi := regexp.MustCompile(`\x1b\[[0-9;]*m`) return ansi.ReplaceAllString(s, "") @@ -22,8 +23,8 @@ func Strip_ANSI(s string) string { // Returns the first line of information when --help flag is passed along a command func GetFlagHelpText(s string) string { - - linesSepration := strings.SplitN(s, "\n", 2) + lineNumber := 2 + linesSepration := strings.SplitN(s, "\n", lineNumber) textCapturedForValidation := strings.TrimSpace(linesSepration[0]) return textCapturedForValidation @@ -31,15 +32,15 @@ func GetFlagHelpText(s string) string { // Compares the complete console log output against the given text file data func ValidateCompleteConsoleLog(t *testing.T, consoleLog *bytes.Buffer, filePath string) { - //Read the reference file data - referenceData, err := ioutil.ReadFile(filePath) + // Read the reference file data + referenceData, err := os.ReadFile(filePath) if err != nil { log.Fatalf("Error reading help text: %s", err) } - //formats console output and reference file data - normalizedRef := Strip_ANSI(strings.ReplaceAll(string(referenceData), "\r\n", "\n")) - normalizedOut := Strip_ANSI(strings.ReplaceAll(consoleLog.String(), "\r\n", "\n")) + // formats console output and reference file data + normalizedRef := StripAnsi(strings.ReplaceAll(string(referenceData), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(consoleLog.String(), "\r\n", "\n")) assert.Equal(t, normalizedRef, normalizedOut, "Command output doesn't match with given file") }