feat: update test-service to 2025-04-07 and support new commitId metadata (#124)

Author: j-luong

.gitignore

@@ -53,4 +53,5 @@ scripts/__pycache__/
 internal/workspace/**/**/*.yaml
 !internal/workspace/**/**/*.config.yaml
 internal/orchestration/**/**/*.yaml
-!internal/orchestration/**/**/*.config.yaml
+!internal/orchestration/**/**/*.config.yaml
+.cursor

internal/analysis/analysis.go

@@ -35,8 +35,8 @@ import (
 	"github.com/snyk/code-client-go/bundle"
 	"github.com/snyk/code-client-go/config"
 	codeClientHTTP "github.com/snyk/code-client-go/http"
-	testApi "github.com/snyk/code-client-go/internal/api/test/2024-12-21"
-	testModels "github.com/snyk/code-client-go/internal/api/test/2024-12-21/models"
+	testApi "github.com/snyk/code-client-go/internal/api/test/2025-04-07"
+	testModels "github.com/snyk/code-client-go/internal/api/test/2025-04-07/models"
 	"github.com/snyk/code-client-go/observability"
 	"github.com/snyk/code-client-go/sarif"
 	"github.com/snyk/code-client-go/scan"
@@ -66,7 +66,7 @@ type analysisOrchestrator struct {
 	logger         *zerolog.Logger
 	trackerFactory scan.TrackerFactory
 	config         config.Config
-	testType       testModels.Scan
+	testType       testModels.ResultType
 }
 
 var _ AnalysisOrchestrator = (*analysisOrchestrator)(nil)
@@ -97,7 +97,7 @@ func WithTrackerFactory(factory scan.TrackerFactory) func(*analysisOrchestrator)
 	}
 }
 
-func WithResultType(t testModels.Scan) func(*analysisOrchestrator) {
+func WithResultType(t testModels.ResultType) func(*analysisOrchestrator) {
 	return func(a *analysisOrchestrator) {
 		a.testType = t
 	}
@@ -231,14 +231,21 @@ func (a *analysisOrchestrator) createTestAndGetResults(ctx context.Context, orgI
 }
 
 func (a *analysisOrchestrator) RunTest(ctx context.Context, orgId string, b bundle.Bundle, target scan.Target, reportingConfig AnalysisConfig) (*sarif.SarifResponse, *scan.ResultMetaData, error) {
+	var commitId *string = nil
 	var repoUrl *string = nil
 	if repoTarget, ok := target.(*scan.RepositoryTarget); ok {
-		tmp := repoTarget.GetRepositoryUrl()
-		repoUrl = &tmp
+		tmpRepoUrl := repoTarget.GetRepositoryUrl()
+		if len(tmpRepoUrl) > 0 {
+			repoUrl = &tmpRepoUrl
+		}
+		tmpCommitId := repoTarget.GetCommitId()
+		if len(tmpCommitId) > 0 {
+			commitId = &tmpCommitId
+		}
 	}
 
 	body := testApi.NewCreateTestApplicationBody(
-		testApi.WithInputBundle(b.GetBundleHash(), target.GetPath(), repoUrl, b.GetLimitToFiles()),
+		testApi.WithInputBundle(b.GetBundleHash(), target.GetPath(), repoUrl, b.GetLimitToFiles(), commitId),
 		testApi.WithScanType(a.testType),
 		testApi.WithProjectName(reportingConfig.ProjectName),
 		testApi.WithTargetName(reportingConfig.TargetName),
@@ -330,38 +337,96 @@ func (a *analysisOrchestrator) retrieveTestURL(ctx context.Context, client *test
 		}
 
 		switch stateDiscriminator {
-		case string(testModels.TestAcceptedStateStatusAccepted):
+		case string(testModels.Accepted):
 			fallthrough
-		case string(testModels.TestInProgressStateStatusInProgress):
+		case string(testModels.InProgress):
 			return nil, false, nil
-		case string(testModels.TestCompletedStateStatusCompleted):
-			testCompleted, stateCompleteError := parsedResponse.ApplicationvndApiJSON200.Data.Attributes.AsTestCompletedState()
+		case string(testModels.Completed):
+			_, stateCompleteError := parsedResponse.ApplicationvndApiJSON200.Data.Attributes.AsTestCompletedState()
 			if stateCompleteError != nil {
 				return nil, false, stateCompleteError
 			}
-
-			findingsUrl := a.host(true) + testCompleted.Documents.EnrichedSarif + "?version=" + testApi.DocumentApiVersion
-			result := &scan.ResultMetaData{
-				FindingsUrl: findingsUrl,
-			}
-
-			if testCompleted.Results.Webui != nil {
-				if testCompleted.Results.Webui.Link != nil {
-					result.WebUiUrl = *testCompleted.Results.Webui.Link
-				}
-				if testCompleted.Results.Webui.ProjectId != nil {
-					result.ProjectId = testCompleted.Results.Webui.ProjectId.String()
-				}
-				if testCompleted.Results.Webui.SnapshotId != nil {
-					result.SnapshotId = testCompleted.Results.Webui.SnapshotId.String()
-				}
+			components, err := a.retrieveTestComponents(ctx, client, org, testId)
+			if err != nil {
+				return nil, false, err
 			}
 
-			return result, true, nil
+			return components, true, nil
 		default:
 			return nil, false, fmt.Errorf("unexpected test status \"%s\"", stateDiscriminator)
 		}
 	default:
 		return nil, false, fmt.Errorf("unexpected response status \"%d\"", parsedResponse.StatusCode())
 	}
 }
+
+func (a *analysisOrchestrator) retrieveTestComponents(ctx context.Context, client *testApi.Client, org uuid.UUID, testId openapi_types.UUID) (*scan.ResultMetaData, error) {
+	method := "analysis.retrieveTestComponents"
+	logger := a.logger.With().Str("method", method).Logger()
+	logger.Debug().Msg("retrieving Test Components")
+
+	httpResponse, err := client.GetComponents(
+		ctx,
+		org,
+		testId,
+		&testApi.GetComponentsParams{Version: testApi.ApiVersion},
+	)
+
+	if err != nil {
+		logger.Err(err).Str("testId", testId.String()).Msg("error requesting the test components")
+		return nil, err
+	}
+
+	defer func() {
+		closeErr := httpResponse.Body.Close()
+		if closeErr != nil {
+			a.logger.Err(closeErr).Msg("failed to close response body")
+		}
+	}()
+
+	parsedResponse, err := testApi.ParseGetComponentsResponse(httpResponse)
+	if err != nil {
+		return nil, err
+	}
+
+	if parsedResponse.ApplicationvndApiJSON200 == nil {
+		return nil, fmt.Errorf("%s: unexpected response status \"%d\"", method, parsedResponse.StatusCode())
+	}
+	data := parsedResponse.ApplicationvndApiJSON200.Data
+	var sastComponent *testModels.GetComponentsResponseItem
+	for _, component := range data {
+		if component.Attributes.Type == "sast" {
+			a.logger.Trace().Msgf("inner component: %+v", component)
+			sastComponent = &component
+			break
+		}
+	}
+	if sastComponent == nil {
+		return nil, fmt.Errorf("%s: no sast component found", method)
+	}
+
+	result := &scan.ResultMetaData{}
+	attributes := sastComponent.Attributes
+
+	if !attributes.Success {
+		return nil, fmt.Errorf("%s: sast scan did not complete successfully", method)
+	}
+
+	if attributes.FindingsDocumentType != nil && *attributes.FindingsDocumentType == testModels.Sarif {
+		findingsUrl := a.host(true) + *attributes.FindingsDocumentPath + "?version=" + testApi.DocumentApiVersion
+		result.FindingsUrl = findingsUrl
+
+		if attributes.Webui != nil {
+			if attributes.Webui.Link != nil {
+				result.WebUiUrl = *attributes.Webui.Link
+			}
+			if attributes.Webui.ProjectId != nil {
+				result.ProjectId = attributes.Webui.ProjectId.String()
+			}
+			if attributes.Webui.SnapshotId != nil {
+				result.SnapshotId = attributes.Webui.SnapshotId.String()
+			}
+		}
+	}
+	return result, nil
+}

internal/analysis/analysis_test.go

@@ -32,11 +32,14 @@ import (
 	"github.com/stretchr/testify/mock"
 	"github.com/stretchr/testify/require"
 
+	openapi_types "github.com/oapi-codegen/runtime/types"
 	mocks2 "github.com/snyk/code-client-go/bundle/mocks"
 	confMocks "github.com/snyk/code-client-go/config/mocks"
 	httpmocks "github.com/snyk/code-client-go/http/mocks"
 	"github.com/snyk/code-client-go/internal/analysis"
-	v20241221 "github.com/snyk/code-client-go/internal/api/test/2024-12-21"
+	v20250407 "github.com/snyk/code-client-go/internal/api/test/2025-04-07"
+	externalRef0 "github.com/snyk/code-client-go/internal/api/test/2025-04-07/common"
+	v20250407Models "github.com/snyk/code-client-go/internal/api/test/2025-04-07/models"
 	"github.com/snyk/code-client-go/observability/mocks"
 	"github.com/snyk/code-client-go/sarif"
 	"github.com/snyk/code-client-go/scan"
@@ -51,11 +54,55 @@ func mockDeriveErrorFromStatusCode(statusCode int) error {
 	return fmt.Errorf("Statuscode: %d", statusCode)
 }
 
-func mockGetDocumentResponse(t *testing.T, sarifResponse sarif.SarifDocument, expectedDocumentPath string, mockHTTPClient *httpmocks.MockHTTPClient, responseCode int) {
+func mockTestStatusResponse(t *testing.T, mockHTTPClient *httpmocks.MockHTTPClient, orgId string, testId uuid.UUID, responseCode int) {
+	t.Helper()
+
+	response := v20250407Models.TestResult{
+		Data: struct {
+			Attributes v20250407Models.TestState          `json:"attributes"`
+			Id         openapi_types.UUID                 `json:"id"`
+			Type       v20250407Models.TestResultDataType `json:"type"`
+		}{
+			Id:   testId,
+			Type: v20250407Models.TestResultDataTypeTest,
+		},
+		Jsonapi: externalRef0.JsonApi{Version: "1.0"},
+		Links:   externalRef0.SelfLink{Self: &externalRef0.LinkProperty{}},
+	}
+
+	completedStateJSON := map[string]interface{}{
+		"created_at": time.Now().Format(time.RFC3339),
+		"status":     "completed",
+		"result":     "passed",
+	}
+
+	stateBytes, err := json.Marshal(completedStateJSON)
+	assert.NoError(t, err)
+	response.Data.Attributes = v20250407Models.TestState{}
+	err = response.Data.Attributes.UnmarshalJSON(stateBytes)
+	assert.NoError(t, err)
+
+	responseBodyBytes, err := json.Marshal(response)
+	assert.NoError(t, err)
+
+	expectedTestStatusUrl := fmt.Sprintf("http://localhost/hidden/orgs/%s/tests/%s?version=%s", orgId, testId, v20250407.ApiVersion)
+	mockHTTPClient.EXPECT().Do(mock.MatchedBy(func(i interface{}) bool {
+		req := i.(*http.Request)
+		return req.URL.String() == expectedTestStatusUrl && req.Method == http.MethodGet
+	})).Times(1).Return(&http.Response{
+		StatusCode: responseCode,
+		Header: http.Header{
+			"Content-Type": []string{"application/json"},
+		},
+		Body: io.NopCloser(bytes.NewReader(responseBodyBytes)),
+	}, mockDeriveErrorFromStatusCode(responseCode))
+}
+
+func mockGetComponentResponse(t *testing.T, sarifResponse sarif.SarifDocument, expectedDocumentPath string, mockHTTPClient *httpmocks.MockHTTPClient, responseCode int) {
 	t.Helper()
 	responseBodyBytes, err := json.Marshal(sarifResponse)
 	assert.NoError(t, err)
-	expectedDocumentUrl := fmt.Sprintf("http://localhost/hidden%s?version=%s", expectedDocumentPath, v20241221.DocumentApiVersion)
+	expectedDocumentUrl := fmt.Sprintf("http://localhost/hidden%s?version=%s", expectedDocumentPath, v20250407.DocumentApiVersion)
 	mockHTTPClient.EXPECT().Do(mock.MatchedBy(func(i interface{}) bool {
 		req := i.(*http.Request)
 		return req.URL.String() == expectedDocumentUrl
@@ -70,18 +117,20 @@ func mockGetDocumentResponse(t *testing.T, sarifResponse sarif.SarifDocument, ex
 
 func mockResultCompletedResponse(t *testing.T, mockHTTPClient *httpmocks.MockHTTPClient, expectedWebuilink string, projectId uuid.UUID, snapshotId uuid.UUID, orgId string, testId uuid.UUID, documentPath string, responseCode int) {
 	t.Helper()
-	response := v20241221.NewTestResponse()
-	state := v20241221.NewTestCompleteState()
-	state.Documents.EnrichedSarif = documentPath
-	state.Results.Webui.Link = &expectedWebuilink
-	state.Results.Webui.ProjectId = &projectId
-	state.Results.Webui.SnapshotId = &snapshotId
-	stateBytes, err := json.Marshal(state)
-	assert.NoError(t, err)
-	response.Data.Attributes.UnmarshalJSON(stateBytes)
-	responseBodyBytes, err := json.Marshal(response)
+	state := v20250407.NewGetComponentsState()
+	state.Data[0].Attributes.Type = "sast"
+	state.Data[0].Attributes.FindingsDocumentPath = &documentPath
+	findingsDocumentType := v20250407Models.Sarif
+	state.Data[0].Attributes.FindingsDocumentType = &findingsDocumentType
+	state.Data[0].Attributes.Success = true
+	state.Data[0].Attributes.Webui = &v20250407Models.WebUI{
+		Link:       &expectedWebuilink,
+		ProjectId:  &projectId,
+		SnapshotId: &snapshotId,
+	}
+	responseBodyBytes, err := json.Marshal(state)
 	assert.NoError(t, err)
-	expectedRetrieveTestUrl := fmt.Sprintf("http://localhost/hidden/orgs/%s/tests/%s?version=%s", orgId, testId, v20241221.ApiVersion)
+	expectedRetrieveTestUrl := fmt.Sprintf("http://localhost/hidden/orgs/%s/tests/%s/components?version=%s", orgId, testId, v20250407.ApiVersion)
 	mockHTTPClient.EXPECT().Do(mock.MatchedBy(func(i interface{}) bool {
 		req := i.(*http.Request)
 		return req.URL.String() == expectedRetrieveTestUrl
@@ -96,13 +145,15 @@ func mockResultCompletedResponse(t *testing.T, mockHTTPClient *httpmocks.MockHTT
 
 func mockTestCreatedResponse(t *testing.T, mockHTTPClient *httpmocks.MockHTTPClient, testId uuid.UUID, orgId string, responseCode int) {
 	t.Helper()
-	response := v20241221.NewTestResponse()
+	response := v20250407.NewTestResponse()
 	response.Data.Id = testId
 	responseBodyBytes, err := json.Marshal(response)
 	assert.NoError(t, err)
-	expectedTestCreatedUrl := fmt.Sprintf("http://localhost/hidden/orgs/%s/tests?version=%s", orgId, v20241221.ApiVersion)
+	expectedTestCreatedUrl := fmt.Sprintf("http://localhost/hidden/orgs/%s/tests?version=%s", orgId, v20250407.ApiVersion)
 	mockHTTPClient.EXPECT().Do(mock.MatchedBy(func(i interface{}) bool {
 		req := i.(*http.Request)
+		validateTestRequestBody(t, req.Body)
+
 		return req.URL.String() == expectedTestCreatedUrl &&
 			req.Method == http.MethodPost
 	})).Times(1).Return(&http.Response{
@@ -114,6 +165,23 @@ func mockTestCreatedResponse(t *testing.T, mockHTTPClient *httpmocks.MockHTTPCli
 	}, mockDeriveErrorFromStatusCode(responseCode))
 }
 
+func validateTestRequestBody(t *testing.T, request io.Reader) {
+	t.Helper()
+	body, _ := io.ReadAll(request)
+	var testRequestBody v20250407Models.CreateTestRequestBody
+	err := json.Unmarshal(body, &testRequestBody)
+	assert.NoError(t, err)
+	bundle, err := testRequestBody.Data.Attributes.Input.AsTestInputSourceBundle()
+	assert.NoError(t, err)
+
+	if bundle.Metadata.CommitId != nil {
+		assert.Regexp(t, "^[0-9a-f]{40}$", *bundle.Metadata.CommitId)
+	}
+	if bundle.Metadata.RepoUrl != nil {
+		assert.Regexp(t, "^[email protected]:[a-zA-Z0-9_-]+/[a-zA-Z0-9_-]+.git$", *bundle.Metadata.RepoUrl)
+	}
+}
+
 func setup(t *testing.T, timeout *time.Duration) (*confMocks.MockConfig, *httpmocks.MockHTTPClient, *mocks.MockInstrumentor, *mocks.MockErrorReporter, *trackerMocks.MockTracker, *trackerMocks.MockTrackerFactory, zerolog.Logger) {
 	t.Helper()
 	ctrl := gomock.NewController(t)
@@ -164,6 +232,9 @@ func TestAnalysis_RunTest(t *testing.T) {
 	// Test Created Response
 	mockTestCreatedResponse(t, mockHTTPClient, testId, orgId, http.StatusCreated)
 
+	// Test Status Response
+	mockTestStatusResponse(t, mockHTTPClient, orgId, testId, http.StatusOK)
+
 	// Get Test Result Response
 	expectedWebuilink := ""
 	expectedDocumentPath := "/1234"
@@ -173,7 +244,8 @@ func TestAnalysis_RunTest(t *testing.T) {
 	sarifResponse := sarif.SarifDocument{
 		Version: "42.0",
 	}
-	mockGetDocumentResponse(t, sarifResponse, expectedDocumentPath, mockHTTPClient, http.StatusOK)
+
+	mockGetComponentResponse(t, sarifResponse, expectedDocumentPath, mockHTTPClient, http.StatusOK)
 
 	analysisOrchestrator := analysis.NewAnalysisOrchestrator(
 		mockConfig,
@@ -219,6 +291,9 @@ func TestAnalysis_RunTestRemote(t *testing.T) {
 	// Test Created Response
 	mockTestCreatedResponse(t, mockHTTPClient, testId, orgId, http.StatusCreated)
 
+	// Test Status Response
+	mockTestStatusResponse(t, mockHTTPClient, orgId, testId, http.StatusOK)
+
 	// Get Test Result Response
 	expectedWebuilink := ""
 	expectedDocumentPath := "/1234"
@@ -228,7 +303,7 @@ func TestAnalysis_RunTestRemote(t *testing.T) {
 	sarifResponse := sarif.SarifDocument{
 		Version: "42.0",
 	}
-	mockGetDocumentResponse(t, sarifResponse, expectedDocumentPath, mockHTTPClient, http.StatusOK)
+	mockGetComponentResponse(t, sarifResponse, expectedDocumentPath, mockHTTPClient, http.StatusOK)
 
 	analysisOrchestrator := analysis.NewAnalysisOrchestrator(
 		mockConfig,
@@ -312,6 +387,9 @@ func TestAnalysis_RunTestRemote_PollingFailed(t *testing.T) {
 	// Test Created Response
 	mockTestCreatedResponse(t, mockHTTPClient, testId, orgId, http.StatusCreated)
 
+	// Test Status Response
+	mockTestStatusResponse(t, mockHTTPClient, orgId, testId, http.StatusOK)
+
 	// Get Test Result Response
 	expectedWebuilink := ""
 	expectedDocumentPath := "/1234"
@@ -356,6 +434,9 @@ func TestAnalysis_RunTestRemote_GetDocumentFailed(t *testing.T) {
 	// Test Created Response
 	mockTestCreatedResponse(t, mockHTTPClient, testId, orgId, http.StatusCreated)
 
+	// Test Status Response
+	mockTestStatusResponse(t, mockHTTPClient, orgId, testId, http.StatusOK)
+
 	// Get Test Result Response
 	expectedWebuilink := ""
 	expectedDocumentPath := "/1234"
@@ -365,7 +446,7 @@ func TestAnalysis_RunTestRemote_GetDocumentFailed(t *testing.T) {
 	sarifResponse := sarif.SarifDocument{
 		Version: "42.0",
 	}
-	mockGetDocumentResponse(t, sarifResponse, expectedDocumentPath, mockHTTPClient, http.StatusInternalServerError)
+	mockGetComponentResponse(t, sarifResponse, expectedDocumentPath, mockHTTPClient, http.StatusInternalServerError)
 
 	analysisOrchestrator := analysis.NewAnalysisOrchestrator(
 		mockConfig,