Merge remote-tracking branch 'origin/main' into fix/IDE-1314_prepending-paths

Author: rrama

go.mod

@@ -31,7 +31,7 @@ require (
 	github.com/oapi-codegen/oapi-codegen/v2 v2.4.1
 	github.com/oapi-codegen/runtime v1.1.1
 	github.com/patrickmn/go-cache v2.1.0+incompatible
-	github.com/snyk/error-catalog-golang-public v0.0.0-20250625135845-2d6f9a31f318
+	github.com/snyk/error-catalog-golang-public v0.0.0-20250812140843-a01d75260003
 	github.com/subosito/gotenv v1.6.0
 	golang.org/x/net v0.38.0
 	golang.org/x/sync v0.13.0

go.sum

@@ -230,8 +230,8 @@ github.com/skeema/knownhosts v1.3.1 h1:X2osQ+RAjK76shCbvhHHHVl3ZlgDm8apHEHFqRjnB
 github.com/skeema/knownhosts v1.3.1/go.mod h1:r7KTdC8l4uxWRyK2TpQZ/1o5HaSzh06ePQNxPwTcfiY=
 github.com/snyk/code-client-go v1.21.3 h1:2+HPXCA9FGn3gaI1Jw1C4Ifn/NRAbSnmohFUvz4GC4I=
 github.com/snyk/code-client-go v1.21.3/go.mod h1:WH6lNkJc785hfXmwhixxWHix3O6z+1zwz40oK8vl/zg=
-github.com/snyk/error-catalog-golang-public v0.0.0-20250625135845-2d6f9a31f318 h1:2bNOlUstBBWHa3doBvdOBlMSu8AC01IHyNexT9MoKiM=
-github.com/snyk/error-catalog-golang-public v0.0.0-20250625135845-2d6f9a31f318/go.mod h1:Ytttq7Pw4vOCu9NtRQaOeDU2dhBYUyNBe6kX4+nIIQ4=
+github.com/snyk/error-catalog-golang-public v0.0.0-20250812140843-a01d75260003 h1:qeXih9sVe/WvhccE3MfEgglnSVKN1xTQBcsA/N96Kzo=
+github.com/snyk/error-catalog-golang-public v0.0.0-20250812140843-a01d75260003/go.mod h1:Ytttq7Pw4vOCu9NtRQaOeDU2dhBYUyNBe6kX4+nIIQ4=
 github.com/snyk/go-httpauth v0.0.0-20231117135515-eb445fea7530 h1:s9PHNkL6ueYRiAKNfd8OVxlUOqU3qY0VDbgCD1f6WQY=
 github.com/snyk/go-httpauth v0.0.0-20231117135515-eb445fea7530/go.mod h1:88KbbvGYlmLgee4OcQ19yr0bNpXpOr2kciOthaSzCAg=
 github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo=

internal/api/api.go

@@ -25,6 +25,7 @@ type ApiClient interface {
 	GetUserMe() (string, error)
 	GetSelf() (contract.SelfResponse, error)
 	GetSastSettings(orgId string) (*sast_contract.SastResponse, error)
+	GetOrgSettings(orgId string) (*contract.OrgSettingsResponse, error)
 }
 
 var _ ApiClient = (*snykApiClient)(nil)
@@ -247,6 +248,29 @@ func (a *snykApiClient) GetSastSettings(orgId string) (*sast_contract.SastRespon
 	return &response, err
 }
 
+func (a *snykApiClient) GetOrgSettings(orgId string) (*contract.OrgSettingsResponse, error) {
+	endpoint := fmt.Sprintf("%s/v1/org/%s/settings", a.url, url.QueryEscape(orgId))
+
+	res, err := a.client.Get(endpoint)
+	if err != nil {
+		return nil, fmt.Errorf("unable to retrieve org settings: %w", err)
+	}
+	//goland:noinspection GoUnhandledErrorResult
+	defer res.Body.Close()
+
+	body, err := io.ReadAll(res.Body)
+	if err != nil {
+		return nil, fmt.Errorf("unable to retrieve org settings: %w", err)
+	}
+
+	var response contract.OrgSettingsResponse
+	if err = json.Unmarshal(body, &response); err != nil {
+		return nil, fmt.Errorf("unable to retrieve org settings (status: %d): %w", res.StatusCode, err)
+	}
+
+	return &response, err
+}
+
 // clientGet performs an HTTP GET request to the Snyk API, handling query parameters,
 // API versioning, and basic error checking.
 //

internal/api/contract/OrgSettingsResponse.go

@@ -0,0 +1,18 @@
+package contract
+
+// API reference: https://docs.snyk.io/snyk-api/reference/organizations-v1#get-org-orgid-settings
+
+type OrgIgnoreSettings struct {
+	ReasonRequired          bool `json:"reasonRequired,omitempty"`
+	AutoApproveIgnores      bool `json:"autoApproveIgnores,omitempty"`
+	ApprovalWorkflowEnabled bool `json:"approvalWorkflowEnabled,omitempty"`
+}
+
+type OrgRequestAccessSettings struct {
+	Enabled bool `json:"enabled,omitempty"`
+}
+
+type OrgSettingsResponse struct {
+	Ignores       *OrgIgnoreSettings        `json:"ignores"`
+	RequestAccess *OrgRequestAccessSettings `json:"requestAccess"`
+}

internal/mocks/api.go

@@ -6,6 +6,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"math/rand"
 	"net/http"
 	"net/url"
 	"sync"
@@ -24,6 +25,7 @@ type config struct {
 	APIVersion            string
 	Logger                *zerolog.Logger
 	lowLevelClientOptions []ClientOption // Options for the oapi-codegen client
+	jitterFunc            func(time.Duration) time.Duration
 }
 
 // ConfigOption allows setting custom parameters during construction
@@ -85,6 +87,13 @@ func WithCustomRequestEditorFn(fn RequestEditorFn) ConfigOption {
 	}
 }
 
+// WithJitterFunc allows setting a custom jitter function for polling.
+func WithJitterFunc(fn func(time.Duration) time.Duration) ConfigOption {
+	return func(c *config) {
+		c.jitterFunc = fn
+	}
+}
+
 type client struct {
 	lowLevelClient ClientWithResponsesInterface
 	config         config
@@ -235,6 +244,7 @@ func NewTestClient(serverBaseUrl string, options ...ConfigOption) (TestClient, e
 	cfg := config{
 		PollInterval: DefaultPollInterval,
 		APIVersion:   DefaultAPIVersion,
+		jitterFunc:   Jitter,
 	}
 
 	for _, opt := range options {
@@ -441,7 +451,9 @@ func contextCanceledError(operationDescription string, contextError error) error
 
 // Query the job endpoint until we're redirected to its 'related' link containing results
 func (h *testHandle) pollJobToCompletion(ctx context.Context) (*uuid.UUID, error) {
-	ticker := time.NewTicker(h.client.config.PollInterval)
+	cfg := h.client.config
+
+	ticker := time.NewTicker(cfg.PollInterval)
 	defer ticker.Stop()
 
 	getJobParams := &GetJobParams{Version: h.client.config.APIVersion}
@@ -463,6 +475,7 @@ func (h *testHandle) pollJobToCompletion(ctx context.Context) (*uuid.UUID, error
 				if stopPolling {
 					return nil, jobErr
 				}
+				ticker.Reset(cfg.jitterFunc(cfg.PollInterval))
 				continue
 
 			case http.StatusSeeOther:
@@ -478,6 +491,7 @@ func (h *testHandle) pollJobToCompletion(ctx context.Context) (*uuid.UUID, error
 					Str("orgID", h.orgID.String()).
 					Str("jobID", h.jobID.String()).
 					Msg("Job polling returned 404 Not Found, continuing polling in case of delayed job creation")
+				ticker.Reset(cfg.jitterFunc(cfg.PollInterval))
 				continue
 
 			default:
@@ -691,3 +705,13 @@ func (r *testResult) handleFindingsError(err error, partialFindings []FindingDat
 func ptr[T any](v T) *T {
 	return &v
 }
+
+// Jitter returns a random duration between 0.5 and 1.5 of the given duration.
+func Jitter(d time.Duration) time.Duration {
+	if d <= 0 {
+		return d
+	}
+	minDur := int64(float64(d) * 0.5)
+	maxDur := int64(float64(d) * 1.5)
+	return time.Duration(rand.Int63n(maxDur-minDur) + minDur)
+}

pkg/apiclients/testapi/testapi.go

@@ -180,7 +180,7 @@ func Test_StartTest_Success(t *testing.T) {
 	// Create our test client
 	testHTTPClient := newTestHTTPClient(t, server)
 	testClient, err := testapi.NewTestClient(server.URL,
-		testapi.WithPollInterval(1*time.Second), // short poll interval for faster tests
+		testapi.WithPollInterval(1*time.Second),
 		testapi.WithCustomHTTPClient(testHTTPClient),
 	)
 	require.NoError(t, err)
@@ -1047,3 +1047,85 @@ func assertTestFinishedWithOutcomeErrorsAndWarnings(t *testing.T, result testapi
 		assert.Nil(t, result.GetWarnings())
 	}
 }
+
+// TestJitter verifies times returned are 0.5-1.5 times the original value,
+// and invalid times are return unmodified.
+func TestJitter(t *testing.T) {
+	t.Parallel()
+	t.Run("returns original duration for zero or negative input", func(t *testing.T) {
+		t.Parallel()
+		assert.Equal(t, time.Duration(0), testapi.Jitter(0))
+		assert.Equal(t, time.Duration(-1), testapi.Jitter(-1))
+	})
+
+	t.Run("returns duration within 0.5x to 1.5x of input", func(t *testing.T) {
+		t.Parallel()
+		duration := 100 * time.Millisecond
+		minDur := time.Duration(float64(duration) * 0.5)
+		maxDur := time.Duration(float64(duration) * 1.5)
+
+		for range 100 {
+			jittered := testapi.Jitter(duration)
+			assert.GreaterOrEqual(t, jittered, minDur)
+			assert.LessOrEqual(t, jittered, maxDur)
+		}
+	})
+}
+
+// Test_Wait_CallsJitter ensures Jitter is called while polling for job completion.
+func Test_Wait_CallsJitter(t *testing.T) {
+	t.Parallel()
+	ctx := context.Background()
+
+	testData := setupTestScenario(t)
+
+	params := testapi.StartTestParams{
+		OrgID:   testData.OrgID.String(),
+		Subject: testData.TestSubjectCreate,
+	}
+
+	// Mock Jitter
+	var jitterCalled bool
+	jitterFunc := func(d time.Duration) time.Duration {
+		jitterCalled = true
+		return d
+	}
+
+	// Mock server handler
+	handlerConfig := TestAPIHandlerConfig{
+		OrgID:       testData.OrgID,
+		JobID:       testData.JobID,
+		TestID:      testData.TestID,
+		APIVersion:  testapi.DefaultAPIVersion,
+		PollCounter: testData.PollCounter,
+		JobPollResponses: []JobPollResponseConfig{
+			{Status: testapi.Pending}, // First poll
+			{ShouldRedirect: true},    // Second poll, redirects
+		},
+		FinalTestResult: FinalTestResultConfig{
+			Outcome: testapi.Pass,
+		},
+	}
+	handler := newTestAPIMockHandler(t, handlerConfig)
+	server, cleanup := startMockServer(t, handler)
+	defer cleanup()
+
+	// Act
+	testHTTPClient := newTestHTTPClient(t, server)
+	testClient, err := testapi.NewTestClient(server.URL,
+		testapi.WithPollInterval(1*time.Second),
+		testapi.WithCustomHTTPClient(testHTTPClient),
+		testapi.WithJitterFunc(jitterFunc),
+	)
+	require.NoError(t, err)
+
+	handle, err := testClient.StartTest(ctx, params)
+	require.NoError(t, err)
+	require.NotNil(t, handle)
+
+	err = handle.Wait(ctx)
+	require.NoError(t, err)
+
+	// Assert
+	assert.True(t, jitterCalled)
+}

pkg/apiclients/testapi/testapi_test.go

@@ -73,7 +73,7 @@ func defaultFuncOrganization(engine workflow.Engine, config configuration.Config
 			logger.Print("Failed to determine default value for \"ORGANIZATION\":", err)
 		}
 
-		return orgId, nil
+		return orgId, err
 	}
 	return callback
 }

pkg/app/app.go

@@ -10,6 +10,7 @@ import (
 	"path/filepath"
 	"runtime"
 	"testing"
+	"time"
 
 	"github.com/golang/mock/gomock"
 	zlog "github.com/rs/zerolog/log"
@@ -211,6 +212,38 @@ func Test_initConfiguration_useDefaultOrg(t *testing.T) {
 	assert.Equal(t, defaultOrgSlug, actualOrgSlug)
 }
 
+func Test_initConfiguration_failDefaultOrgLookup(t *testing.T) {
+	orgId := "someOrgId"
+	// setup mock
+	ctrl := gomock.NewController(t)
+	mockApiClient := mocks.NewMockApiClient(ctrl)
+
+	// mock assertion
+	mockApiClient.EXPECT().Init(gomock.Any(), gomock.Any()).AnyTimes()
+	mockApiClient.EXPECT().GetDefaultOrgId().Return("", errors.New("error")).Times(2)
+	mockApiClient.EXPECT().GetDefaultOrgId().Return(orgId, nil).Times(1)
+
+	config := configuration.NewWithOpts(configuration.WithCachingEnabled(10 * time.Second))
+	engine := workflow.NewWorkFlowEngine(config)
+	apiClientFactory := func(url string, client *http.Client) api.ApiClient {
+		return mockApiClient
+	}
+	initConfiguration(engine, config, &zlog.Logger, apiClientFactory)
+
+	actualOrgId, orgIdError := config.GetStringWithError(configuration.ORGANIZATION)
+	assert.Error(t, orgIdError)
+	assert.Empty(t, actualOrgId)
+
+	actualOrgSlug, slugError := config.GetStringWithError(configuration.ORGANIZATION_SLUG)
+	assert.Error(t, slugError)
+	assert.Empty(t, actualOrgSlug)
+
+	// ensure that if the error resolves, a valid value is returned
+	actualOrgId, orgIdError = config.GetStringWithError(configuration.ORGANIZATION)
+	assert.NoError(t, orgIdError)
+	assert.Equal(t, orgId, actualOrgId)
+}
+
 func Test_initConfiguration_useDefaultOrgAsFallback(t *testing.T) {
 	orgName := "someOrgName"
 	defaultOrgId := "someDefaultOrgId"