Skip to content

fix: fcli aviator ssc audit: Reject --skip-if-exceeding-quota with --…#1019

Open
kireetivar wants to merge 2 commits into
fortify:feat/v3.x/aviator/26.3from
kireetivar:p/kireetivar/option_bug
Open

fix: fcli aviator ssc audit: Reject --skip-if-exceeding-quota with --…#1019
kireetivar wants to merge 2 commits into
fortify:feat/v3.x/aviator/26.3from
kireetivar:p/kireetivar/option_bug

Conversation

@kireetivar
Copy link
Copy Markdown
Contributor

@kireetivar kireetivar commented May 29, 2026

This change prevents users from combining --skip-if-exceeding-quota and --folder-priority-order on fcli aviator ssc audit These options represent conflicting behaviors, so the command now fails fast with a clear validation error instead of skipping audit execution before folder prioritization can apply.

The change also keeps the SSC bulk audit action aligned with the same validation and adds regression coverage for the direct command path.

@kireetivar kireetivar self-assigned this May 29, 2026
@kireetivar kireetivar requested a review from rsenden May 29, 2026 06:40
@kireetivar kireetivar marked this pull request as ready for review May 29, 2026 06:40
rsenden
rsenden requested changes May 29, 2026
View reviewed changes
Comment thread ...e/fcli-app/src/test/java/com/fortify/cli/aviator/ssc/cli/cmd/AviatorSSCAuditCommandTest.java

import picocli.CommandLine;

public class AviatorSSCAuditCommandTest {
Copy link
Copy Markdown
Contributor

@rsenden rsenden May 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The fcli-app module currently only contains unit tests for asserting generic fcli characteristics, no module/command-specific tests. I think it would make more sense to move this test scenario to fcli-functional-test, using existing functional test infrastructure to expect an error when running this fcli command with invalid combination of options. Potentially, this would also allow you to test the same scenario on the bulkaudit.yaml action.

Comment thread ...e/fcli-aviator/src/main/java/com/fortify/cli/aviator/ssc/cli/cmd/AviatorSSCAuditCommand.java
@Option(names = {"--no-filterset"}) private boolean noFilterSet;
@Option(names = {"--folder"}, split = ",") @DisableTest(DisableTest.TestType.MULTI_OPT_PLURAL_NAME) private List<String> folderNames;
@Option(names = {"--skip-if-exceeding-quota"}) private boolean skipIfExceedingQuota;
@ArgGroup(exclusive = true, multiplicity = "0..1") private QuotaHandlingArgGroup quotaHandlingArgGroup = new QuotaHandlingArgGroup();
Copy link
Copy Markdown
Contributor

@rsenden rsenden May 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Theoretically, this should be considered a breaking change as previous fcli versions allowed both options to be specified on a single invocation. If anyone has both options in some workflow/automation, this would now result in an error being reported instead of silently ignoring one of the options. As previous behavior was incorrect, I guess it's fine to classify this as a bug fix only though, not a breaking change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rsenden rsenden rsenden requested changes

Assignees

@kireetivar kireetivar

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kireetivar @rsenden