Ane 1808 suppress reachability notice (#1440)

* Don't summarize reachability analysis if it isn't enabled for the org.

* Skip reachability analysis entirely if the org doesn't support it.

* Fix specs.

* Remove extraneous check.

* spec fixes.

* Update comment.

* Changelog entry.

Author: csasarak

Changelog.md

@@ -1,5 +1,9 @@
 # FOSSA CLI Changelog
 
+## Unreleased
+
+- Reachability: For organizations that don't have reachability turned on suppress messages about it. ([#1440](https://github.com/fossas/fossa-cli/pull/1440))
+
 ## 3.9.22
 - Fixes release group flags for `fossa analyze` and `fossa container analyze`  ([#1439](https://github.com/fossas/fossa-cli/pull/1439))
 

src/App/Fossa/Analyze.hs

@@ -120,6 +120,7 @@ import Effect.Logger (
  )
 import Effect.ReadFS (ReadFS)
 import Errata (Errata (..))
+import Fossa.API.Types (Organization (Organization, orgSupportsReachability))
 import Path (Abs, Dir, Path, toFilePath)
 import Path.IO (makeRelative)
 import Prettyprinter (
@@ -302,9 +303,10 @@ analyze cfg = Diag.context "fossa-analyze" $ do
           pure Nothing
         else Diag.context "fossa-deps" . runStickyLogger SevInfo $ analyzeFossaDepsFile basedir customFossaDepsFile maybeApiOpts vendoredDepsOptions
 
-  _ <- case destination of
-    OutputStdout -> pure ()
-    UploadScan apiOpts metadata -> runFossaApiClient apiOpts $ preflightChecks $ AnalyzeChecks revision metadata
+  orgInfo <- case destination of
+    OutputStdout -> pure Nothing
+    UploadScan apiOpts metadata ->
+      fmap Just . runFossaApiClient apiOpts . preflightChecks $ AnalyzeChecks revision metadata
 
   -- additional source units are built outside the standard strategy flow, because they either
   -- require additional information (eg API credentials), or they return additional information (eg user deps).
@@ -406,7 +408,10 @@ analyze cfg = Diag.context "fossa-analyze" $ do
     (False, _) -> traverse (withPathDependencyNudge includeAll) filteredProjects
   logDebug $ "Filtered projects with path dependencies: " <> pretty (show filteredProjects')
 
-  reachabilityUnitsResult <- Diag.context "reachability analysis" . runReader (Config.reachabilityConfig cfg) $ analyzeForReachability projectScans
+  reachabilityUnitsResult <-
+    case orgInfo of
+      (Just (Organization{orgSupportsReachability = False})) -> pure []
+      _ -> Diag.context "reachability analysis" . runReader (Config.reachabilityConfig cfg) $ analyzeForReachability projectScans
   let reachabilityUnits = onlyFoundUnits reachabilityUnitsResult
 
   let analysisResult = AnalysisScanResult projectScans vsiResults binarySearchResults manualSrcUnits dynamicLinkedResults maybeLernieResults reachabilityUnitsResult

src/App/Fossa/Analyze/ScanSummary.hs

@@ -217,9 +217,14 @@ summarize cfg endpointVersion (AnalysisScanResult dps vsi binary manualDeps dyna
           <> summarizeSrcUnit "fossa-deps file analysis" (Just getManualVendorDepsIdentifier) manualDeps
           <> summarizeSrcUnit "Keyword Search" (Just getLernieIdentifier) (lernieResultsKeywordSearches <$$> lernie)
           <> summarizeSrcUnit "Custom-License Search" (Just getLernieIdentifier) (lernieResultsCustomLicenses <$$> lernie)
-          <> summarizeReachability "Reachability analysis" reachabilityAttempts
+          <> reachabilitySummary
           <> [""]
   where
+    reachabilitySummary =
+      if null reachabilityAttempts
+        then
+          []
+        else summarizeReachability "Reachability analysis" reachabilityAttempts
     vsiResults = summarizeSrcUnit "vsi analysis" (Just (join . map vsiSourceUnits)) vsi
     projects = sort dps
     totalScanCount =

src/App/Fossa/Container/AnalyzeNative.hs

@@ -109,7 +109,11 @@ analyze cfg = do
 
   _ <- case scanDestination cfg of
     OutputStdout -> pure ()
-    UploadScan apiOpts projectMetadata -> runFossaApiClient apiOpts $ preflightChecks $ AnalyzeChecks revision projectMetadata
+    UploadScan apiOpts projectMetadata ->
+      void
+        . runFossaApiClient apiOpts
+        . preflightChecks
+        $ AnalyzeChecks revision projectMetadata
 
   logInfo ("Using project name: `" <> pretty (projectName revision) <> "`")
   logInfo ("Using project revision: `" <> pretty (projectRevision revision) <> "`")

src/App/Fossa/Lernie/Analyze.hs

@@ -91,8 +91,9 @@ analyzeWithLernieWithOrgInfo ::
   GrepOptions ->
   m (Maybe LernieResults)
 analyzeWithLernieWithOrgInfo rootDir grepOptions = do
-  orgWideCustomLicenses <- orgCustomLicenseScanConfigs <$> getOrganization
-  uploadKind <- orgFileUpload <$> getOrganization
+  org <- getOrganization
+  let orgWideCustomLicenses = orgCustomLicenseScanConfigs org
+      uploadKind = orgFileUpload org
 
   let options = grepOptions{customLicenseSearch = nub $ orgWideCustomLicenses <> customLicenseSearch grepOptions}
   analyzeWithLernieMain rootDir options uploadKind

src/App/Fossa/PreflightChecks.hs

@@ -41,22 +41,24 @@ data PreflightCommandChecks
   | ReportChecks
   | AssertUserDefinedBinariesChecks
 
+-- | Returns the Organization fetched as part of the checks.
 guardWithPreflightChecks ::
   ( Has Diagnostics sig m
   , Has (Lift IO) sig m
   ) =>
   ApiOpts ->
   PreflightCommandChecks ->
-  m ()
+  m Organization
 guardWithPreflightChecks apiOpts cmd = ignoreDebug $ runFossaApiClient apiOpts $ preflightChecks cmd
 
+-- | Returns the Organization fetched as part of the checks.
 preflightChecks ::
   ( Has Diagnostics sig m
   , Has (Lift IO) sig m
   , Has FossaApiClient sig m
   ) =>
   PreflightCommandChecks ->
-  m ()
+  m Organization
 preflightChecks cmd = context "preflight-checks" $ do
   -- Check for writing to temp dir
   tmpDir <- sendIO getTempDir
@@ -78,6 +80,7 @@ preflightChecks cmd = context "preflight-checks" $ do
             fullAccessTokenCheck tokenType
             premiumSubscriptionCheck org
           _ -> pure ()
+  pure org
 
 uploadBuildPermissionsCheck :: Has Diagnostics sig m => CustomBuildUploadPermissions -> m ()
 uploadBuildPermissionsCheck CustomBuildUploadPermissions{..} =

src/App/Fossa/SBOM/Analyze.hs

@@ -37,7 +37,7 @@ analyze config = do
   let emptyMetadata = ProjectMetadata Nothing Nothing Nothing Nothing Nothing Nothing [] Nothing
   let apiOpts = sbomApiOpts config
   trackUsage SBOMAnalyzeUsage
-  runFossaApiClient apiOpts . preflightChecks $ AnalyzeChecks (sbomRevision config) emptyMetadata
+  void . runFossaApiClient apiOpts . preflightChecks $ AnalyzeChecks (sbomRevision config) emptyMetadata
   runFossaApiClient apiOpts . runStickyLogger (severity config) $ analyzeInternal config
 
 analyzeInternal ::

test/App/Fossa/PreflightChecksSpec.hs

@@ -4,6 +4,10 @@ import App.Fossa.PreflightChecks (PreflightCommandChecks (..), preflightChecks)
 import Control.Algebra (Has)
 import Control.Carrier.Debug (ignoreDebug)
 import Control.Effect.FossaApiClient (FossaApiClientF (..))
+import Fossa.API.Types (
+  Organization (orgSubscription, orgSupportsPreflightChecks),
+  Subscription (Premium),
+ )
 import Test.Effect (expectFatal', it', shouldBe')
 import Test.Fixtures qualified as Fixtures
 import Test.Hspec (Spec)
@@ -38,12 +42,13 @@ spec = do
     it' "should pass all checks for test command" $ do
       expectOrganizationWithPreflightChecks
       res <- ignoreDebug $ preflightChecks TestChecks
-      res `shouldBe'` ()
+      res `shouldBe'` Fixtures.organizationWithPreflightChecks
     it' "should pass all check for report command" $ do
+      let expected = Fixtures.organizationWithPreflightChecks{orgSubscription = Premium}
       expectOrganizationWithPremiumSubscription
       expectFullAccessToken
       res <- preflightChecks ReportChecks
-      res `shouldBe'` ()
+      res `shouldBe'` expected
     it' "should fail full access token check for report command" $ do
       expectOrganizationWithPremiumSubscription
       expectPushToken
@@ -56,11 +61,12 @@ spec = do
       expectOrganizationWithPreflightChecks
       (GetCustomBuildPermissons Fixtures.projectRevision Fixtures.projectMetadata) `returnsOnce` Fixtures.validCustomUploadPermissions
       res <- ignoreDebug $ preflightChecks analyzeChecks
-      res `shouldBe'` ()
+      res `shouldBe'` Fixtures.organizationWithPreflightChecks
     it' "should pass all checks while skipping permission checks for analyze command" $ do
+      let expected = Fixtures.organizationWithPreflightChecks{orgSupportsPreflightChecks = False}
       expectOrganization
       res <- ignoreDebug $ preflightChecks analyzeChecks
-      res `shouldBe'` ()
+      res `shouldBe'` expected
     it' "should fail edit project check for analyze command" $ do
       expectOrganizationWithPreflightChecks
       (GetCustomBuildPermissons Fixtures.projectRevision Fixtures.projectMetadata) `returnsOnce` Fixtures.invalidEditProjectPermission