Optimized the sha verification logic and test fixes

Author: cx-atish-jadhav

src/main/osinstaller/CxInstaller.ts

@@ -21,7 +21,7 @@ interface PlatformData {
 export class CxInstaller {
     private readonly platform: SupportedPlatforms;
     private cliVersion: string;
-    private cliChecksum: string | null;
+    private cliChecksum: string;
     private readonly resourceDirPath: string;
     private readonly installedCLIVersionFileName = 'cli-version';
     private readonly client: AstClient;
@@ -40,9 +40,9 @@ export class CxInstaller {
     }
 
     // Returns the CLI version and its platform-specific SHA-256 checksum.
-    // Reads from version and checksums files. Throws CxError if version is absent or version file is empty.
+    // Throws CxError if the version or checksums file is missing, empty, or has no entry for the current platform.
     // Result is cached after the first read.
-    async readASTCLIVersion(): Promise<{ version: string; checksum: string | null }> {
+    async readASTCLIVersion(): Promise<{ version: string; checksum: string }> {
         if (this.cliVersion) {
             return { version: this.cliVersion, checksum: this.cliChecksum };
         }
@@ -51,29 +51,28 @@ export class CxInstaller {
         const architecture = this.getArchitecture();
         const key = `${platformData.platform}_${architecture}`;
 
-        let version: string | null = null;
+        let version: string;
         try {
             const content = await fsPromises.readFile(this.getVersionFilePath(), 'utf-8');
             const trimmed = content.trim();
-            if (trimmed) version = trimmed;
-        } catch {
-            // version file absent — will throw error below
-        }
-
-        if (version === null) {
-            throw new CxError(`CLI version not found`);
+            if (!trimmed) throw new CxError('CLI version not found');
+            version = trimmed;
+        } catch (error) {
+            if (error instanceof CxError) throw error;
+            throw new CxError('CLI version not found');
         }
 
-        let checksum: string | null;
+        let checksum: string;
         try {
             const content = await fsPromises.readFile(this.getChecksumsFilePath(), 'utf-8');
-            checksum = (JSON.parse(content) as Record<string, string>)[key] ?? null;
-            if (checksum === null) {
-                logger.warn(`No checksum found for ${key} in checksums file. Download will not be verified.`);
+            const parsed = (JSON.parse(content) as Record<string, string>);
+            if (!parsed[key]) {
+                throw new CxError(`No checksum found for ${key} in checksums file.`);
             }
-        } catch {
-            logger.warn(`Checksums file not found. Download of version ${version} will not be verified.`);
-            checksum = null;
+            checksum = parsed[key];
+        } catch (error) {
+            if (error instanceof CxError) throw error;
+            throw new CxError(`Checksums file not found. Download of version ${version} will not be verified.`);
         }
 
         this.cliVersion = version;

src/tests/CxInstallerTest.test.ts

@@ -3,6 +3,7 @@ import { anyString, mock, instance, when, verify } from "ts-mockito";
 import { AstClient } from "../main/client/AstClient";
 import * as fs from "fs";
 import * as crypto from "crypto";
+import * as path from "path";
 
 // Mock AstClient and set up an instance from it
 const astClientMock = mock(AstClient);
@@ -16,23 +17,23 @@ const cxInstallerWindows = new CxInstaller("win32", astClientInstance);
 describe("CxInstaller cases", () => {
     it('CxInstaller getDownloadURL Linux Successful case', async () => {
         const testVersion = '2.3.48';
-        jest.spyOn(cxInstallerLinux as any, 'readASTCLIVersion').mockResolvedValue({ version: testVersion, checksum: null });
+        jest.spyOn(cxInstallerLinux as any, 'readASTCLIVersion').mockResolvedValue({ version: testVersion, checksum: 'mock-checksum' });
         const { url } = await cxInstallerLinux.getDownloadURL();
         const architecture = getArchitecture(cxInstallerLinux.getPlatform());
         expect(url).toBe(`https://download.checkmarx.com/CxOne/CLI/${testVersion}/ast-cli_${testVersion}_linux_${architecture}.tar.gz`);
     });
 
     it('CxInstaller getDownloadURL Mac Successful case', async () => {
         const testVersion = '2.3.48';
-        jest.spyOn(cxInstallerMac as any, 'readASTCLIVersion').mockResolvedValue({ version: testVersion, checksum: null });
+        jest.spyOn(cxInstallerMac as any, 'readASTCLIVersion').mockResolvedValue({ version: testVersion, checksum: 'mock-checksum' });
         const { url } = await cxInstallerMac.getDownloadURL();
         const architecture = getArchitecture(cxInstallerMac.getPlatform());
         expect(url).toBe(`https://download.checkmarx.com/CxOne/CLI/${testVersion}/ast-cli_${testVersion}_darwin_${architecture}.tar.gz`);
     });
 
     it('CxInstaller getDownloadURL Windows Successful case', async () => {
         const testVersion = '2.3.48';
-        jest.spyOn(cxInstallerWindows as any, 'readASTCLIVersion').mockResolvedValue({ version: testVersion, checksum: null });
+        jest.spyOn(cxInstallerWindows as any, 'readASTCLIVersion').mockResolvedValue({ version: testVersion, checksum: 'mock-checksum' });
         const { url } = await cxInstallerWindows.getDownloadURL();
         const architecture = getArchitecture(cxInstallerWindows.getPlatform());
         expect(url).toBe(`https://download.checkmarx.com/CxOne/CLI/${testVersion}/ast-cli_${testVersion}_windows_${architecture}.zip`);
@@ -42,17 +43,17 @@ describe("CxInstaller cases", () => {
 describe("CxInstaller getExecutablePath cases", () => {
     it('CxInstaller getExecutablePath Linux Successful case', () => {
         const executablePath = cxInstallerLinux.getExecutablePath();
-        expect(executablePath).toContain(`src/main/wrapper/resources/cx`);
+        expect(executablePath).toContain(path.join('src', 'main', 'wrapper', 'resources', 'cx'));
     });
 
     it('CxInstaller getExecutablePath Mac Successful case', () => {
         const executablePath = cxInstallerMac.getExecutablePath();
-        expect(executablePath).toContain(`src/main/wrapper/resources/cx`);
+        expect(executablePath).toContain(path.join('src', 'main', 'wrapper', 'resources', 'cx'));
     });
 
     it('CxInstaller getExecutablePath Windows Successful case', () => {
         const executablePath = cxInstallerWindows.getExecutablePath();
-        expect(executablePath).toContain(`src/main/wrapper/resources/cx.exe`);
+        expect(executablePath).toContain(path.join('src', 'main', 'wrapper', 'resources', 'cx.exe'));
     });
 });
 
@@ -143,13 +144,6 @@ describe("CxInstaller checksum verification cases", () => {
         expect(exitSpy).toHaveBeenCalledWith(1);
     });
 
-    it('CxInstaller null checksum skips verification', async () => {
-        jest.spyOn(localLinux as any, 'readASTCLIVersion').mockResolvedValue({ version: '9.9.99', checksum: null });
-        when(localMock.downloadFile(anyString(), anyString())).thenResolve();
-        await localLinux.downloadIfNotInstalledCLI();
-        expect(exitSpy).not.toHaveBeenCalled();
-    });
-
     it('CxInstaller CX_CLI_LOCATION skips checksum verification', async () => {
         process.env.CX_CLI_LOCATION = 'https://internal.example.com/cli';
         jest.spyOn(localLinux as any, 'readASTCLIVersion').mockResolvedValue({ version: '2.3.48', checksum: 'irrelevant' });