Skip to content

NEW @W-22393672@ Expose ApexGuru engine in CLI with --target-org flag for login#2059

Merged
nikhil-mittal-165 merged 2 commits into
devfrom
feature/W-22393676-apexguru-cli-integration-v2
Jun 29, 2026
Merged

NEW @W-22393672@ Expose ApexGuru engine in CLI with --target-org flag for login#2059
nikhil-mittal-165 merged 2 commits into
devfrom
feature/W-22393676-apexguru-cli-integration-v2

Conversation

@nikhil-mittal-165

@nikhil-mittal-165 nikhil-mittal-165 commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Adds --target-org (-o) flag to the run command for the ApexGuru engine
  • Wires target-org through CodeAnalyzerConfigFactory so the apexguru engine receives it via config overrides
  • Adds the @salesforce/code-analyzer-apexguru-engine dependency and registers it in EnginePluginsFactory

Test plan

  • Unit tests pass locally (npm test)
  • Branch coverage above 90% threshold (91.6%)
  • Lint clean
  • CI green on the new PR

@nikhil-mittal-165 nikhil-mittal-165 changed the title @W-22393676@ ApexGuru CLI integration NEW @W-22393672@ Expose ApexGuru engine in CLI with --target-org flag Jun 29, 2026
@nikhil-mittal-165 nikhil-mittal-165 changed the title NEW @W-22393672@ Expose ApexGuru engine in CLI with --target-org flag NEW @W-22393672@ Expose ApexGuru engine in CLI with --target-org flag for login Jun 29, 2026

@aruntyagiTutu aruntyagiTutu left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR adds the --target-org flag for ApexGuru engine integration. The implementation follows good patterns for config merging but has a critical validation gap per Code Analyzer PR Review guidelines.

✅ Positive aspects:

  • Flag properly defined with -o short option and clear documentation
  • Target org wired through RunInput → RunAction → ConfigFactory → engine config
  • Config factory correctly handles CLI override merging with YAML
  • Good test coverage (91.6%, above 90% threshold)
  • Tests cover flag parsing and config merging

❌ CRITICAL ISSUE - Validation (#3 in guidelines)

Missing upfront validation:
The PR violates guideline #3: "Token/credential validation upfront. If the workflow requires a GitHub token or org connection, validate it exists and has correct permissions before proceeding."

Current flow:

  1. User provides --target-org myorg
  2. Flag parsed → RunAction → ConfigFactory → config → ApexGuru engine
  3. Org validation only happens deep in engine execution (if at all)

Required change:
Add validation at the boundary (RunAction.execute) BEFORE config creation:

public async execute(input: RunInput): Promise<void> {
    // Validate org authentication upfront
    if (input['target-org']) {
        await this.validateTargetOrg(input['target-org']);
    }
    
    const cliOverrides = // ... existing code
}

private async validateTargetOrg(orgNameOrAlias: string): Promise<void> {
    // Check if org exists and is authenticated
    // Throw with actionable error message if not:
    // - "Org 'myorg' not found. Run 'sf org list' to see available orgs."
    // - "Org 'myorg' not authenticated. Run 'sf org login web --alias myorg'."
}

Test at line 89 explicitly catches and ignores failures with "ApexGuru may fail if org is not authenticated, which is expected" - this confirms validation happens too late.

Secondary issue - Config logic complexity:
Line 66: if (disableSuppressionExplicitlySet && !cliOverrides.targetOrg) - why does targetOrg presence affect suppressions precedence? This coupling is unexpected and makes the code harder to reason about.

Requesting changes to add upfront org validation per guidelines.

@aruntyagiTutu aruntyagiTutu left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

All validation concerns addressed. The PR now properly validates target-org upfront.

✅ Changes since last review:

  • Validation added: validateTargetOrg() now called at the start of RunAction.execute() before expensive config creation
  • Uses AuthInfo.create(): Proper org authentication check using Salesforce SDK
  • Actionable error messages: Clear guidance on what to do if validation fails
    • Lists available orgs with sf org list
    • Shows how to authenticate with sf org login web
  • Excellent test coverage: 5 new tests covering:
    • Happy path (org authenticated)
    • Error path (org not authenticated with clear error message)
    • No validation when flag not provided
    • Validation happens before config creation
    • Config receives targetOrg override

Original positive aspects still apply:

  • Flag properly defined with -o short option
  • Good documentation in messages/run-command.md
  • Config factory correctly merges CLI override with YAML
  • ApexGuru engine integration properly wired

This now follows Code Analyzer guideline #3 (validation at boundary).

@nikhil-mittal-165 nikhil-mittal-165 merged commit ee8e185 into dev Jun 29, 2026
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants