From 2c848af91adafaca5e8f10bbcdf5311d7e01bd06 Mon Sep 17 00:00:00 2001 From: Brendon Teo Date: Thu, 16 Dec 2021 10:27:21 +0800 Subject: [PATCH 1/2] EN-744: Add error handling fix to all tools (fix) --- src/lib/checkov/checkov-collector.spec.ts | 8 ++++++++ src/lib/checkov/checkov-collector.ts | 8 +++++++- src/lib/sonarqube/sonarqube-collector.spec.ts | 7 +++++++ src/lib/sonarqube/sonarqube-collector.ts | 7 ++++++- src/lib/zap/zap-collector.spec.ts | 11 +++++++++++ src/lib/zap/zap-collector.ts | 8 +++++++- 6 files changed, 46 insertions(+), 3 deletions(-) diff --git a/src/lib/checkov/checkov-collector.spec.ts b/src/lib/checkov/checkov-collector.spec.ts index 24c36ee..4881e24 100644 --- a/src/lib/checkov/checkov-collector.spec.ts +++ b/src/lib/checkov/checkov-collector.spec.ts @@ -46,6 +46,14 @@ describe('CheckovCollector', () => { expect(collector.parseResults).toHaveBeenCalledTimes(1); expect(collector.parseResults).toHaveBeenCalledWith('TEST_OUTPUT'); }); + it('should error when arguments fail', async () => { + (collector.spawn as any).and.returnValue(new Promise((resolve, reject) => { + reject('TEST_OUTPUT'); + })); + + await expectAsync(collector.getResults({})) + .toBeRejectedWith(new Error('Error executing Checkov: TEST_OUTPUT')); + }); }); describe('parseResults()', () => { diff --git a/src/lib/checkov/checkov-collector.ts b/src/lib/checkov/checkov-collector.ts index 429ec93..1af9061 100644 --- a/src/lib/checkov/checkov-collector.ts +++ b/src/lib/checkov/checkov-collector.ts @@ -17,7 +17,13 @@ export class CheckovCollector extends AnalysisCollectorBase { public override async getResults(options: any): Promise { // Once we develop custom checks, they should be specified using the --external-checks-git argument. const args = ['--directory', '.', '--output', 'json', '--no-guide', '--soft-fail']; - const output = await this.spawn('checkov', args, options); + let output; + try { + output = await this.spawn('checkov', args, options); + } + catch (e: unknown) { + throw new Error(`Error executing Checkov: ${e as string}`); + } this.logger.debug(JSON.stringify(output, null, 2)); diff --git a/src/lib/sonarqube/sonarqube-collector.spec.ts b/src/lib/sonarqube/sonarqube-collector.spec.ts index b899406..e186c5f 100644 --- a/src/lib/sonarqube/sonarqube-collector.spec.ts +++ b/src/lib/sonarqube/sonarqube-collector.spec.ts @@ -73,6 +73,13 @@ describe('SonarqubeCollector', () => { expect(collector.parseResults).toHaveBeenCalledTimes(1); expect(collector.parseResults).toHaveBeenCalledWith('"TEST_OUTPUT"'); + + (collector.spawn as any).and.returnValue(new Promise((resolve, reject) => { + reject('TEST_OUTPUT'); + })); + + await expectAsync(collector.getResults({})) + .toBeRejectedWith(new Error('Error executing Sonarqube: TEST_OUTPUT')); }); it('should error when authentication token is not specified', async () => { diff --git a/src/lib/sonarqube/sonarqube-collector.ts b/src/lib/sonarqube/sonarqube-collector.ts index bf43278..7ecf853 100644 --- a/src/lib/sonarqube/sonarqube-collector.ts +++ b/src/lib/sonarqube/sonarqube-collector.ts @@ -47,7 +47,12 @@ export class SonarqubeCollector extends AnalysisCollectorBase { `-Dsonar.projectKey=${dsonarProjectKey}`, `-Dsonar.projectBaseDir=${dsonarProjectBaseDir}`, ]; - await this.spawn('sonar-scanner', args, options); + try { + await this.spawn('sonar-scanner', args, options); + } + catch (e: unknown) { + throw new Error(`Error executing Sonarqube: ${e as string}`); + } const response = await this.http.get(`http://${process.env.SQ_HOST}/api/issues/search?componentKeys=${dsonarProjectKey}`, { withCredentials: true, diff --git a/src/lib/zap/zap-collector.spec.ts b/src/lib/zap/zap-collector.spec.ts index 966f3ae..4f0862c 100644 --- a/src/lib/zap/zap-collector.spec.ts +++ b/src/lib/zap/zap-collector.spec.ts @@ -60,6 +60,17 @@ describe('ZapCollector', () => { await expectAsync(collector.getResults({})) .toBeRejectedWith(new Error('You must specify an --target-name argument.')); }); + it('should error when target name cannot be found', async () => { + collector._argv = { + 'target-name': 'TEST_TARGET', + } as any; + (collector.spawn as any).and.returnValue(new Promise((resolve, reject) => { + reject('TEST_OUTPUT'); + })); + + await expectAsync(collector.getResults({})) + .toBeRejectedWith(new Error('Error executing Zap: TEST_OUTPUT')); + }); }); diff --git a/src/lib/zap/zap-collector.ts b/src/lib/zap/zap-collector.ts index 1cdc0ce..746f400 100644 --- a/src/lib/zap/zap-collector.ts +++ b/src/lib/zap/zap-collector.ts @@ -23,7 +23,13 @@ export class ZapCollector extends AnalysisCollectorBase { } const args = ['-t', targetName, '-J zapreport.json', '-s']; - const output = await this.spawn('zap-full-scan.py', args, options); + let output; + try { + output = await this.spawn('zap-full-scan.py', args, options); + } + catch (e: unknown) { + throw new Error(`Error executing Zap: ${e as string}`); + } const jsonFileContents: string = this.fs.readFileSync('zapreport.json', 'utf8'); From 18ea8e863db6f04bc98b7ab2b4806c9109267cdf Mon Sep 17 00:00:00 2001 From: Brendon Teo Date: Thu, 16 Dec 2021 16:15:39 +0800 Subject: [PATCH 2/2] EN-744: Move sonarqube bit into dedicated test --- src/lib/sonarqube/sonarqube-collector.spec.ts | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/lib/sonarqube/sonarqube-collector.spec.ts b/src/lib/sonarqube/sonarqube-collector.spec.ts index e186c5f..78c8a1b 100644 --- a/src/lib/sonarqube/sonarqube-collector.spec.ts +++ b/src/lib/sonarqube/sonarqube-collector.spec.ts @@ -74,6 +74,17 @@ describe('SonarqubeCollector', () => { expect(collector.parseResults).toHaveBeenCalledTimes(1); expect(collector.parseResults).toHaveBeenCalledWith('"TEST_OUTPUT"'); + }); + + it('should error when arguments fail', async () => { + collector._argv = { + 'proj-dir': 'TEST_PROJECT_DIR', + } as any; + process.env.SQ_KEY = 'TEST_PROJECT_KEY'; + process.env.SQ_LOGIN = 'TEST_SQ_LOGIN'; + process.env.SQ_USERNAME = 'TEST_SQ_USERNAME'; + process.env.SQ_PASSWORD = 'TEST_SQ_PASSWORD'; + (collector.spawn as any).and.returnValue(new Promise((resolve, reject) => { reject('TEST_OUTPUT'); }));