diff --git a/internal/handler/main.go b/internal/handler/main.go index bc94825..6f0d546 100644 --- a/internal/handler/main.go +++ b/internal/handler/main.go @@ -202,6 +202,7 @@ type ResourceDestination struct { // Consumer handles consuming messages sent to the queue that this action handler is connected to and processes them accordingly func (h *Messaging) Consumer() { var messageQueue mq.MQ + // if no mq is found when the goroutine starts, retry a few times before exiting // default is 10 retry with 30 second delay = 5 minutes err := try.Do(func(attempt int) (bool, error) { diff --git a/internal/handler/trivyProcessing.go b/internal/handler/trivyProcessing.go index b816031..1351012 100644 --- a/internal/handler/trivyProcessing.go +++ b/internal/handler/trivyProcessing.go @@ -38,30 +38,6 @@ var queue = sbomQueue{ Lock: sync.Mutex{}, } -func SetUpQueue(messageHandler Messaging, grypeLocation string) { - queue.Lock.Lock() - defer queue.Lock.Unlock() - queue.GrypeLocation = grypeLocation - queue.Messaging = messageHandler -} - -func SbomQueuePush(i sbomQueueItem) { - queue.Lock.Lock() - defer queue.Lock.Unlock() - queue.Items = append(queue.Items, i) -} - -func sbomQueuePop() *sbomQueueItem { - if len(queue.Items) > 0 { - queue.Lock.Lock() - defer queue.Lock.Unlock() - i := queue.Items[0] - queue.Items = queue.Items[1:] - return &i - } - return nil -} - func SbomToProblems(trivyRemoteAddress string, bomWriteDirectory string, environmentId int, service string, sbom cyclonedx.BOM) error { rep, err := executeProcessingTrivy(trivyRemoteAddress, bomWriteDirectory, sbom) if err != nil { @@ -83,35 +59,6 @@ func SbomToProblems(trivyRemoteAddress string, bomWriteDirectory string, environ return nil } -func processQueue() { - for { - i := sbomQueuePop() - if i != nil { - vulnerabilitiesBom, err := executeProcessing(queue.GrypeLocation, i.SBOM) - if err != nil { - fmt.Println("Unable to process queue item") - continue - } - problemArray, err := convertBOMToProblemsArray(i.EnvironmentId, problemSource, i.Service, vulnerabilitiesBom) - if err != nil { - fmt.Println("Unable to convert vulnerabilities list to problems array") - //fmt.Println(vulnerabilitiesBom) - fmt.Print(err) - continue - } - err = writeProblemsArrayToApi(i.EnvironmentId, problemSource, i.Service, problemArray) - if err != nil { - fmt.Println("Unable to write problemArray to API") - //fmt.Println(problemArray) - fmt.Print(err) - continue - } - } else { - time.Sleep(1 * time.Second) - } - } -} - func convertBOMToProblemsArray(environment int, source string, service string, bom cyclonedx.BOM) ([]lagoonclient.LagoonProblem, error) { var ret []lagoonclient.LagoonProblem if bom.Vulnerabilities == nil { @@ -140,14 +87,15 @@ func convertBOMToProblemsArray(environment int, source string, service string, b //TODO: this is gross, fix it. p.Severity = lagoonclient.ProblemSeverityRating(strings.ToUpper(string((*v.Ratings)[0].Severity))) + var sevScore float64 - sevScore := *(*v.Ratings)[0].Score - + if (*v.Ratings)[0].Score != nil { + sevScore = *(*v.Ratings)[0].Score + } if sevScore > 1 { sevScore = sevScore / 10 } - - p.SeverityScore = sevScore //*(*v.Ratings)[0].Score + p.SeverityScore = sevScore } ret = append(ret, p) } diff --git a/internal/handler/trivyProcessing_test.go b/internal/handler/trivyProcessing_test.go index 9c2932b..7776964 100644 --- a/internal/handler/trivyProcessing_test.go +++ b/internal/handler/trivyProcessing_test.go @@ -12,46 +12,6 @@ import ( "testing" ) -func Test_executeProcessing(t *testing.T) { - type args struct { - bomLocation string - } - tests := []struct { - name string - args args - wantErr bool - }{ - { - name: "test1", - args: args{bomLocation: "./testassets/grypeExecuteProcessing_test1.json"}, - }, - } - - //Let's ensure that grype is available locally - grypePath := "./testassets/bin/trivy" - if _, err := os.Stat(grypePath); os.IsNotExist(err) { - t.Errorf("Grype not found at %v - please run `make gettestgrype`", grypePath) - return - } - - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - bomText, _ := os.ReadFile(tt.args.bomLocation) - var bom cyclonedx.BOM - err := json.Unmarshal(bomText, &bom) - got, err := executeProcessing(grypePath, bom) - if (err != nil) != tt.wantErr { - t.Errorf("executeProcessing() error = %v, wantErr %v", err, tt.wantErr) - return - } - //we're just testing that there are vulnerabilities - if len(*got.Vulnerabilities) == 0 { - t.Errorf("Grype integration seems to be failing") - } - }) - } -} - func Test_convertBOMToProblemsArray(t *testing.T) { type args struct { environment int