search

DependencyTrack / dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
https://dependencytrack.org/
Apache License 2.0
2.58k stars 542 forks source link

No notification alerts sent due to 400 Bad Request error #1461

Open nyerrabothula opened 2 years ago

nyerrabothula commented 2 years ago

Current Behavior:

Dependency-Track is not able to send mattermost notification (400 Bad Request)

Steps to Reproduce:

1- Start Dependency-Track in a docker container with the "DEBUG" log level and login 2- From Projects, create a project named "test" 3- Go to "Administation", go to "Notifications" then "Alerts", create a new alert called "alert1" and choose "webhook" as publisher 4- Click on the "alert1" and update it by setting your "webhook URL" and by checking all options in "Group" 5- Go back to your "test" project and updoad a BOM file "bom.xml" containing some vulnerabilities 6- Logs are showing: An error was encountered publishing notification to mattermost HTTP Status : 400 Bad Request

Expected Behavior:

Dependency-Track should be able to send the notification server

Environment:

Additional Details:

I can able to send test message to matter most channel using curl command.

2022-03-09 05:45:42,568 INFO [BomUploadProcessingTask] Processing CycloneDX BOM uploaded to project: 66e751d4-ebc2-4fb7-9e12-6c05f4f75c83 2022-03-09 05:45:43,837 ERROR [WebhookPublisher] An error was encountered publishing notification to Outbound Webhook 2022-03-09 05:45:43,838 ERROR [WebhookPublisher] HTTP Status : 400 Bad Request 2022-03-09 05:45:43,838 ERROR [WebhookPublisher] Destination:

stevespringett commented 2 years ago

I'm not sure how this would be a DT issue.

nyerrabothula commented 2 years ago

Mattermost webhook is working fine i am able to send message to channel using

curl -i -X POST -H 'Content-Type: application/json' -d '{"text": "Hello, this is some text\nThis is more text. :tada:"}' <>

I have configured same in my notification window but not working and throwing 400 bad request.

image

stevespringett commented 2 years ago

So you sent:

{"text": "Hello, this is some text\nThis is more text. 🎉"}

However, what Dependency-Track sends via webhook is documented at: https://docs.dependencytrack.org/integrations/notifications/

Have you tried to send that payload to Mattermost using curl?

r4fterman commented 1 year ago

Hi @stevespringett, it would be very helpful if one could test a notification created directly. A "Test" button which sends out a test message to the configured receipient and displaying success or error with details directly in the UI.

The current approach running the notification implicitly e.g. by uploading a prepared BOM and checking logs is quite inconvenient.

Regards, Roman