search

IBM / scc-go-sdk

GoLang SDK for IBM Cloud Security and Compliance Center
https://cloud.ibm.com/docs/security-compliance
Apache License 2.0
2 stars 9 forks source link

Method ScansSummary returning nil in resource type #106

Closed alick-yang closed 1 year ago

alick-yang commented 1 year ago

Describe the bug The method func (postureManagement *PostureManagementV2) ScansSummary(scansSummaryOptions *ScansSummaryOptions) (result *Summary, response *core.DetailedResponse, err error) returns nil on the field Types in the struct posturemanagementv2.ResourceResult contained within a*posturemanagementv2.Summary

To Reproduce List the steps that can be used to demonstrate the bug. Include the name of the service and operation that you're trying to invoke, if applicable. Be sure to describe any relevant info regarding parameter values used with your API invocation.

When I run the following code, I will receive a panic: runtime error: invalid memory address or nil pointer dereference due to *resource.Types being nil

package main

import (
    "fmt"
    "log"
    "os"

    "github.com/IBM/go-sdk-core/v5/core"
    "github.com/IBM/scc-go-sdk/v3/posturemanagementv2"
)

func main() {
    apiKey := os.Getenv("APIKEY")
    accountID := os.Getenv("ACCOUNT_ID")
    scanID := "A SCAN" // A scan ID with failing controls
    profileID := "A PROFILE" // The profile contained within the control

    // Create an IAM authenticator
    authenticator := &core.IamAuthenticator{
        ApiKey: apiKey,
    }

    // Create a service options struct
    options := &posturemanagementv2.PostureManagementV2Options{
        Authenticator: authenticator,
        URL:           "https://us.compliance.cloud.ibm.com",
    }

    // Construct the service client
    service, err := posturemanagementv2.NewPostureManagementV2(options)
    if err != nil {
        log.Panic(err)
    }
    scansSummaryOptions := &posturemanagementv2.ScansSummaryOptions{
        ScanID:    core.StringPtr(scanID),
        ProfileID: core.StringPtr(profileID),
        AccountID: core.StringPtr(accountID),
    }

    summary, response, err := service.ScansSummary(scansSummaryOptions)
    if err != nil {
        log.Panic(err)
    }
    if response.StatusCode != 200 {
        log.Panicf("Get latest scan failed %d: %s", response.StatusCode, response.Result)
    }
    // Parse through controls
    for _, control := range summary.Controls {
        if *control.Status != "FAIL" {
            continue
        }
        // Get first Goal that fails
        goal := control.Goals[0]
        // Look at the first resource within failing goal
        resource := goal.ResourceResult[0]
        // Print the resource
        fmt.Println(resource)
        // Print other information
        fmt.Printf("name:%s\nstatus: %s\ndisplay_expected_value: %s\nactual_value: %s\nresults_info: %s\n", *resource.Name, *resource.Status, *resource.DisplayExpectedValue, *resource.ActualValue, *resource.ResultsInfo)
        // Accessing *resource.Types results in a panic
        fmt.Printf("Type %s", *resource.Types)
    }
}

Expected behavior I expect that *resource.Types is non-nil and is a *string to the resource type e.g. Looking a random ResourceResult of a ScanSummary using CURL,

{
  name: 'some-vpc',
  type: 'Virtual Private Cloud',
  status: 'FAIL',
  display_expected_value: 'VPC default security group should not allow SSH',
  actual_value: 'THE_VALUE',
  results_info: 'VPC default security group allow SSH',
  not_applicable_reason: ''
}

I expect *resource.Types to be "Virtual Private Cloud"

Screenshots If applicable, add screenshots to help explain your problem. N/A

Must gather (please complete the following information):

Additional context Add any other context about the problem here. N/A Were you able to avoid the problem by changing your application code slightly? N/A

tyao117 commented 1 year ago

Unfortunately, SCC recently went through a new archictecture a few months ago, where we have deprecated PostureManagementV2.

Closing this issue as it no longer applies.