search

checkmarx-ltd / Cx-Client-Common

3 stars 12 forks source link

Fixed issues caused by error suppression logic that it is suppressing more errors that needed. #205

Closed umeshwaghode closed 2 years ago

umeshwaghode commented 2 years ago

Description

Fixed issues caused by error suppression logic that it is suppressing more errors that needed.

References

NA

Testing

  1. It now shows FAILURE with message a. when job is cancelled from the SAST server (Delete scan in SAST while plugin is waiting for results) b. when incremental scan results with ‘Incremental changes threshold cross 7%’ error (Add more java files to your repo) c. When scan times-out for a new project and when global flag ‘continue when timeout’ flag is not selected d. When scan times-out for existing project and when global flag ‘continue when timeout’ flag is not selected ( In order for scan to be full scan, add more java files to the test repo so that scan will be forced)
  2. It now shows SUCCESS with original error message as well as indication that error is being suppressed for below cases a. When duplicate scan error occurs b. When ‘Source folder is empty…..’ error occurs (exclude all source files of the repo being used for testing) c. When ‘No files to zip’ error occurs (exclude entire files and folder or disable source code management. In case of CLI, pass empty folder as -locationpath) d. When scan times-out for a new project and when global flag ‘continue when timeout’ flag is selected e. When scan times-out for existing project and when global flag ‘continue when timeout’ flag is selected f.
  3. In all cases of error getting suppressed, Last scan results will be fetched (if available)
  4. Suppression of error is always enabled from the Jenkins plugin for dup scan, source folder is empty, no files to zip cases. Timeout case is controlled by the flag. (In CLI, none of the error suppression will occur. That’s expected.)

Checklist