search

fortify / fcli

fcli is a command-line utility for interacting with various Fortify products
https://fortify.github.io/fcli/
Other
31 stars 22 forks source link

FoD: `xxx-scan wait-for` commands still produce an error on initial poll #564

Closed kadraman closed 1 month ago

kadraman commented 4 months ago

Current Behavior

The FoD xxx-scan wait-for commands have been changed to use internal /polling-summary API. However this often errors on the first check, e.g.:

Run fcli fod dast-scan start --release "${FOD_RELEASE_NAME}" --store curScan --session github-actions
 Id        Scan type  Analysis Status  Application  Microservice  Release  Action  
 11190863  Dynamic    Pending          IWA [KAL]                  main     STARTED 

java.lang.IllegalStateException: Variable 1012126:11190863 not found
    at com.fortify.cli.common.variable.FcliVariableHelper.getVariablePathIfExists(FcliVariableHelper.java:234)
    at com.fortify.cli.common.variable.FcliVariableHelper.getVariableDescriptorPathIfExists(FcliVariableHelper.java:225)
    at com.fortify.cli.common.variable.FcliVariableHelper.getVariableDescriptor(FcliVariableHelper.java:69)
    at com.fortify.cli.util.variable.cli.mixin.VariableResolverMixin$AbstractVariableResolverMixin.getVariableDescriptor(VariableResolverMixin.java:29)
    at com.fortify.cli.util.variable.cli.cmd.VariableGetCommand.getJsonNode(VariableGetCommand.java:32)
    at com.fortify.cli.common.output.cli.cmd.AbstractOutputCommand.call(AbstractOutputCommand.java:33)
    at com.fortify.cli.common.output.cli.cmd.AbstractOutputCommand.call(AbstractOutputCommand.java:22)
    at picocli.CommandLine.executeUserObject(CommandLine.java:2118)
    at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2538)
    at picocli.CommandLine$RunLast.handle(CommandLine.java:2530)
    at picocli.CommandLine$RunLast.handle(CommandLine.java:2492)
    at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2350)
    at picocli.CommandLine$RunLast.execute(CommandLine.java:2494)
    at picocli.CommandLine.execute(CommandLine.java:2247)
    at com.fortify.cli.app.runner.DefaultFortifyCLIRunner.run(DefaultFortifyCLIRunner.java:49)
    at com.fortify.cli.app.FortifyCLI.execute(FortifyCLI.java:38)
    at com.fortify.cli.app.FortifyCLI.main(FortifyCLI.java:32)
    at java.base@21.0.2/java.lang.invoke.LambdaForm$DMH/sa346b79c.invokeStaticInit(LambdaForm$DMH)

Subsequent polls are find and the commands work but it is not good to have this is the logs.

Expected Behavior

It is expected that the first poll works without error, we can either swallow the initial failure or introduce a delay before checking the status.

Steps To Reproduce

No response

Environment

No response

Anything else?

No response

kadraman commented 3 months ago

This seems to have gone away - will monitor it!