search

snyk-tech-services / snyk-delta

Other
19 stars 21 forks source link

404 when using all-projects workaround #122

Closed AdamRiddick closed 2 years ago

AdamRiddick commented 2 years ago

When using the all-projects workaround, I get a 404 response using snyk-delta. I'm using a build template in Azure DevOps to run the shell script, which I've brought into the repository.

The organisation in question is present in the error responses organisation list - first in the list.

This is running in debug mode, it appears we don't get the project name or anything output so its difficult to know ... however I can confirm all of the projects are present in Snyk as they have been added using snyk monitor from the CLI.

2022-06-14T10:45:49.387Z snyk ERROR: NotFoundError: Error: Request failed with status code 404
    at Object.makeSnykRequest (C:\npm\prefix\node_modules\snyk-delta\node_modules\snyk-request-manager\src\lib\request\request.ts:77:15)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at Object.RequestsManager._makeRequest [as next] (C:\npm\prefix\node_modules\snyk-delta\node_modules\snyk-request-manager\src\lib\request\requestManager.ts:90:24) {
  data: {
    code: 404,
    message: 'Org projects was not found or you may not have the correct permissions to access the org.\n' +
      'You can use the following orgs: **REDACTED**,**REDACTED**.',
    error: 'Org projects was not found or you may not have the correct permissions to access the org.\n' +
      'You can use the following orgs: **REDACTED**, **REDACTED**.'
  }
}
lili2311 commented 2 years ago

hi @AdamRiddick can you confirm the Snyk API Token does indeed have access to the org in question here and succeeds to list projects? You can try to list the projects for this org directly via Snyk API with the same token https://snyk.docs.apiary.io/#reference/projects/all-projects/list-all-projects.

AdamRiddick commented 2 years ago

Hi @lili2311, thanks for coming back to me.

I can call the list all projects api with the same token fine and get the expected response.

One thing to note is that I'm not currently feeding the orgId to snyk-test or snyk-delta when I call them. snyk-test is defaulting to my Preferred Organization - do I need to configure this with snyk-delta somehow?

lili2311 commented 2 years ago

hi @AdamRiddick yes you can specify the Org & Project to use for scans but this won't work in the case of --all-projects as there is more than 1 project, see https://github.com/snyk-tech-services/snyk-delta#2-mode-of-operations

Could you send us full debug output so we can see exactly what API is being called here, you can attach this to the open support case with us:

lili2311 commented 2 years ago

Closing this in favour of the open support issues, let's continue there