diff --git a/.gitignore b/.gitignore index aea0b49..14e70ad 100644 --- a/.gitignore +++ b/.gitignore @@ -3,7 +3,8 @@ /frontend/node_modules .idea .DS_Store -frontend/.DS_Store -frontend/src/.DS_Store -frontend/src/assets/.DS_Store -backend/MixewayFlowAPI.iml \ No newline at end of file +/frontend/.DS_Store +/frontend/src/.DS_Store +/frontend/src/assets/.DS_Store +/backend/MixewayFlowAPI.iml +/frontend/src/environments \ No newline at end of file diff --git a/backend/src/main/java/io/mixeway/mixewayflowapi/exceptions/ScanException.java b/backend/src/main/java/io/mixeway/mixewayflowapi/exceptions/ScanException.java new file mode 100644 index 0000000..2d8dae3 --- /dev/null +++ b/backend/src/main/java/io/mixeway/mixewayflowapi/exceptions/ScanException.java @@ -0,0 +1,9 @@ +package io.mixeway.mixewayflowapi.exceptions; + +public class ScanException + extends Exception { + public ScanException(String errorMessage) { + super(errorMessage); + } + +} \ No newline at end of file diff --git a/backend/src/main/java/io/mixeway/mixewayflowapi/integrations/scanner/sca/apiclient/DependencyTrackApiClientService.java b/backend/src/main/java/io/mixeway/mixewayflowapi/integrations/scanner/sca/apiclient/DependencyTrackApiClientService.java index f6ce5ff..256ea15 100644 --- a/backend/src/main/java/io/mixeway/mixewayflowapi/integrations/scanner/sca/apiclient/DependencyTrackApiClientService.java +++ b/backend/src/main/java/io/mixeway/mixewayflowapi/integrations/scanner/sca/apiclient/DependencyTrackApiClientService.java @@ -5,6 +5,7 @@ import io.mixeway.mixewayflowapi.db.entity.Settings; import io.mixeway.mixewayflowapi.domain.coderepo.UpdateCodeRepoService; import io.mixeway.mixewayflowapi.domain.dtrack.ProcessDTrackVulnDataService; +import io.mixeway.mixewayflowapi.exceptions.ScanException; import io.mixeway.mixewayflowapi.integrations.scanner.sca.dto.*; import io.mixeway.mixewayflowapi.utils.Constants; import lombok.RequiredArgsConstructor; @@ -248,12 +249,23 @@ private void sendBomToDTrack(CodeRepo codeRepo, String bomPath, Settings setting Mono> responseMono = webClient.method(HttpMethod.PUT) .bodyValue(new SendBomRequestDto(codeRepo.getScaUUID(), encodeFileToBase64Binary(bomPath))) .retrieve() + .onStatus(status -> status.is4xxClientError() || status.is5xxServerError(), clientResponse -> + clientResponse.bodyToMono(String.class) + .flatMap(errorBody -> { + log.error("[Dependency Track] Error uploading SBOM: {}", errorBody); + return Mono.error(new ScanException("Failed to upload SBOM: " + errorBody)); + }) + ) .toEntity(String.class); - ResponseEntity response = responseMono.block(); + try { + ResponseEntity response = responseMono.block(); - if (response != null && response.getStatusCode().equals(HttpStatus.OK)) { - log.info("[Dependency Track] Uploaded SBOM to Dependency Track for {}", codeRepo.getRepourl()); + if (response != null && response.getStatusCode().equals(HttpStatus.OK)) { + log.info("[Dependency Track] Uploaded SBOM to Dependency Track for {}", codeRepo.getRepourl()); + } + } catch (Exception e ){ + log.error("[Dependency Track] Error for uploading SBOM - {}", e.getMessage()); } } diff --git a/backend/src/main/resources/db/changelog/db.changelog-master.sql b/backend/src/main/resources/db/changelog/db.changelog-master.sql index 4f56b09..6cc9b32 100644 --- a/backend/src/main/resources/db/changelog/db.changelog-master.sql +++ b/backend/src/main/resources/db/changelog/db.changelog-master.sql @@ -114,9 +114,9 @@ ADD CONSTRAINT fk_default_branch FOREIGN KEY (default_branch_id) REFERENCES code --changeset siewer:add_finding_vuln_component CREATE TABLE component ( id SERIAL PRIMARY KEY, - groupid VARCHAR(60), - name VARCHAR(60) NOT NULL, - version VARCHAR(20) NOT NULL, + groupid VARCHAR(160), + name VARCHAR(160) NOT NULL, + version VARCHAR(120) NOT NULL, inserted_date TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP );