detectExecuteStep :: Adding error code mapping (#3069)

* feat(detectExecuteScan): generate ip result json

json will currently only be created in success cases.

No information about policy violation details available in the step yet.

* update report name

* Update cmd/detectExecuteScan.go

Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>

* Update cmd/detectExecuteScan.go

Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>

* Update cmd/detectExecuteScan_test.go

Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>

* Update cmd/detectExecuteScan_test.go

Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>

* move blackduck api package

* detectExecuteStep :: Adding error code mapping

* detectExecuteScan :: fixing generate/format check failure

* detectExecuteScan :: fixing typo in test

* detectExecuteStep :: Fixing unit tests and formating issue

* detectExecuteStep :: fixing test case -> TestExitCodeMapping

Co-authored-by: OliverNocon <oliver.nocon@sap.com>
Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
Co-authored-by: Oliver Nocon <33484802+OliverNocon@users.noreply.github.com>
Co-authored-by: Giridhar Shenoy <giridhar.shenoy@sap.com>

cmd/detectExecuteScan.go

@@ -8,6 +8,7 @@ import (
 	"os"
 	"path/filepath"
 	"sort"
+	"strconv"
 	"strings"
 	"time"
 
@@ -37,6 +38,7 @@ type detectUtils interface {
 	Chmod(path string, mode os.FileMode) error
 	Glob(pattern string) (matches []string, err error)
 
+	GetExitCode() int
 	Stdout(out io.Writer)
 	Stderr(err io.Writer)
 	SetDir(dir string)
@@ -66,6 +68,21 @@ func newDetectUtils() detectUtils {
 				},
 				log.ErrorConfiguration.String(): {
 					"FAILURE_CONFIGURATION - Detect was unable to start due to issues with it's configuration.",
+					"FAILURE_DETECTOR - Detect had one or more detector failures while extracting dependencies. Check that all projects build and your environment is configured correctly.",
+					"FAILURE_SCAN - Detect was unable to run the signature scanner against your source. Check your configuration.",
+				},
+				log.ErrorInfrastructure.String(): {
+					"FAILURE_PROXY_CONNECTIVITY - Detect was unable to use the configured proxy. Check your configuration and connection.",
+					"FAILURE_BLACKDUCK_CONNECTIVITY - Detect was unable to connect to Black Duck. Check your configuration and connection.",
+					"FAILURE_POLARIS_CONNECTIVITY - Detect was unable to connect to Polaris. Check your configuration and connection.",
+				},
+				log.ErrorService.String(): {
+					"FAILURE_TIMEOUT - Detect could not wait for actions to be completed on Black Duck. Check your Black Duck server or increase your timeout.",
+					"FAILURE_DETECTOR_REQUIRED - Detect did not run all of the required detectors. Fix detector issues or disable required detectors.",
+					"FAILURE_BLACKDUCK_VERSION_NOT_SUPPORTED - Detect attempted an operation that was not supported by your version of Black Duck. Ensure your Black Duck is compatible with this version of detect.",
+					"FAILURE_BLACKDUCK_FEATURE_ERROR - Detect encountered an error while attempting an operation on Black Duck. Ensure your Black Duck is compatible with this version of detect.",
+					"FAILURE_GENERAL_ERROR - Detect encountered a known error, details of the error are provided.",
+					"FAILURE_UNKNOWN_ERROR - Detect encountered an unknown error.",
 				},
 			},
 		},
@@ -150,9 +167,102 @@ func runDetect(config detectExecuteScanOptions, utils detectUtils, influx *detec
 	if reportingErr != nil {
 		log.Entry().Warnf("Failed to generate reports: %v", reportingErr)
 	}
+	if err == nil && piperutils.ContainsString(config.FailOn, "BLOCKER") {
+		violations := struct {
+			PolicyViolations int      `json:"policyViolations"`
+			Reports          []string `json:"reports"`
+		}{
+			PolicyViolations: 0,
+			Reports:          []string{},
+		}
+
+		if files, err := utils.Glob("**/*BlackDuck_RiskReport.pdf"); err == nil && len(files) > 0 {
+			// there should only be one RiskReport thus only taking the first one
+			_, reportFile := filepath.Split(files[0])
+			violations.Reports = append(violations.Reports, reportFile)
+		}
+
+		violationContent, err := json.Marshal(violations)
+		if err != nil {
+			return fmt.Errorf("failed to marshal policy violation data: %w", err)
+		}
+
+		err = utils.FileWrite("blackduck-ip.json", violationContent, 0666)
+		if err != nil {
+			return fmt.Errorf("failed to write policy violation report: %w", err)
+		}
+	} else if err != nil {
+		// Setting error category based on exit code
+		mapErrorCategory(utils.GetExitCode())
+
+		// Error code mapping with more human readable text
+		// log.Entry().Errorf("[ERROR ERRORF] => %v", exitCodeMapping(utils.GetExitCode()))
+		return errors.Wrapf(err, exitCodeMapping(utils.GetExitCode()))
+	}
+
 	return err
 }
 
+// Get proper error category
+func mapErrorCategory(exitCodeKey int) {
+	switch exitCodeKey {
+	case 1:
+		log.SetErrorCategory(log.ErrorInfrastructure)
+	case 2:
+		log.SetErrorCategory(log.ErrorService)
+	case 3:
+		log.SetErrorCategory(log.ErrorCompliance)
+	case 4:
+		log.SetErrorCategory(log.ErrorInfrastructure)
+	case 5:
+		log.SetErrorCategory(log.ErrorConfiguration)
+	case 6:
+		log.SetErrorCategory(log.ErrorConfiguration)
+	case 7:
+		log.SetErrorCategory(log.ErrorConfiguration)
+	case 9:
+		log.SetErrorCategory(log.ErrorService)
+	case 10:
+		log.SetErrorCategory(log.ErrorService)
+	case 11:
+		log.SetErrorCategory(log.ErrorService)
+	case 12:
+		log.SetErrorCategory(log.ErrorInfrastructure)
+	case 99:
+		log.SetErrorCategory(log.ErrorService)
+	case 100:
+		log.SetErrorCategory(log.ErrorUndefined)
+	default:
+		log.SetErrorCategory(log.ErrorUndefined)
+	}
+}
+
+// Exit codes/error code mapping
+func exitCodeMapping(exitCodeKey int) string {
+
+	exitCodes := map[int]string{
+		1:   "FAILURE_BLACKDUCK_CONNECTIVITY => Detect was unable to connect to Black Duck. Check your configuration and connection.",
+		2:   "FAILURE_TIMEOUT => Detect could not wait for actions to be completed on Black Duck. Check your Black Duck server or increase your timeout.",
+		3:   "FAILURE_POLICY_VIOLATION => Detect found policy violations.",
+		4:   "FAILURE_PROXY_CONNECTIVITY => Detect was unable to use the configured proxy. Check your configuration and connection.",
+		5:   "FAILURE_DETECTOR => Detect had one or more detector failures while extracting dependencies. Check that all projects build and your environment is configured correctly.",
+		6:   "FAILURE_SCAN => Detect was unable to run the signature scanner against your source. Check your configuration.",
+		7:   "FAILURE_CONFIGURATION => Detect was unable to start because of a configuration issue. Check and fix your configuration.",
+		9:   "FAILURE_DETECTOR_REQUIRED => Detect did not run all of the required detectors. Fix detector issues or disable required detectors.",
+		10:  "FAILURE_BLACKDUCK_VERSION_NOT_SUPPORTED => Detect attempted an operation that was not supported by your version of Black Duck. Ensure your Black Duck is compatible with this version of detect.",
+		11:  "FAILURE_BLACKDUCK_FEATURE_ERROR => Detect encountered an error while attempting an operation on Black Duck. Ensure your Black Duck is compatible with this version of detect.",
+		12:  "FAILURE_POLARIS_CONNECTIVITY => Detect was unable to connect to Polaris. Check your configuration and connection.",
+		99:  "FAILURE_GENERAL_ERROR => Detect encountered a known error, details of the error are provided.",
+		100: "FAILURE_UNKNOWN_ERROR => Detect encountered an unknown error.",
+	}
+
+	if _, isKeyExists := exitCodes[exitCodeKey]; isKeyExists {
+		return exitCodes[exitCodeKey]
+	}
+
+	return "[" + strconv.Itoa(exitCodeKey) + "]: Not known exit code key"
+}
+
 func getDetectScript(config detectExecuteScanOptions, utils detectUtils) error {
 	if config.ScanOnChanges {
 		return utils.DownloadFile("https://raw.githubusercontent.com/blackducksoftware/detect_rescan/master/detect_rescan.sh", "detect.sh", nil, nil)

cmd/detectExecuteScan_test.go

@@ -227,10 +227,11 @@ func TestRunDetect(t *testing.T) {
 	t.Run("failure case", func(t *testing.T) {
 		t.Parallel()
 		utilsMock := newDetectTestUtilsBundle()
-		utilsMock.ShouldFailOnCommand = map[string]error{"./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" \"--detect.code.location.name=''\" --detect.source.path='.'": fmt.Errorf("Test Error")}
+		utilsMock.ShouldFailOnCommand = map[string]error{"./detect.sh --blackduck.url= --blackduck.api.token= \"--detect.project.name=''\" \"--detect.project.version.name=''\" \"--detect.code.location.name=''\" --detect.source.path='.'": fmt.Errorf("")}
+		utilsMock.ExitCode = 3
 		utilsMock.AddFile("detect.sh", []byte(""))
 		err := runDetect(detectExecuteScanOptions{}, utilsMock, &detectExecuteScanInflux{})
-		assert.EqualError(t, err, "Test Error")
+		assert.Contains(t, err.Error(), "FAILURE_POLICY_VIOLATION => Detect found policy violations.")
 		assert.True(t, utilsMock.HasRemovedFile("detect.sh"))
 	})
 
@@ -570,6 +571,25 @@ func TestAddDetectArgs(t *testing.T) {
 	}
 }
 
+// Testing exit code mapping method
+func TestExitCodeMapping(t *testing.T) {
+
+	cases := []struct {
+		exitCode int
+		expected string
+	}{
+		{1, "FAILURE_BLACKDUCK_CONNECTIVITY"},
+		{-1, "Not known exit code key"},
+		{8, "Not known exit code key"},
+		{100, "FAILURE_UNKNOWN_ERROR"},
+	}
+
+	for _, c := range cases {
+		response := exitCodeMapping(c.exitCode)
+		assert.Contains(t, response, c.expected)
+	}
+}
+
 func TestPostScanChecksAndReporting(t *testing.T) {
 	t.Parallel()
 	t.Run("Reporting after scan", func(t *testing.T) {