Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Image-Scanner status for failed request #4513

Merged
merged 10 commits into from
Jan 18, 2024
Merged

fix: Image-Scanner status for failed request #4513

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
1a92b32
retry envs added
ashishdevtron Jan 5, 2024
6581e5f
json naming
ashishdevtron Jan 5, 2024
a59c72b
migration for image scan plugin and retry env fix
ashishdevtron Jan 5, 2024
a0f03df
fix
ashishdevtron Jan 5, 2024
9568c4e
image scan migration script updated - added new input variables
ashishdevtron Jan 5, 2024
5b88fc8
migration updated
ashishdevtron Jan 8, 2024
fa0fc9c
migration updated
ashishdevtron Jan 8, 2024
1cde685
name changed
ashishdevtron Jan 8, 2024
5ac2d4a
refactor
ashishdevtron Jan 8, 2024
9e19a4b
added default value and change script no
ashishdevtron Jan 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions pkg/pipeline/CiService.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -244,6 +244,7 @@ func (impl *CiServiceImpl) TriggerCiPipeline(trigger types.Trigger) (int, error)
} else {
workflowRequest.Type = bean2.CI_WORKFLOW_PIPELINE_TYPE
}

err = impl.executeCiPipeline(workflowRequest)
if err != nil {
impl.Logger.Errorw("workflow error", "err", err)
Expand Down Expand Up @@ -658,6 +659,8 @@ func (impl *CiServiceImpl) buildWfRequestForCiPipeline(pipeline *pipelineConfig.
RegistryDestinationImageMap: registryDestinationImageMap,
RegistryCredentialMap: registryCredentialMap,
PluginArtifactStage: pluginArtifactStage,
ImageScanMaxRetries: impl.config.ImageScanMaxRetries,
ImageScanRetryDelay: impl.config.ImageScanRetryDelay,
}

if dockerRegistry != nil {
Expand Down
2 changes: 2 additions & 0 deletions pkg/pipeline/types/CiCdConfig.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,8 @@ type CiCdConfig struct {
SkipCreatingEcrRepo bool `env:"SKIP_CREATING_ECR_REPO" envDefault:"false"`
MaxCiWorkflowRetries int `env:"MAX_CI_WORKFLOW_RETRIES" envDefault:"0"`
NatsServerHost string `env:"NATS_SERVER_HOST" envDefault:"nats://devtron-nats.devtroncd:4222"`
ImageScanMaxRetries int `env:"IMAGE_SCAN_MAX_RETRIES" envDefault:"3"`
ImageScanRetryDelay int `env:"IMAGE_SCAN_RETRY_DELAY" envDefault:"5"`
// from CdConfig
CdLimitCpu string `env:"CD_LIMIT_CI_CPU" envDefault:"0.5"`
CdLimitMem string `env:"CD_LIMIT_CI_MEM" envDefault:"3G"`
Expand Down
2 changes: 2 additions & 0 deletions pkg/pipeline/types/Workflow.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -126,6 +126,8 @@ type WorkflowRequest struct {
RegistryCredentialMap map[string]plugin.RegistryCredentials `json:"registryCredentialMap"`
PluginArtifactStage string `json:"pluginArtifactStage"`
PushImageBeforePostCI bool `json:"pushImageBeforePostCI"`
ImageScanMaxRetries int `json:"imageScanMaxRetries,omitempty"`
ImageScanRetryDelay int `json:"imageScanRetryDelay,omitempty"`
Type bean.WorkflowPipelineType
Pipeline *pipelineConfig.Pipeline
Env *repository.Environment
Expand Down
Empty file added scripts/sql/211_image_scan_plugin_update.down.sql
View file
Open in desktop
Empty file.
27 changes: 27 additions & 0 deletions scripts/sql/211_image_scan_plugin_update.up.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
INSERT INTO "plugin_step_variable" ("id", "plugin_step_id", "name", "format", "description", "is_exposed", "allow_empty_value", "default_value","variable_type", "value_type", "variable_step_index",reference_variable_name, "deleted", "created_on", "created_by", "updated_on", "updated_by") VALUES
(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Vulnerability Scanning' and ps."index"=1 and ps.deleted=false), 'IMAGE_SCAN_MAX_RETRIES','STRING','image scan max retry count',true,true,'3','INPUT','GLOBAL',1 ,'IMAGE_SCAN_MAX_RETRIES','f','now()', 1, 'now()', 1),
(nextval('id_seq_plugin_step_variable'), (SELECT ps.id FROM plugin_metadata p inner JOIN plugin_step ps on ps.plugin_id=p.id WHERE p.name='Vulnerability Scanning' and ps."index"=1 and ps.deleted=false), 'IMAGE_SCAN_RETRY_DELAY','STRING','image scan retry delay (in seconds)',true,true,'5','INPUT','GLOBAL',1 ,'IMAGE_SCAN_RETRY_DELAY','f','now()', 1, 'now()', 1);

UPDATE plugin_pipeline_script SET script = '#!/bin/sh
echo "IMAGE SCAN"

perform_curl_request() {
local attempt=1
while [ "$attempt" -le "$IMAGE_SCAN_MAX_RETRIES" ]; do
response=$(curl -s -w "\n%{http_code}" -X POST $IMAGE_SCANNER_ENDPOINT/scanner/image -H "Content-Type: application/json" -d "{\"image\": \"$DEST\", \"imageDigest\": \"$DIGEST\", \"pipelineId\" : $PIPELINE_ID, \"userId\": $TRIGGERED_BY, \"dockerRegistryId\": \"$DOCKER_REGISTRY_ID\" }")
http_status=$(echo "$response" | tail -n1)
if [ "$http_status" = "200" ]; then
echo "Vulnerability Scanning request successful."
return 0
else
echo "Attempt $attempt: Vulnerability Scanning request failed with HTTP status code $http_status"
echo "Response Body: $response"
attempt=$((attempt + 1))
sleep "$IMAGE_SCAN_RETRY_DELAY"
fi
done
echo -e "\033[1m======== Maximum retries reached. Vulnerability Scanning request failed ========"
exit 1
}
perform_curl_request'
WHERE id = (SELECT id FROM plugin_metadata WHERE name = 'Vulnerability Scanning');
Loading