🐛 azure: fail gracefully if unable to get security contacts #5183

afiune · 2025-02-08T02:34:20Z

Closes #4997

github-actions · 2025-02-08T02:36:12Z

Test Results

3 257 tests ±0 3 253 ✅ ±0 2m 0s ⏱️ +15s
385 suites ±0 4 💤 ±0
29 files ±0 0 ❌ ±0

Results for commit 3cf9a23. ± Comparison against base commit c8a3641.

♻️ This comment has been updated with latest results.

afiune · 2025-02-08T04:00:25Z

Failing because of #5184

Closes #4997 Signed-off-by: Salim Afiune Maya <[email protected]>

afiune · 2025-02-08T04:48:56Z

Test

cnquery> azure.subscription.cloudDefender.securityContacts {alertNotifications }
! fail gracefully error="failed to fetch security contacts from https://management.azure.com/subscriptions/1234567-abc6-1234-xyz3-3943298239/providers/Microsoft.Security/securityContacts: 500 Internal Server Error"
azure.subscription.cloudDefender.securityContacts: []

…rtNotifications

chris-rock · 2025-02-09T13:29:30Z

providers/azure/resources/cloud_defender.go

 	list, err := getSecurityContacts(ctx, armConn)
 	if err != nil {
-		return nil, err
+		// https: //github.com/mondoohq/cnquery/issues/4997
+		log.Warn().Err(err).Msg("fail gracefully")


Why is that a warn?

I was debating between this an a simple debug log message, I fee that is a better option, would you agree?

chris-rock · 2025-02-09T13:30:09Z

providers/azure/resources/cloud_defender.go

 	}
-	res := []interface{}{}
 	for _, contact := range list {
 		alertNotifications, err := convert.JsonToDict(contact.Properties.AlertNotifications)


do we need to check if contact or contact.Properties are set?

yeah, we probably should have done that, I'll add the check.

chris-rock · 2025-02-09T13:30:19Z

providers/azure/resources/cloud_defender.go

 	for _, contact := range list {
 		alertNotifications, err := convert.JsonToDict(contact.Properties.AlertNotifications)
 		if err != nil {
-			return nil, err
+			log.Debug().Err(err).Msg("unable to convert armsecurity.Contact.Properties.AlertNotifications to dict")
 		}
 		notificationsByRole, err := convert.JsonToDict(contact.Properties.NotificationsByRole)


do we need to check if contact or contact.Properties are set?

yeah, we probably should have done that, I'll add the check.

chris-rock · 2025-02-09T13:30:59Z

providers/azure/resources/cloud_defender.go

 	for _, contact := range list {
 		alertNotifications, err := convert.JsonToDict(contact.Properties.AlertNotifications)
 		if err != nil {
-			return nil, err
+			log.Debug().Err(err).Msg("unable to convert armsecurity.Contact.Properties.AlertNotifications to dict")


in which cases can this happen? We should continue to error out and handle the case properly

We haven't seen this but, the issue says that, any error trying to get the security contacts should fail gracefully. So I checked other places that we could end up in an undesirable error.

Signed-off-by: Salim Afiune Maya <[email protected]>

afiune · 2025-02-10T01:46:13Z

@chris-rock updated with your comments, thank you!

Also, I much rather go this way #5185 - Thoughts?

afiune · 2025-02-10T16:32:54Z

Closing in favor of #5185

afiune changed the title ~~🐛 azure: fail gracefully if unable to read AlertNotifications~~ 🐛 azure: fail gracefully if unable to read armsecurity.Contact.Properties Feb 8, 2025

afiune force-pushed the azure/bug/alertNotifications branch from b3bce03 to fb4477f Compare February 8, 2025 04:15

🐛 azure: fail gracefully if unable to get security contacts

04f80ca

Closes #4997 Signed-off-by: Salim Afiune Maya <[email protected]>

afiune force-pushed the azure/bug/alertNotifications branch from fb4477f to 04f80ca Compare February 8, 2025 04:15

afiune changed the title ~~🐛 azure: fail gracefully if unable to read armsecurity.Contact.Properties~~ 🐛 azure: fail gracefully if unable to get security contacts Feb 8, 2025

This was referenced Feb 8, 2025

✨ azure support for defender email notification sources #5185

Merged

azure.subscription.cloudDefender.securityContacts {alertNotifications } throws 500 if not set #4997

Closed

Merge branch 'main' of github.com:mondoohq/cnquery into azure/bug/ale…

d0fad8c

…rtNotifications

preslavgerchev approved these changes Feb 8, 2025

View reviewed changes

chris-rock reviewed Feb 9, 2025

View reviewed changes

🧹 code review

3cf9a23

Signed-off-by: Salim Afiune Maya <[email protected]>

afiune closed this Feb 10, 2025

github-actions bot locked and limited conversation to collaborators Feb 10, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

🐛 azure: fail gracefully if unable to get security contacts #5183

🐛 azure: fail gracefully if unable to get security contacts #5183

afiune commented Feb 8, 2025

github-actions bot commented Feb 8, 2025 •

edited

Loading

afiune commented Feb 8, 2025

afiune commented Feb 8, 2025

chris-rock Feb 9, 2025

afiune Feb 10, 2025

chris-rock Feb 9, 2025

afiune Feb 10, 2025

chris-rock Feb 9, 2025

afiune Feb 10, 2025

chris-rock Feb 9, 2025

afiune Feb 10, 2025

afiune commented Feb 10, 2025

afiune commented Feb 10, 2025

🐛 azure: fail gracefully if unable to get security contacts #5183

🐛 azure: fail gracefully if unable to get security contacts #5183

Conversation

afiune commented Feb 8, 2025

github-actions bot commented Feb 8, 2025 • edited Loading

Test Results

afiune commented Feb 8, 2025

afiune commented Feb 8, 2025

Test

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

afiune commented Feb 10, 2025

afiune commented Feb 10, 2025

github-actions bot commented Feb 8, 2025 •

edited

Loading