From c57a6550fc92e6607aa31b825f8f643280bde321 Mon Sep 17 00:00:00 2001 From: James Lowman Date: Wed, 8 Dec 2021 11:30:32 +0000 Subject: [PATCH] Add timeout to SBOM upload Problem: Curl upload occasionally hangs when running in Azure container instance Solution: Use "timeout" command to limit upload time to 10 seconds (all example SBOM uploads to date have been under 2 seconds) Signed-off-by: James Lowman --- scripts/sbom_scraper.sh | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/scripts/sbom_scraper.sh b/scripts/sbom_scraper.sh index 8762b93..a3cc89f 100755 --- a/scripts/sbom_scraper.sh +++ b/scripts/sbom_scraper.sh @@ -67,6 +67,7 @@ SUPPLIER_NAME=dockerhub SUPPLIER_URL=https://hub.docker.com TOOL_VENDOR="Jitsuin Inc" TOOL_HASH_ALG=SHA-256 +SBOM_UPLOAD_TIMEOUT=10 # shellcheck disable=SC2002 TOOL_HASH_CONTENT=$(shasum -a 256 "$0" | cut -d' ' -f1) # credentials directory should have 0700 permissions @@ -366,18 +367,33 @@ EOF # ---------------------------------------------------------------------------- log "Upload ${PRIVACY} ${OUTPUT} ..." -HTTP_STATUS=$(curl -s -w "%{http_code}" -X POST \ +HTTP_STATUS=$(timeout ${SBOM_UPLOAD_TIMEOUT} \ + curl -s -w "%{http_code}" -X POST \ -o "${TEMPDIR}/upload" \ -H "@${BEARER_TOKEN_FILE}" \ -H "content_type=text/xml" \ -F "sbom=@${PATCHED_OUTPUT}" \ "${URL}/archivist/v1/sboms?privacy=${PRIVACY}") -if [ "${HTTP_STATUS}" != "200" ] +RETURN_CODE=$? + +# timeout returns 124 if the command exceeded the time limit +if [ ${RETURN_CODE} -eq 124 ] then - log "Upload failure ${HTTP_STATUS}" + log "Upload failure: Timeout" + exit 3 +# all other non-zero return codes +elif [ ${RETURN_CODE} -gt 0 ] +then + log "Upload failure: Error code ${RETURN_CODE}" exit 4 fi + +if [ "${HTTP_STATUS}" != "200" ] +then + log "Upload failure: HTTP ${HTTP_STATUS}" + exit 5 +fi log "Upload success: " jq . "${TEMPDIR}/upload" exit 0