verify scan status / report issues

soos-io · Dec 13, 2023 · 49410da · 49410da
1 parent 18156a0
commit 49410da
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -41,7 +41,8 @@ Then run from the same terminal `node ./soos/node_modules/@soos-io/soos-sast/bin
 | `--filesToExclude`       | None                                      | Listing of files or patterns to exclude from the search for manifest files. eg: **/req**.txt/, **/requirements.txt                   |
 | `--integrationName`      | N/A                                       | Integration Name - Intended for internal use only.                                                                                   |
 | `--integrationType`      | N/A                                       | Integration Type - Intended for internal use only.                                                                                   |
-| `--logLevel`             | `INFO`                                    | Minimum level to show logs: PASS, IGNORE, INFO, WARN or FAIL. |
+| `--logLevel`             | `INFO`                                    | Minimum level to show logs: PASS, IGNORE, INFO, WARN or FAIL.                                                                        |
+| `--onFailure`            | `continue_on_failure`                     | Action to perform when the scan fails. Options: fail_the_build, continue_on_failure.                                                 |
 | `--operatingEnvironment` | `null`                                    | Set Operating environment for information purposes only.                                                                             |
 | `--projectName`          | N/A                                       | Project Name - this is what will be displayed in the SOOS app.                                                                       |
 | `--scriptVersion`        | N/A                                       | Script Version - Intended for internal use only.                                                                                     |

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@soos-io/soos-sast",
-  "version": "0.1.3",
+  "version": "0.1.4",
   "description": "SOOS Static Application Security Testing (SAST) scanning support.",
   "main": "bin/index.js",
   "scripts": {

diff --git a/src/index.ts b/src/index.ts
@@ -3,11 +3,17 @@ import {
   IntegrationName,
   IntegrationType,
   LogLevel,
+  OnFailure,
   ScanStatus,
   ScanType,
   soosLogger,
 } from "@soos-io/api-client";
-import { obfuscateProperties, ensureNonEmptyValue } from "@soos-io/api-client/dist/utilities";
+import {
+  obfuscateProperties,
+  ensureNonEmptyValue,
+  verifyScanStatus,
+  ensureEnumValue,
+} from "@soos-io/api-client/dist/utilities";
 import { exit } from "process";
 import { version } from "../package.json";
 import AnalysisService from "@soos-io/api-client/dist/services/AnalysisService";
@@ -31,6 +37,7 @@ interface SOOSSASTAnalysisArgs {
   filesToExclude: Array<string>;
   integrationName: IntegrationName;
   integrationType: IntegrationType;
+  onFailure: OnFailure;
   logLevel: LogLevel;
   operatingEnvironment: string;
   projectName: string;
@@ -67,6 +74,15 @@ class SOOSSASTAnalysis {
       required: false,
     });
 
+    analysisArgumentParser.argumentParser.add_argument("--onFailure", {
+      help: "Action to perform when the scan fails. Options: fail_the_build, continue_on_failure.",
+      default: OnFailure.Continue,
+      required: false,
+      type: (value: string) => {
+        return ensureEnumValue(OnFailure, value);
+      },
+    });
+
     analysisArgumentParser.argumentParser.add_argument("--sourceCodePath", {
       help: "The path to start searching for SAST files.",
       required: false,
@@ -163,9 +179,18 @@ class SOOSSASTAnalysis {
       });
 
       soosLogger.logLineSeparator();
-      soosLogger.info(
-        `Scan results uploaded successfully. To see the results visit: ${result.scanUrl}`,
-      );
+      soosLogger.info("Scan results uploaded successfully.");
+
+      const scanStatus = await soosAnalysisService.waitForScanToFinish({
+        scanStatusUrl,
+        scanUrl: result.scanUrl,
+        scanType,
+      });
+
+      const exitWithError = verifyScanStatus(scanStatus);
+      if (this.args.onFailure === OnFailure.Fail && exitWithError) {
+        exit(1);
+      }
     } catch (error) {
       if (projectHash && branchHash && analysisId)
         await soosAnalysisService.updateScanStatus({