diff --git a/README.md b/README.md index 4d90993..ff1739c 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,8 @@ Then run from the same terminal `node ./soos/node_modules/@soos-io/soos-sast/bin | `--filesToExclude` | None | Listing of files or patterns to exclude from the search for manifest files. eg: **/req**.txt/, **/requirements.txt | | `--integrationName` | N/A | Integration Name - Intended for internal use only. | | `--integrationType` | N/A | Integration Type - Intended for internal use only. | -| `--logLevel` | `INFO` | Minimum level to show logs: PASS, IGNORE, INFO, WARN or FAIL. | +| `--logLevel` | `INFO` | Minimum level to show logs: PASS, IGNORE, INFO, WARN or FAIL. | +| `--onFailure` | `continue_on_failure` | Action to perform when the scan fails. Options: fail_the_build, continue_on_failure. | | `--operatingEnvironment` | `null` | Set Operating environment for information purposes only. | | `--projectName` | N/A | Project Name - this is what will be displayed in the SOOS app. | | `--scriptVersion` | N/A | Script Version - Intended for internal use only. | diff --git a/package-lock.json b/package-lock.json index f7f93c2..4001eb8 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@soos-io/soos-sast", - "version": "0.1.3", + "version": "0.1.4", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@soos-io/soos-sast", - "version": "0.1.3", + "version": "0.1.4", "license": "MIT", "dependencies": { "@soos-io/api-client": "^0.2.12", diff --git a/package.json b/package.json index 3b6f995..a2d63e9 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@soos-io/soos-sast", - "version": "0.1.3", + "version": "0.1.4", "description": "SOOS Static Application Security Testing (SAST) scanning support.", "main": "bin/index.js", "scripts": { diff --git a/src/index.ts b/src/index.ts index 3bd4fd1..9736036 100644 --- a/src/index.ts +++ b/src/index.ts @@ -3,11 +3,17 @@ import { IntegrationName, IntegrationType, LogLevel, + OnFailure, ScanStatus, ScanType, soosLogger, } from "@soos-io/api-client"; -import { obfuscateProperties, ensureNonEmptyValue } from "@soos-io/api-client/dist/utilities"; +import { + obfuscateProperties, + ensureNonEmptyValue, + verifyScanStatus, + ensureEnumValue, +} from "@soos-io/api-client/dist/utilities"; import { exit } from "process"; import { version } from "../package.json"; import AnalysisService from "@soos-io/api-client/dist/services/AnalysisService"; @@ -31,6 +37,7 @@ interface SOOSSASTAnalysisArgs { filesToExclude: Array; integrationName: IntegrationName; integrationType: IntegrationType; + onFailure: OnFailure; logLevel: LogLevel; operatingEnvironment: string; projectName: string; @@ -67,6 +74,15 @@ class SOOSSASTAnalysis { required: false, }); + analysisArgumentParser.argumentParser.add_argument("--onFailure", { + help: "Action to perform when the scan fails. Options: fail_the_build, continue_on_failure.", + default: OnFailure.Continue, + required: false, + type: (value: string) => { + return ensureEnumValue(OnFailure, value); + }, + }); + analysisArgumentParser.argumentParser.add_argument("--sourceCodePath", { help: "The path to start searching for SAST files.", required: false, @@ -163,9 +179,18 @@ class SOOSSASTAnalysis { }); soosLogger.logLineSeparator(); - soosLogger.info( - `Scan results uploaded successfully. To see the results visit: ${result.scanUrl}`, - ); + soosLogger.info("Scan results uploaded successfully."); + + const scanStatus = await soosAnalysisService.waitForScanToFinish({ + scanStatusUrl, + scanUrl: result.scanUrl, + scanType, + }); + + const exitWithError = verifyScanStatus(scanStatus); + if (this.args.onFailure === OnFailure.Fail && exitWithError) { + exit(1); + } } catch (error) { if (projectHash && branchHash && analysisId) await soosAnalysisService.updateScanStatus({