util.secscan.api: more robust API failures cases
Addresses QUAY-672 by handling all status codes that are not 404 and 5xx and moving response decoding inside the try/except block to ensure that the response object is in scope.
This commit is contained in:
parent
6efcf9124c
commit
46087d5e64
1 changed files with 11 additions and 7 deletions
|
@ -387,18 +387,27 @@ class ImplementedSecurityScannerAPI(SecurityScannerAPIInterface):
|
||||||
response = self._call('GET', _API_METHOD_GET_LAYER % layer_id, params=params)
|
response = self._call('GET', _API_METHOD_GET_LAYER % layer_id, params=params)
|
||||||
logger.debug('Got response %s for vulnerabilities for layer %s',
|
logger.debug('Got response %s for vulnerabilities for layer %s',
|
||||||
response.status_code, layer_id)
|
response.status_code, layer_id)
|
||||||
|
try:
|
||||||
|
return response.json()
|
||||||
|
except ValueError:
|
||||||
|
logger.exception('Failed to decode response JSON')
|
||||||
|
return None
|
||||||
|
|
||||||
except Non200ResponseException as ex:
|
except Non200ResponseException as ex:
|
||||||
logger.debug('Got failed response %s for vulnerabilities for layer %s',
|
logger.debug('Got failed response %s for vulnerabilities for layer %s',
|
||||||
ex.response.status_code, layer_id)
|
ex.response.status_code, layer_id)
|
||||||
if ex.response.status_code == 404:
|
if ex.response.status_code == 404:
|
||||||
return None
|
return None
|
||||||
elif ex.response.status_code // 100 == 5:
|
else:
|
||||||
logger.error(
|
logger.error(
|
||||||
'downstream security service failure: status %d, text: %s',
|
'downstream security service failure: status %d, text: %s',
|
||||||
ex.response.status_code,
|
ex.response.status_code,
|
||||||
ex.response.text,
|
ex.response.text,
|
||||||
)
|
)
|
||||||
raise APIRequestFailure('Downstream service returned 5xx')
|
if ex.response.status_code // 100 == 5:
|
||||||
|
raise APIRequestFailure('Downstream service returned 5xx')
|
||||||
|
else:
|
||||||
|
raise APIRequestFailure('Downstream service returned non-200')
|
||||||
except requests.exceptions.Timeout:
|
except requests.exceptions.Timeout:
|
||||||
raise APIRequestFailure('API call timed out')
|
raise APIRequestFailure('API call timed out')
|
||||||
except requests.exceptions.ConnectionError:
|
except requests.exceptions.ConnectionError:
|
||||||
|
@ -407,11 +416,6 @@ class ImplementedSecurityScannerAPI(SecurityScannerAPIInterface):
|
||||||
logger.exception('Failed to get layer data response for %s', layer_id)
|
logger.exception('Failed to get layer data response for %s', layer_id)
|
||||||
raise APIRequestFailure()
|
raise APIRequestFailure()
|
||||||
|
|
||||||
try:
|
|
||||||
return response.json()
|
|
||||||
except ValueError:
|
|
||||||
logger.exception('Failed to decode response JSON')
|
|
||||||
|
|
||||||
|
|
||||||
def _request(self, method, endpoint, path, body, params, timeout):
|
def _request(self, method, endpoint, path, body, params, timeout):
|
||||||
""" Issues an HTTP request to the security endpoint. """
|
""" Issues an HTTP request to the security endpoint. """
|
||||||
|
|
Reference in a new issue