Enhance error message for BOM_COMPARE mode failures in rapid scan #1467
Conversation
zahidblackduck
requested review from
Copilot,
devmehtabd,
shantyk and
andrian-sevastyanov
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
There was a problem hiding this comment.
Pull Request Overview
Enhance error message for BOM_COMPARE mode failures in rapid scans by intercepting 400 Bad Request errors and providing actionable guidance.
- Wrap rapid scan API call in a try-catch to handle
IntegrationRestException - Introduce
handleRapidScanException,isBomCompareError, andcreateBomCompareErrorMessagemethods for targeted error logic - Augment user-facing error message with instructions on project version existence and running full scans
Comments suppressed due to low confidence (2)
src/main/java/com/blackduck/integration/detect/lifecycle/run/operation/OperationRunner.java:733
- New error handling logic in
handleRapidScanException,isBomCompareError, andcreateBomCompareErrorMessagewould benefit from dedicated unit tests to verify the enhanced error message and branch behavior.
private OperationException handleRapidScanException(IntegrationRestException e) {
src/main/java/com/blackduck/integration/detect/lifecycle/run/operation/OperationRunner.java:748
- The method assumes
rapidCompareModeis non-null, which could lead to a NullPointerException. Consider adding a null check before comparing.
private boolean isBomCompareError(IntegrationRestException e, RapidCompareMode rapidCompareMode) {
| return originalMessage + " BOM_COMPARE mode requires the target project version to exist in Black Duck Hub. " + | ||
| "Please ensure 'detect.project.version.name' matches an existing project version. " + | ||
| "Consider running a full scan first if the version hasn't been uploaded yet."; |
There was a problem hiding this comment.
[nitpick] The string concatenation for the enhanced error message is lengthy; consider using a text block (Java 15+) or String.format for improved readability and maintainability.
| return originalMessage + " BOM_COMPARE mode requires the target project version to exist in Black Duck Hub. " + | |
| "Please ensure 'detect.project.version.name' matches an existing project version. " + | |
| "Consider running a full scan first if the version hasn't been uploaded yet."; | |
| return """ | |
| %s BOM_COMPARE mode requires the target project version to exist in Black Duck Hub. | |
| Please ensure 'detect.project.version.name' matches an existing project version. | |
| Consider running a full scan first if the version hasn't been uploaded yet. | |
| """.formatted(originalMessage); |
Copilot uses AI. Check for mistakes.
| logger.error("Rapid scan failed. {}", enhancedMessage); | ||
| return new OperationException(new IntegrationRestException( | ||
| e.getHttpMethod(), e.getHttpUrl(), e.getHttpStatusCode(), | ||
| e.getHttpStatusMessage(), e.getHttpResponseContent(), enhancedMessage)); |
There was a problem hiding this comment.
Wrapping the original exception loses the original stack trace. Consider passing the original e as the cause to preserve debugging context, e.g., new OperationException(new IntegrationRestException(...), e).
| e.getHttpStatusMessage(), e.getHttpResponseContent(), enhancedMessage)); | |
| e.getHttpStatusMessage(), e.getHttpResponseContent(), enhancedMessage, e)); |
Copilot uses AI. Check for mistakes.
| @@ -16,7 +16,7 @@ public enum ExitCodeType { | |||
| ), | |||
| FAILURE_BLACKDUCK_FEATURE_ERROR( | |||
| 11, | |||
| "Detect encountered an error while attempting an operation on Black Duck. Ensure that your Black Duck version is compatible with this version of Detect, and that your Black Duck user account has the required roles." | |||
| "Detect encountered an error while attempting an operation on Black Duck. Ensure that your Black Duck version is compatible with this version of Detect, and that your Black Duck user account has the required roles, and the project version exists in Black Duck when using BOM_COMPARE mode in a rapid scan." | |||
There was a problem hiding this comment.
Suggest tweak:
"While trying to perform an operation on Black Duck SCA, Detect encountered an error. Ensure that your Black Duck SCA version is compatible with this version of Detect, your Black Duck user account has the required roles, and the project version exists in Black Duck when using BOM_COMPARE mode in a rapid scan."
There was a problem hiding this comment.
Thanks for the suggestion. I made a small tweak to start the sentence with "Detect" to stay consistent with the style used in the other exit codes.
JIRA Ticket
IDETECT-4728
Issue
When running rapid scans with
BOM_COMPAREorBOM_COMPARE_STRICTmodes, users receive a generic "400 Bad Request" error message without clear guidance on how to resolve the issue. The root cause is typically that the target project version doesn't exist in Black Duck Hub, but this wasn't communicated effectively to users.Proposed Fix
Enhanced error handling in the
waitForRapidResultsmethod to:FAILURE_BLACKDUCK_FEATURE_ERRORexit code to reflect theBOM_COMPAREerrorImplementation Details
IntegrationRestExceptionwith HTTP 400 status code whenBOM_COMPAREorBOM_COMPARE_STRICTmodes are useddetect.project.version.namematches an existing project version in Black Duck HubhandleRapidScanException,isBomCompareError,createBomCompareErrorMessage) for better maintainability and testabilityBefore/After Error Message
Before:
After:
N.B: This merge request is meant for detect release 10.7