Skip to content

Commit

Permalink
✨ Better & Improved error propagation from govulncheck thrown errors. (
Browse files Browse the repository at this point in the history
…#81)

* 🐛 ✨ Improved error propagation from govulncheck binary

* ⬆️ Increased go version for devcontainer
  • Loading branch information
Templum authored Apr 26, 2024
1 parent 0148f82 commit deacd3b
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 5 deletions.
2 changes: 1 addition & 1 deletion .devcontainer/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# See here for image contents: https://github.com/microsoft/vscode-dev-containers/tree/v0.231.6/containers/go/.devcontainer/base.Dockerfile

# [Choice] Go version (use -bullseye variants on local arm64/Apple Silicon): 1, 1.16, 1.17, 1-bullseye, 1.16-bullseye, 1.17-bullseye, 1-buster, 1.16-buster, 1.17-buster
ARG VARIANT="1.21-bullseye"
ARG VARIANT="1.22-bullseye"
FROM mcr.microsoft.com/vscode/devcontainers/go:${VARIANT}

# [Choice] Node.js version: none, lts/*, 16, 14, 12, 10
Expand Down
6 changes: 3 additions & 3 deletions .devcontainer/devcontainer.json
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,10 @@
// Update the VARIANT arg to pick a version of Go: 1, 1.18, 1.17
// Append -bullseye or -buster to pin to an OS version.
// Use -bullseye variants on local arm64/Apple Silicon.
"VARIANT": "1.21-bullseye",
"VARIANT": "1.22-bullseye",
// Options
"NODE_VERSION": "none",
"VULNCHECK_VERSION": "v1.0.0"
"VULNCHECK_VERSION": "v1.1.0"
}
},
"runArgs": [
Expand Down Expand Up @@ -39,7 +39,7 @@
"go.formatTool": "goimports",
"[go]": {
"editor.codeActionsOnSave": {
"source.organizeImports": true
"source.organizeImports": "always"
}
},
"[go.mod]": {
Expand Down
16 changes: 15 additions & 1 deletion pkg/vulncheck/runner.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package vulncheck

import (
"encoding/json"
"fmt"
"os"
"os/exec"
"path"
Expand Down Expand Up @@ -55,10 +56,23 @@ func (r *CLIScanner) Scan() (*types.Report, error) {
if err, ok := cmdErr.(*exec.ExitError); ok {
// Only if stderr is present the CLI failed
if len(err.Stderr) > 0 {
receivedError := string(err.Stderr)

if strings.Contains(receivedError, "go:") {
receivedError = strings.Trim(receivedError[strings.Index(receivedError, "go:")+3:], " ")
}

r.log.Error().
Err(err).
Str("Stderr", string(err.Stderr)).
Str("Stderr", receivedError).
Msg("govulncheck exited with none 0 code")

// Building up a set of known "mistakes"
if strings.Contains(receivedError, "requires go >=") {
return nil, fmt.Errorf("the used go version is lower than required by your code. original error: %s", receivedError)
}

return nil, fmt.Errorf("running govulncheck binary produced %s", receivedError)
}
}

Expand Down

0 comments on commit deacd3b

Please sign in to comment.