FoD: fcli fod action run release-summary fails parsing scan dates

[kadraman]

Current Behavior

Running the release-summary action is currently exhibiting the following behaviour:

>fcli fod action run release-summary --rel "FortifyDemoApp [KAL]:main"
com.fortify.cli.common.action.runner.ActionRunner$StepProcessingException: Error processing:
  ActionStepWrite(to=TemplateExpression(parameters.file), value=null, valueTemplate=summary-md)
        at com.fortify.cli.common.action.runner.ActionRunner$ActionStepsProcessor.processStep(ActionRunner.java:416)
        at com.fortify.cli.common.action.runner.ActionRunner$ActionStepsProcessor.lambda$processStepEntries$0(ActionRunner.java:395)
        at [email protected]/java.util.ArrayList.forEach(ArrayList.java:1596)
        at com.fortify.cli.common.action.runner.ActionRunner$ActionStepsProcessor.processStepEntries(ActionRunner.java:395)
        at com.fortify.cli.common.action.runner.ActionRunner$ActionStepsProcessor.processStep(ActionRunner.java:388)
        at [email protected]/java.util.ArrayList.forEach(ArrayList.java:1596)
        at com.fortify.cli.common.action.runner.ActionRunner$ActionStepsProcessor.processSteps(ActionRunner.java:371)
        at com.fortify.cli.common.action.runner.ActionRunner$ActionStepsProcessor.processSteps(ActionRunner.java:367)
        at com.fortify.cli.common.action.runner.ActionRunner.run(ActionRunner.java:164)
        at com.fortify.cli.common.action.cli.cmd.AbstractActionRunCommand.run(AbstractActionRunCommand.java:71)
        at com.fortify.cli.common.action.cli.cmd.AbstractActionRunCommand.call(AbstractActionRunCommand.java:62)
        at com.fortify.cli.common.action.cli.cmd.AbstractActionRunCommand.call(AbstractActionRunCommand.java:39)
        at picocli.CommandLine.executeUserObject(CommandLine.java:2118)
        at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2538)
        at picocli.CommandLine$RunLast.handle(CommandLine.java:2530)
        at picocli.CommandLine$RunLast.handle(CommandLine.java:2492)
        at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2350)
        at picocli.CommandLine$RunLast.execute(CommandLine.java:2494)
        at picocli.CommandLine.execute(CommandLine.java:2247)
        at com.fortify.cli.app.runner.DefaultFortifyCLIRunner.run(DefaultFortifyCLIRunner.java:49)
        at com.fortify.cli.app.FortifyCLI.execute(FortifyCLI.java:38)
        at com.fortify.cli.app.FortifyCLI.main(FortifyCLI.java:32)
        at [email protected]/java.lang.invoke.LambdaForm$DMH/sa346b79c.invokeStaticInit(LambdaForm$DMH)
Caused by: java.lang.RuntimeException: Error evaluating action expression # Fortify on Demand Release Summary

## [${r.applicationName}${#isNotBlank(r.microserviceNae)?'- '+r.microserviceName:''} - ${r.releaseName}](${#fod.releaseBrowserUrl(r)})

Summary generated on: ${#formatDateTime(dateFmt)}

### Security Policy
**Rating:** ${#repeat("★", r.rating)}${#repeat("☆", 5-r.rating)}
**Status:** ${r.isPassed?'Pass':'Fail'}

### Issue Counts
| Type        | Last Scan Date   | Critical | High     | Medium   | Low      |
| ----------- | ---------------- | -------- | -------- | -------- | -------- |
| **Static**  | ${(#isBlank(r.staticScanDate)?#fmt('%-16s', 'N/A'):#formatDateTime(dateFmt, r.staticScanDate))  +' | '+#fmt('%8s', r.staticCritical)                                   +' | '+#fmt('%8s', r.staticHigh)                           +' | '+#fmt('%8s', r.staticMedium)                               +' | '+#fmt('%8s', r.staticLow)                         +' |'}
| **Dynamic** | ${(#isBlank(r.dynamicScanDate)?#fmt('%-16s', 'N/A'):#formatDateTime(dateFmt, r.dynamicScanDate))+' | '+#fmt('%8s', r.dynamicCritical)                                  +' | '+#fmt('%8s', r.dynamicHigh)                          +' | '+#fmt('%8s', r.dynamicMedium)                              +' | '+#fmt('%8s', r.dynamicLow)                        +' |'}
| **Mobile**  | ${(#isBlank(r.mobileScanDate)?#fmt('%-16s', 'N/A'):#formatDateTime(dateFmt, r.mobileScanDate))  +' | '+#fmt('%8s', r.mobileCritical)                                   +' | '+#fmt('%8s', r.mobileHigh)                           +' | '+#fmt('%8s', r.mobileMedium)                               +' | '+#fmt('%8s', r.mobileLow)                         +' |'}
| **Total**   |                  | ${#fmt('%8s', r.staticCritical+r.dynamicCritical+r.mobileCritical)+' | '+#fmt('%8s', r.staticHigh+r.dynamicHigh+r.mobileHigh)+' | '+#fmt('%8s', r.staticMedium+r.dynamicMedium+r.mobileMedium)+' | '+#fmt('%8s', r.staticLow+r.dynamicLow+r.mobileLow)+' |'}

        at com.fortify.cli.common.action.runner.ActionRunner$JsonNodeOutputWalker.copyValue(ActionRunner.java:989)
        at com.fortify.cli.common.json.JsonHelper$JsonNodeDeepCopyWalker.walkValue(JsonHelper.java:241)
        at com.fortify.cli.common.json.JsonHelper$JsonNodeDeepCopyWalker.walkValue(JsonHelper.java:205)
        at com.fortify.cli.common.json.JsonHelper$AbstractJsonNodeWalker.walk(JsonHelper.java:163)
        at com.fortify.cli.common.json.JsonHelper$AbstractJsonNodeWalker.walk(JsonHelper.java:152)
        at com.fortify.cli.common.action.runner.ActionRunner$ActionStepsProcessor.getTemplateValue(ActionRunner.java:536)
        at com.fortify.cli.common.action.runner.ActionRunner$ActionStepsProcessor.getValue(ActionRunner.java:524)
        at com.fortify.cli.common.action.runner.ActionRunner$ActionStepsProcessor.processWriteStep(ActionRunner.java:541)
        at com.fortify.cli.common.action.runner.ActionRunner$ActionStepsProcessor.processStep(ActionRunner.java:410)
        ... 22 more
Caused by: org.springframework.expression.spel.SpelEvaluationException: EL1023E: A problem occurred whilst attempting to invoke the function 'formatDateTime': 'null'
        at org.springframework.expression.spel.ast.FunctionReference.executeFunctionViaMethod(FunctionReference.java:149)
        at org.springframework.expression.spel.ast.FunctionReference.getValueInternal(FunctionReference.java:86)
        at org.springframework.expression.spel.ast.Ternary.getValueInternal(Ternary.java:59)
        at org.springframework.expression.spel.ast.OpPlus.getValueInternal(OpPlus.java:93)
        at org.springframework.expression.spel.ast.OpPlus.getValueInternal(OpPlus.java:93)
        at org.springframework.expression.spel.ast.OpPlus.getValueInternal(OpPlus.java:93)
        at org.springframework.expression.spel.ast.OpPlus.getValueInternal(OpPlus.java:93)
        at org.springframework.expression.spel.ast.OpPlus.getValueInternal(OpPlus.java:93)
        at org.springframework.expression.spel.ast.OpPlus.getValueInternal(OpPlus.java:93)
        at org.springframework.expression.spel.ast.OpPlus.getValueInternal(OpPlus.java:93)
        at org.springframework.expression.spel.ast.OpPlus.getValueInternal(OpPlus.java:93)
        at org.springframework.expression.spel.ast.OpPlus.getValueInternal(OpPlus.java:93)
        at org.springframework.expression.spel.ast.SpelNodeImpl.getTypedValue(SpelNodeImpl.java:119)
        at org.springframework.expression.spel.standard.SpelExpression.getValue(SpelExpression.java:376)
        at org.springframework.expression.common.CompositeStringExpression.getValue(CompositeStringExpression.java:131)
        at org.springframework.expression.common.CompositeStringExpression.getValue(CompositeStringExpression.java:144)
        at com.fortify.cli.common.spring.expression.wrapper.WrappedExpression.getValue(WrappedExpression.java:131)
        at com.fortify.cli.common.spring.expression.SpelEvaluator.evaluate(SpelEvaluator.java:85)
        at com.fortify.cli.common.spring.expression.SpelEvaluator$ConfigurableSpelEvaluator.evaluate(SpelEvaluator.java:70)
        at com.fortify.cli.common.action.runner.ActionRunner$JsonNodeOutputWalker.copyValue(ActionRunner.java:983)
        ... 30 more
Caused by: java.lang.reflect.InvocationTargetException
        at [email protected]/java.lang.reflect.Method.invoke(Method.java:580)
        at org.springframework.expression.spel.ast.FunctionReference.executeFunctionViaMethod(FunctionReference.java:143)
        ... 49 more
Caused by: java.time.format.DateTimeParseException: Text '2024-07-31T13:57:22.2' could not be parsed, unparsed text found at index 19
        at [email protected]/java.time.format.DateTimeFormatter.parseResolved0(DateTimeFormatter.java:2111)
        at [email protected]/java.time.format.DateTimeFormatter.parseBest(DateTimeFormatter.java:2056)
        at com.fortify.cli.common.json.JSONDateTimeConverter.parseTemporalAccessor(JSONDateTimeConverter.java:83)
        at com.fortify.cli.common.json.JSONDateTimeConverter.parseZonedDateTime(JSONDateTimeConverter.java:72)
        at com.fortify.cli.common.action.runner.ActionSpelFunctions.formatDateTimeWithZoneId(ActionSpelFunctions.java:229)
        at com.fortify.cli.common.action.runner.ActionSpelFunctions.formatDateTime(ActionSpelFunctions.java:213)
        ... 51 more

Some of the values are null as scans for DAST/MAST have not been run. But I'm not sure why '2024-07-31T13:57:22.2' is not being parsed?

Expected Behavior

No response

Steps To Reproduce

No response

Environment

FoD: 24.3
fcli: 2.4.0

Anything else?

No response

[rsenden]

@kadraman, this is the pattern that we use for parsing: DateTimeFormatter.ofPattern("yyyy-MM-dd[['T'][' ']HH:mm:ss[.SSS][.SS]][ZZZZ][Z][XXX][XX][X]"); I guess it doesn't like the single-digit .2, as the pattern optionally accepts either two or three digits after the dot?

Question is whether timestamp format has changed in FoD 24.3, or maybe either FoD or fcli truncates trailing zero's, so this bug would appear only for timestamps ending with .10, .20, ...? Are you able to test whether updating the pattern to the following fixes this issue for this particular timestamp? DateTimeFormatter.ofPattern("yyyy-MM-dd[['T'][' ']HH:mm:ss[.SSS][.SS][.S]][ZZZZ][Z][XXX][XX][X]") (in JSONDateTimeConverter.java, notice the extra [.S])