diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e160d4053..241807be0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -117,8 +117,8 @@ jobs: - name: Setup git run: git config --global url."https://${{ secrets.PERSONAL_ACCESS_TOKEN }}:@github.com/".insteadOf "https://github.com" - name: golangci-lint - uses: golangci/golangci-lint-action@v3.4.0 + uses: golangci/golangci-lint-action@v3 with: - version: v1.52.2 + version: v1.54.2 args: -c .golangci.yml only-new-issues: true diff --git a/internal/commands/scarealtime/sca-realtime-utils.go b/internal/commands/scarealtime/sca-realtime-utils.go index 005cf7b04..02d119c66 100644 --- a/internal/commands/scarealtime/sca-realtime-utils.go +++ b/internal/commands/scarealtime/sca-realtime-utils.go @@ -162,7 +162,7 @@ func downloadSCAResolverHashFile(scaResolverHashURL, scaResolverZipFileNameHash func downloadFile(downloadURLPath, fileName string) error { logger.PrintIfVerbose("Downloading " + fileName + " from: " + downloadURLPath) - response, err := wrappers.SendHTTPRequestByFullURL(http.MethodGet, downloadURLPath, nil, false, 0, "", true) + response, err := wrappers.SendHTTPRequestByFullURL(http.MethodGet, downloadURLPath, http.NoBody, false, 0, "", true) if err != nil { return errors.Errorf("Invoking HTTP request to upload file failed - %s", err.Error()) } diff --git a/internal/wrappers/azure-http.go b/internal/wrappers/azure-http.go index 07d90acde..48d489693 100644 --- a/internal/wrappers/azure-http.go +++ b/internal/wrappers/azure-http.go @@ -30,7 +30,6 @@ const ( azureTop = "$top" azurePage = "$skip" azureLayoutTime = "2006-01-02" - basicFormat = "Basic %s" failedAuth = "failed Azure Authentication" unauthorized = "unauthorized: verify if the organization you provided is correct" azurePageLenValue = 100 @@ -112,33 +111,12 @@ func (g *AzureHTTPWrapper) get( queryParams map[string]string, authFormat string, ) (bool, error) { - var err error - req, err := http.NewRequest(http.MethodGet, url, nil) + resp, err := GetWithQueryParams(g.client, url, token, authFormat, queryParams) if err != nil { return false, err } - - if len(token) > 0 { - req.Header.Add(AuthorizationHeader, fmt.Sprintf(authFormat, token)) - } - - q := req.URL.Query() - for k, v := range queryParams { - q.Add(k, v) - } - req.URL.RawQuery = q.Encode() - resp, err := g.client.Do(req) - - if err != nil { - return false, err - } - - logger.PrintRequest(req) - - defer func() { - _ = resp.Body.Close() - }() + defer resp.Body.Close() logger.PrintResponse(resp, true) diff --git a/internal/wrappers/bfl-http.go b/internal/wrappers/bfl-http.go index 1aa578f68..b1c223b91 100644 --- a/internal/wrappers/bfl-http.go +++ b/internal/wrappers/bfl-http.go @@ -33,6 +33,10 @@ func (r *BflHTTPWrapper) GetBflByScanIDAndQueryID(params map[string]string) ( clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) log.Println(fmt.Sprintf("Fetching the best fix location for QueryID: %s", params[commonParams.QueryIDQueryParam])) resp, err := SendHTTPRequestWithQueryParams(http.MethodGet, r.path, params, nil, clientTimeout) + if err != nil { + return nil, nil, err + } + defer resp.Body.Close() return handleBflResponseWithBody(resp, err) } @@ -43,10 +47,6 @@ func handleBflResponseWithBody(resp *http.Response, err error) (*BFLResponseMode decoder := json.NewDecoder(resp.Body) - defer func() { - _ = resp.Body.Close() - }() - switch resp.StatusCode { case http.StatusBadRequest, http.StatusInternalServerError: errorModel := WebError{} diff --git a/internal/wrappers/bitbucket-http.go b/internal/wrappers/bitbucket-http.go index 6b890995a..f840f76c2 100644 --- a/internal/wrappers/bitbucket-http.go +++ b/internal/wrappers/bitbucket-http.go @@ -150,28 +150,11 @@ func (g *BitBucketHTTPWrapper) getFromBitBucket( logger.PrintIfVerbose(fmt.Sprintf("Request to %s", url)) - req, err := http.NewRequest(http.MethodGet, url, nil) + resp, err := GetWithQueryParams(g.client, url, token, basicFormat, queryParams) if err != nil { return err } - - if len(token) > 0 { - req.Header.Add(AuthorizationHeader, fmt.Sprintf(basicFormat, token)) - } - - q := req.URL.Query() - for k, v := range queryParams { - q.Add(k, v) - } - req.URL.RawQuery = q.Encode() - resp, err := g.client.Do(req) - if err != nil { - return err - } - - defer func() { - _ = resp.Body.Close() - }() + defer resp.Body.Close() switch resp.StatusCode { case http.StatusOK: err = json.NewDecoder(resp.Body).Decode(target) @@ -277,33 +260,11 @@ func collectPageBitBucket( } func getBitBucket(client *http.Client, token, url string, target interface{}, queryParams map[string]string) error { - var err error - - req, err := http.NewRequest(http.MethodGet, url, nil) - if err != nil { - return err - } - if len(token) > 0 { - req.Header.Add(AuthorizationHeader, fmt.Sprintf(basicFormat, token)) - } - - q := req.URL.Query() - for k, v := range queryParams { - q.Add(k, v) - } - - req.URL.RawQuery = q.Encode() - resp, err := client.Do(req) + resp, err := GetWithQueryParams(client, url, token, basicFormat, queryParams) if err != nil { return err } - logger.PrintRequest(req) - - defer func() { - _ = resp.Body.Close() - }() - - logger.PrintResponse(resp, true) + defer resp.Body.Close() switch resp.StatusCode { case http.StatusOK: @@ -311,18 +272,18 @@ func getBitBucket(client *http.Client, token, url string, target interface{}, qu if err != nil { return err } - // State sent when expired token + // State sent when expired token case http.StatusUnauthorized: err = errors.New(failedBitbucketAuth) return err - // State sent when no token is provided + // State sent when no token is provided case http.StatusForbidden: err = errors.New(failedBitbucketAuth) return err case http.StatusNotFound: err = errors.New(failedBitbucketNotFound) return err - // Case the commit/project does not exist in the organization + // Case the commit/project does not exist in the organization default: body, err := io.ReadAll(resp.Body) if err != nil { diff --git a/internal/wrappers/bitbucketserver/bitbucket-server-http.go b/internal/wrappers/bitbucketserver/bitbucket-server-http.go index d40ef77ff..b37b5f8d1 100644 --- a/internal/wrappers/bitbucketserver/bitbucket-server-http.go +++ b/internal/wrappers/bitbucketserver/bitbucket-server-http.go @@ -148,7 +148,7 @@ func getBitBucketServer( ) error { var err error - req, err := http.NewRequest(http.MethodGet, url, nil) + req, err := http.NewRequest(http.MethodGet, url, http.NoBody) if err != nil { return err } diff --git a/internal/wrappers/client.go b/internal/wrappers/client.go index b955eb92e..27841f2b8 100644 --- a/internal/wrappers/client.go +++ b/internal/wrappers/client.go @@ -29,12 +29,18 @@ const ( NoTimeout = 0 ntlmProxyToken = "ntlm" checkmarxURLError = "Could not reach provided Checkmarx server" + invalidCredentialsError = "Provided credentials are invalid" APIKeyDecodeErrorFormat = "Token decoding error: %s" tryPrintOffset = 2 retryLimitPrintOffset = 1 MissingURI = "When using client-id and client-secret please provide base-uri or base-auth-uri" MissingTenant = "Failed to authenticate - please provide tenant" jwtError = "Error retrieving %s from jwt token" + basicFormat = "Basic %s" + bearerFormat = "Bearer %s" + contentTypeHeader = "Content-Type" + formURLContentType = "application/x-www-form-urlencoded" + jsonContentType = "application/json" ) type ClientCredentialsInfo struct { @@ -196,16 +202,12 @@ func SendHTTPRequestByFullURLContentLength( client := GetClient(timeout) setAgentName(req) if auth { - enrichWithOath2Credentials(req, accessToken) + enrichWithOath2Credentials(req, accessToken, bearerFormat) } req = addReqMonitor(req) - var resp *http.Response - resp, err = request(client, req, bodyPrint) - if err != nil { - return nil, err - } - return resp, nil + + return request(client, req, bodyPrint) } func addReqMonitor(req *http.Request) *http.Request { @@ -254,19 +256,13 @@ func SendHTTPRequestPasswordAuth(method string, body io.Reader, timeout uint, us if err != nil { return nil, err } - req.Header.Add("content-type", "application/json") + req.Header.Add(contentTypeHeader, jsonContentType) err = enrichWithPasswordCredentials(req, username, password, adminClientID, adminClientSecret) if err != nil { return nil, err } - var resp *http.Response - req = addReqMonitor(req) - resp, err = doRequest(client, req) - if err != nil { - return nil, err - } - return resp, nil + return doRequest(client, req) } func SendPrivateHTTPRequestWithQueryParams( @@ -302,7 +298,7 @@ func HTTPRequestWithQueryParams( q.Add(k, v) } req.URL.RawQuery = q.Encode() - enrichWithOath2Credentials(req, accessToken) + enrichWithOath2Credentials(req, accessToken, bearerFormat) var resp *http.Response resp, err = request(client, req, printBody) if err != nil { @@ -327,8 +323,8 @@ func addTenantAuthURI(baseAuthURI string) (string, error) { return fmt.Sprintf("%s/%s", strings.Trim(baseAuthURI, "/"), authPath), nil } -func enrichWithOath2Credentials(request *http.Request, accessToken string) { - request.Header.Add("Authorization", "Bearer "+accessToken) +func enrichWithOath2Credentials(request *http.Request, accessToken, authFormat string) { + request.Header.Add(AuthorizationHeader, fmt.Sprintf(authFormat, accessToken)) } func SendHTTPRequestWithJSONContentType(method, path string, body io.Reader, auth bool, timeout uint) ( @@ -342,23 +338,40 @@ func SendHTTPRequestWithJSONContentType(method, path string, body io.Reader, aut req, err := http.NewRequest(method, fullURL, body) client := GetClient(timeout) setAgentName(req) - req.Header.Add("Content-Type", "application/json") + req.Header.Add("Content-Type", jsonContentType) if err != nil { return nil, err } if auth { - enrichWithOath2Credentials(req, accessToken) + enrichWithOath2Credentials(req, accessToken, bearerFormat) } req = addReqMonitor(req) - var resp *http.Response - resp, err = doRequest(client, req) + return doRequest(client, req) +} + +func GetWithQueryParams(client *http.Client, urlAddress, token, authFormat string, queryParams map[string]string) (*http.Response, error) { + req, err := http.NewRequest(http.MethodGet, urlAddress, http.NoBody) if err != nil { return nil, err } - return resp, nil + logger.PrintRequest(req) + return GetWithQueryParamsAndCustomRequest(client, req, urlAddress, token, authFormat, queryParams) } +// GetWithQueryParamsAndCustomRequest used when we need to add custom headers to the request +func GetWithQueryParamsAndCustomRequest(client *http.Client, customReq *http.Request, urlAddress, token, authFormat string, queryParams map[string]string) (*http.Response, error) { + if len(token) > 0 { + enrichWithOath2Credentials(customReq, token, authFormat) + } + q := customReq.URL.Query() + for k, v := range queryParams { + q.Add(k, v) + } + customReq.URL.RawQuery = q.Encode() + customReq = addReqMonitor(customReq) + return request(client, customReq, true) +} func GetAccessToken() (string, error) { authURI, err := getAuthURI() if err != nil { @@ -402,8 +415,7 @@ func enrichWithPasswordCredentials( "failed to authenticate", ) } - - request.Header.Add("Authorization", "Bearer "+accessToken) + enrichWithOath2Credentials(request, accessToken, bearerFormat) return nil } @@ -458,7 +470,7 @@ func getNewToken(credentialsPayload, authServerURI string) (string, error) { return "", err } req = addReqMonitor(req) - req.Header.Add("content-type", "application/x-www-form-urlencoded") + req.Header.Add(contentTypeHeader, formURLContentType) clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) client := GetClient(clientTimeout) @@ -468,13 +480,13 @@ func getNewToken(credentialsPayload, authServerURI string) (string, error) { return "", errors.Errorf("%s %s", checkmarxURLError, authURL) } if res.StatusCode == http.StatusBadRequest { - return "", errors.Errorf("%v %s \n", res.StatusCode, "Provided credentials are invalid") + return "", errors.Errorf("%d %s \n", res.StatusCode, invalidCredentialsError) } if res.StatusCode == http.StatusNotFound { - return "", errors.Errorf("%v %s \n", res.StatusCode, "Provided Tenant Name is invalid") + return "", errors.Errorf("%d %s \n", res.StatusCode, "Provided Tenant Name is invalid") } if res.StatusCode == http.StatusUnauthorized { - return "", errors.Errorf("%v %s \n", res.StatusCode, "Provided credentials are invalid") + return "", errors.Errorf("%d %s \n", res.StatusCode, invalidCredentialsError) } body, _ := ioutil.ReadAll(res.Body) @@ -486,7 +498,7 @@ func getNewToken(credentialsPayload, authServerURI string) (string, error) { return "", err } - return "", errors.Errorf("%v %s %s", res.StatusCode, credentialsErr.Error, credentialsErr.Description) + return "", errors.Errorf("%d %s %s", res.StatusCode, credentialsErr.Error, credentialsErr.Description) } defer func() { diff --git a/internal/wrappers/github-http.go b/internal/wrappers/github-http.go index c09aadf80..575b6c74f 100644 --- a/internal/wrappers/github-http.go +++ b/internal/wrappers/github-http.go @@ -162,9 +162,9 @@ func (g *GitHubHTTPWrapper) getTemplates() error { func (g *GitHubHTTPWrapper) get(url string, target interface{}) error { resp, err := get(g.client, url, target, map[string]string{}) - - closeBody(resp) - + if err != nil { + defer resp.Body.Close() + } return err } @@ -205,7 +205,7 @@ func collectPage( return "", err } - defer closeBody(resp) + defer resp.Body.Close() *pageCollection = append(*pageCollection, holder...) next := getNextPageLink(resp) @@ -229,71 +229,38 @@ func getNextPageLink(resp *http.Response) string { } func get(client *http.Client, url string, target interface{}, queryParams map[string]string) (*http.Response, error) { - var err error - var count uint8 - - for count < retryLimit { - var currentError error - - req, currentError := http.NewRequest(http.MethodGet, url, http.NoBody) - if currentError != nil { - return nil, currentError - } - - req.Header.Add(acceptHeader, apiVersion) - - token := viper.GetString(params.SCMTokenFlag) - if len(token) > 0 { - req.Header.Add(AuthorizationHeader, fmt.Sprintf(tokenFormat, token)) - } + req, err := http.NewRequest(http.MethodGet, url, http.NoBody) + if err != nil { + return nil, err + } + req.Header.Add(acceptHeader, apiVersion) + token := viper.GetString(params.SCMTokenFlag) + logger.PrintRequest(req) + resp, err := GetWithQueryParamsAndCustomRequest(client, req, url, token, tokenFormat, queryParams) + if err != nil { + return nil, err + } + defer resp.Body.Close() + logger.PrintResponse(resp, true) - q := req.URL.Query() - for k, v := range queryParams { - q.Add(k, v) - } - req.URL.RawQuery = q.Encode() - - logger.PrintRequest(req) - resp, currentError := client.Do(req) - if currentError != nil { - count++ - logger.PrintIfVerbose(fmt.Sprintf("Request to %s dropped, retrying", req.URL)) - err = currentError - continue + switch resp.StatusCode { + case http.StatusOK: + logger.PrintIfVerbose(fmt.Sprintf("Request to URL %s OK", req.URL)) + err = json.NewDecoder(resp.Body).Decode(target) + if err != nil { + return nil, err } - - logger.PrintResponse(resp, true) - - switch resp.StatusCode { - case http.StatusOK: - logger.PrintIfVerbose(fmt.Sprintf("Request to URL %s OK", req.URL)) - currentError = json.NewDecoder(resp.Body).Decode(target) - closeBody(resp) - if currentError != nil { - return nil, currentError - } - case http.StatusConflict: - logger.PrintIfVerbose(fmt.Sprintf("Found empty repository in %s", req.URL)) - closeBody(resp) - return nil, nil - default: - body, currentError := io.ReadAll(resp.Body) - closeBody(resp) - if currentError != nil { - logger.PrintIfVerbose(currentError.Error()) - return nil, currentError - } - message := fmt.Sprintf("Code %d %s", resp.StatusCode, string(body)) - return nil, errors.New(message) + case http.StatusConflict: + logger.PrintIfVerbose(fmt.Sprintf("Found empty repository in %s", req.URL)) + return nil, nil + default: + body, err := io.ReadAll(resp.Body) + if err != nil { + logger.PrintIfVerbose(err.Error()) + return nil, err } - return resp, nil - } - - return nil, err -} - -func closeBody(resp *http.Response) { - if resp != nil && resp.Body != nil { - _ = resp.Body.Close() + message := fmt.Sprintf("Code %d %s", resp.StatusCode, string(body)) + return nil, errors.New(message) } + return resp, nil } diff --git a/internal/wrappers/gitlab-http.go b/internal/wrappers/gitlab-http.go index d3ae2ad3c..70e5d3080 100644 --- a/internal/wrappers/gitlab-http.go +++ b/internal/wrappers/gitlab-http.go @@ -128,57 +128,41 @@ func (g *GitLabHTTPWrapper) GetGitLabProjects(gitLabGroupName string, queryParam func getFromGitLab( client *http.Client, requestURL string, target interface{}, queryParams map[string]string, ) (*http.Response, error) { - var err error - var count uint8 - for count < retryLimitGitLab { - var currentError error - req, currentError := http.NewRequest(http.MethodGet, requestURL, http.NoBody) - if currentError != nil { - return nil, currentError - } + req, err := http.NewRequest(http.MethodGet, requestURL, http.NoBody) + if err != nil { + return nil, err + } - token := viper.GetString(params.SCMTokenFlag) - if len(token) > 0 { - req.Header.Add(gitLabAuthorizationHeader, fmt.Sprintf(gitLabTokenFormat, token)) - } - q := req.URL.Query() - for k, v := range queryParams { - q.Add(k, v) - } - req.URL.RawQuery = q.Encode() + token := viper.GetString(params.SCMTokenFlag) - logger.PrintRequest(req) + logger.PrintRequest(req) - resp, currentError := client.Do(req) - if currentError != nil { - count++ - logger.PrintIfVerbose(fmt.Sprintf("Request to %s dropped, retrying", req.URL)) - err = currentError - continue - } + resp, err := GetWithQueryParamsAndCustomRequest(client, req, requestURL, token, bearerFormat, queryParams) + if err != nil { + return nil, err + } + defer resp.Body.Close() - logger.PrintResponse(resp, true) + logger.PrintResponse(resp, true) - switch resp.StatusCode { - case http.StatusOK: - currentError = json.NewDecoder(resp.Body).Decode(target) - closeResponseBody(resp) - if currentError != nil { - return nil, currentError - } - default: - body, currentError := io.ReadAll(resp.Body) - closeResponseBody(resp) - if currentError != nil { - logger.PrintIfVerbose(currentError.Error()) - return nil, currentError - } - message := fmt.Sprintf("Code %d %s", resp.StatusCode, string(body)) - return nil, errors.New(message) + switch resp.StatusCode { + case http.StatusOK: + err = json.NewDecoder(resp.Body).Decode(target) + if err != nil { + return nil, err + } + default: + body, currentError := io.ReadAll(resp.Body) + if currentError != nil { + logger.PrintIfVerbose(currentError.Error()) + return nil, currentError } - return resp, nil + message := fmt.Sprintf("Code %d %s", resp.StatusCode, string(body)) + return nil, errors.New(message) } + return resp, nil + return nil, err } @@ -217,7 +201,7 @@ func collectPageForGitLab( if err != nil { return "", err } - defer closeResponseBody(resp) + defer resp.Body.Close() *pageCollection = append(*pageCollection, holder...) nextPageURL := getNextPage(resp) @@ -238,9 +222,3 @@ func getNextPage(resp *http.Response) string { } return "" } - -func closeResponseBody(resp *http.Response) { - if resp != nil && resp.Body != nil { - _ = resp.Body.Close() - } -} diff --git a/internal/wrappers/learn-more-http.go b/internal/wrappers/learn-more-http.go index 918f6b130..3d2a16060 100644 --- a/internal/wrappers/learn-more-http.go +++ b/internal/wrappers/learn-more-http.go @@ -32,6 +32,10 @@ func (r *LearnMoreHTTPWrapper) GetLearnMoreDetails(params map[string]string) ( clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) // add the path parameter to the path resp, err := SendHTTPRequestWithQueryParams(http.MethodGet, r.path, params, nil, clientTimeout) + if err != nil { + return nil, nil, err + } + defer resp.Body.Close() return handleResponse(resp, err, params[commonParams.QueryIDQueryParam]) } @@ -42,10 +46,6 @@ func handleResponse(resp *http.Response, err error, queryID string) (*[]*LearnMo decoder := json.NewDecoder(resp.Body) - defer func() { - _ = resp.Body.Close() - }() - switch resp.StatusCode { case http.StatusBadRequest, http.StatusInternalServerError: errorModel := WebError{} diff --git a/internal/wrappers/logs-http.go b/internal/wrappers/logs-http.go index 39fd8f5f6..b94d2b474 100644 --- a/internal/wrappers/logs-http.go +++ b/internal/wrappers/logs-http.go @@ -28,7 +28,7 @@ func NewLogsWrapper(path string) LogsWrapper { func (l *LogsHTTPWrapper) GetLog(scanID, scanType string) (string, error) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) reportPath := fmt.Sprintf("%s/%s/%s", l.path, scanID, scanType) - resp, err := SendHTTPRequest(http.MethodGet, reportPath, nil, true, clientTimeout) + resp, err := SendHTTPRequest(http.MethodGet, reportPath, http.NoBody, true, clientTimeout) if err != nil { return "", err } diff --git a/internal/wrappers/pr-http.go b/internal/wrappers/pr-http.go index 77085112a..2dbd0d512 100644 --- a/internal/wrappers/pr-http.go +++ b/internal/wrappers/pr-http.go @@ -36,6 +36,10 @@ func (r *PRHTTPWrapper) PostPRDecoration(model *PRModel) ( return "", nil, err } resp, err := SendHTTPRequestWithJSONContentType(http.MethodPost, r.githubPath, bytes.NewBuffer(jsonBytes), true, clientTimeout) + if err != nil { + return "", nil, err + } + defer resp.Body.Close() return handlePRResponseWithBody(resp, err) } diff --git a/internal/wrappers/predicates-http.go b/internal/wrappers/predicates-http.go index 757c89f18..882fe6f7b 100644 --- a/internal/wrappers/predicates-http.go +++ b/internal/wrappers/predicates-http.go @@ -47,8 +47,12 @@ func (r *ResultsPredicatesHTTPWrapper) GetAllPredicatesForSimilarityID(similarit var request = "/" + similarityID + "?project-ids=" + projectID logger.PrintIfVerbose(fmt.Sprintf("Sending GET request to %s", r.path+request)) - - return handleResponseWithBody(SendHTTPRequest(http.MethodGet, r.path+request, nil, true, clientTimeout)) + resp, err := SendHTTPRequest(http.MethodGet, r.path+request, http.NoBody, true, clientTimeout) + if err != nil { + return nil, nil, err + } + defer resp.Body.Close() + return handleResponseWithBody(resp, err) } func (r *ResultsPredicatesHTTPWrapper) SetPath(newPath string) { diff --git a/internal/wrappers/projects-http.go b/internal/wrappers/projects-http.go index 64de7b35b..d369bf55c 100644 --- a/internal/wrappers/projects-http.go +++ b/internal/wrappers/projects-http.go @@ -33,6 +33,7 @@ func (p *ProjectsHTTPWrapper) Create(model *Project) (*ProjectResponseModel, *Er if err != nil { return nil, nil, err } + defer resp.Body.Close() return handleProjectResponseWithBody(resp, err, http.StatusCreated) } @@ -47,7 +48,7 @@ func (p *ProjectsHTTPWrapper) Update(projectID string, model *Project) error { if err != nil { return err } - resp.Body.Close() + defer resp.Body.Close() switch resp.StatusCode { case http.StatusNoContent: return nil @@ -71,7 +72,7 @@ func (p *ProjectsHTTPWrapper) UpdateConfiguration(projectID string, configuratio if err != nil { return nil, err } - + defer resp.Body.Close() return handleProjectResponseWithNoBody(resp, err, http.StatusNoContent) } @@ -117,10 +118,11 @@ func (p *ProjectsHTTPWrapper) GetByID(projectID string) ( *ErrorModel, error) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - resp, err := SendHTTPRequest(http.MethodGet, p.path+"/"+projectID, nil, true, clientTimeout) + resp, err := SendHTTPRequest(http.MethodGet, p.path+"/"+projectID, http.NoBody, true, clientTimeout) if err != nil { return nil, nil, err } + defer resp.Body.Close() return handleProjectResponseWithBody(resp, err, http.StatusOK) } @@ -131,7 +133,6 @@ func (p *ProjectsHTTPWrapper) GetBranchesByID(projectID string, params map[strin params["limit"] = limitValue resp, err := SendHTTPRequestWithQueryParams(http.MethodGet, p.path+request, params, nil, clientTimeout) - if err != nil { return nil, nil, err } @@ -162,10 +163,11 @@ func (p *ProjectsHTTPWrapper) GetBranchesByID(projectID string, params map[strin func (p *ProjectsHTTPWrapper) Delete(projectID string) (*ErrorModel, error) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - resp, err := SendHTTPRequest(http.MethodDelete, p.path+"/"+projectID, nil, true, clientTimeout) + resp, err := SendHTTPRequest(http.MethodDelete, p.path+"/"+projectID, http.NoBody, true, clientTimeout) if err != nil { return nil, err } + defer resp.Body.Close() return handleProjectResponseWithNoBody(resp, err, http.StatusNoContent) } @@ -174,15 +176,14 @@ func (p *ProjectsHTTPWrapper) Tags() ( *ErrorModel, error) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - resp, err := SendHTTPRequest(http.MethodGet, p.path+"/tags", nil, true, clientTimeout) + resp, err := SendHTTPRequest(http.MethodGet, p.path+"/tags", http.NoBody, true, clientTimeout) if err != nil { return nil, nil, err } + defer resp.Body.Close() decoder := json.NewDecoder(resp.Body) - defer resp.Body.Close() - switch resp.StatusCode { case http.StatusBadRequest, http.StatusInternalServerError: errorModel := ErrorModel{} diff --git a/internal/wrappers/response.go b/internal/wrappers/response.go index 1b2a78022..30b347a6c 100644 --- a/internal/wrappers/response.go +++ b/internal/wrappers/response.go @@ -18,8 +18,6 @@ func handleScanResponseWithNoBody(resp *http.Response, err error, } decoder := json.NewDecoder(resp.Body) - defer resp.Body.Close() - switch resp.StatusCode { case http.StatusBadRequest, http.StatusInternalServerError, http.StatusNotFound: errorModel := ErrorModel{} @@ -43,8 +41,6 @@ func handleScanResponseWithBody(resp *http.Response, err error, } decoder := json.NewDecoder(resp.Body) - defer resp.Body.Close() - switch resp.StatusCode { case http.StatusBadRequest, http.StatusInternalServerError: errorModel := ErrorModel{} @@ -75,8 +71,6 @@ func handleProjectResponseWithNoBody(resp *http.Response, err error, } decoder := json.NewDecoder(resp.Body) - defer resp.Body.Close() - switch resp.StatusCode { case http.StatusBadRequest, http.StatusInternalServerError: errorModel := ErrorModel{} diff --git a/internal/wrappers/results-pdf-http.go b/internal/wrappers/results-pdf-http.go index f348e10a6..42c9133f4 100644 --- a/internal/wrappers/results-pdf-http.go +++ b/internal/wrappers/results-pdf-http.go @@ -108,8 +108,8 @@ func (r *PdfHTTPWrapper) CheckPdfReportStatus(reportID string) (*PdfPollingRespo func (r *PdfHTTPWrapper) DownloadPdfReport(reportID, targetFile string) error { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - url := fmt.Sprintf("%s/%s/download", r.path, reportID) - resp, err := SendHTTPRequest(http.MethodGet, url, nil, true, clientTimeout) + customURL := fmt.Sprintf("%s/%s/download", r.path, reportID) + resp, err := SendHTTPRequest(http.MethodGet, customURL, http.NoBody, true, clientTimeout) if err != nil { return err } diff --git a/internal/wrappers/results-sbom-http.go b/internal/wrappers/results-sbom-http.go index 9e428167c..3de1752da 100644 --- a/internal/wrappers/results-sbom-http.go +++ b/internal/wrappers/results-sbom-http.go @@ -137,8 +137,8 @@ func (r *SbomHTTPWrapper) GetSbomReportStatus(reportID string) (*SbomPollingResp func (r *SbomHTTPWrapper) DownloadSbomReport(reportID, targetFile string) error { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - url := fmt.Sprintf("%s/%s/%s/%s", r.path, "requests", reportID, "download") - resp, err := SendHTTPRequest(http.MethodGet, url, nil, true, clientTimeout) + customURL := fmt.Sprintf("%s/%s/%s/%s", r.path, "requests", reportID, "download") + resp, err := SendHTTPRequest(http.MethodGet, customURL, http.NoBody, true, clientTimeout) if err != nil { return err } diff --git a/internal/wrappers/risks-overview-http.go b/internal/wrappers/risks-overview-http.go index 8c7c9fa38..f2e2dfb19 100644 --- a/internal/wrappers/risks-overview-http.go +++ b/internal/wrappers/risks-overview-http.go @@ -27,7 +27,7 @@ func (r *RisksOverviewHTTPWrapper) GetAllAPISecRisksByScanID(scanID string) ( ) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) path := fmt.Sprintf(r.path, scanID) - resp, err := SendHTTPRequest(http.MethodGet, path, nil, true, clientTimeout) + resp, err := SendHTTPRequest(http.MethodGet, path, http.NoBody, true, clientTimeout) if err != nil { return nil, nil, err } diff --git a/internal/wrappers/scans-http.go b/internal/wrappers/scans-http.go index b3f75913f..5fe00946a 100644 --- a/internal/wrappers/scans-http.go +++ b/internal/wrappers/scans-http.go @@ -39,6 +39,7 @@ func (s *ScansHTTPWrapper) Create(model *Scan) (*ScanResponseModel, *ErrorModel, if err != nil { return nil, nil, err } + defer resp.Body.Close() return handleScanResponseWithBody(resp, err, http.StatusCreated) } @@ -76,20 +77,22 @@ func (s *ScansHTTPWrapper) Get(params map[string]string) (*ScansCollectionRespon func (s *ScansHTTPWrapper) GetByID(scanID string) (*ScanResponseModel, *ErrorModel, error) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - resp, err := SendHTTPRequest(http.MethodGet, s.path+"/"+scanID, nil, true, clientTimeout) + resp, err := SendHTTPRequest(http.MethodGet, s.path+"/"+scanID, http.NoBody, true, clientTimeout) if err != nil { return nil, nil, err } + defer resp.Body.Close() return handleScanResponseWithBody(resp, err, http.StatusOK) } func (s *ScansHTTPWrapper) GetWorkflowByID(scanID string) ([]*ScanTaskResponseModel, *ErrorModel, error) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) path := fmt.Sprintf("%s/%s/workflow", s.path, scanID) - resp, err := SendHTTPRequest(http.MethodGet, path, nil, true, clientTimeout) + resp, err := SendHTTPRequest(http.MethodGet, path, http.NoBody, true, clientTimeout) if err != nil { return nil, nil, err } + defer resp.Body.Close() return handleWorkflowResponseWithBody(resp, err) } @@ -99,8 +102,6 @@ func handleWorkflowResponseWithBody(resp *http.Response, err error) ([]*ScanTask } decoder := json.NewDecoder(resp.Body) - defer resp.Body.Close() - switch resp.StatusCode { case http.StatusBadRequest, http.StatusInternalServerError: errorModel := ErrorModel{} @@ -124,10 +125,11 @@ func handleWorkflowResponseWithBody(resp *http.Response, err error) ([]*ScanTask func (s *ScansHTTPWrapper) Delete(scanID string) (*ErrorModel, error) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - resp, err := SendHTTPRequest(http.MethodDelete, s.path+"/"+scanID, nil, true, clientTimeout) + resp, err := SendHTTPRequest(http.MethodDelete, s.path+"/"+scanID, http.NoBody, true, clientTimeout) if err != nil { return nil, err } + defer resp.Body.Close() return handleScanResponseWithNoBody(resp, err, http.StatusNoContent) } @@ -144,19 +146,18 @@ func (s *ScansHTTPWrapper) Cancel(scanID string) (*ErrorModel, error) { if err != nil { return nil, err } - + defer resp.Body.Close() return handleScanResponseWithNoBody(resp, err, http.StatusNoContent) } func (s *ScansHTTPWrapper) Tags() (map[string][]string, *ErrorModel, error) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) - resp, err := SendHTTPRequest(http.MethodGet, s.path+"/tags", nil, true, clientTimeout) + resp, err := SendHTTPRequest(http.MethodGet, s.path+"/tags", http.NoBody, true, clientTimeout) if err != nil { return nil, nil, err } - decoder := json.NewDecoder(resp.Body) - defer resp.Body.Close() + decoder := json.NewDecoder(resp.Body) switch resp.StatusCode { case http.StatusBadRequest, http.StatusInternalServerError: diff --git a/internal/wrappers/tenant-http.go b/internal/wrappers/tenant-http.go index 4dfd9156b..e605961d0 100644 --- a/internal/wrappers/tenant-http.go +++ b/internal/wrappers/tenant-http.go @@ -26,16 +26,14 @@ func (r *TenantConfigurationHTTPWrapper) GetTenantConfiguration() ( ) { clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey) // add the path parameter to the path - resp, err := SendHTTPRequest(http.MethodGet, r.path, nil, true, clientTimeout) + resp, err := SendHTTPRequest(http.MethodGet, r.path, http.NoBody, true, clientTimeout) if err != nil { return nil, nil, err } - - decoder := json.NewDecoder(resp.Body) - defer func() { _ = resp.Body.Close() }() + decoder := json.NewDecoder(resp.Body) switch resp.StatusCode { case http.StatusBadRequest, http.StatusInternalServerError: