Merge pull request #154 from abnamro/2578799-skip-empty-repo

Peter-v-d-Spek · web-flow · commit e7eb9a0a3e1e · 2023-08-11T16:05:22.000+02:00
[#2578799] Skip scanning empty repositories
diff --git a/components/resc-vcs-scanner/src/vcs_scanner/secret_scanners/cli.py b/components/resc-vcs-scanner/src/vcs_scanner/secret_scanners/cli.py
@@ -260,7 +260,8 @@ def scan_repository(args: Namespace):
         username=args.username,
         personal_access_token=args.password,
         local_path=f"{args.dir.absolute()}",
-        force_base_scan=args.force_base_scan
+        force_base_scan=args.force_base_scan,
+        latest_commit="unknown"
     )
 
     secret_scanner.run_repository_scan()
diff --git a/components/resc-vcs-scanner/src/vcs_scanner/secret_scanners/secret_scanner.py b/components/resc-vcs-scanner/src/vcs_scanner/secret_scanners/secret_scanner.py
@@ -66,6 +66,11 @@ def clone_repo(self) -> str:
         return repo_clone_path
 
     def run_repository_scan(self) -> None:
+        if not self.latest_commit:
+            # There is no latest commit for this repository, assuming that its empty
+            logger.info(f"Skipping scanning of {self.repository.project_key}/{self.repository.repository_name} "
+                        f"there are no commits")
+            return
         logger.info(
             f"Started task for scanning {self.repository.repository_name} using "
             f"rule pack version: {self.rule_pack_version}")
diff --git a/components/resc-vcs-scraper/src/vcs_scraper/repository_collector/common.py b/components/resc-vcs-scraper/src/vcs_scraper/repository_collector/common.py
@@ -42,9 +42,14 @@ def extract_project_information(project_key, vcs_client, vcs_instance_name):
             logger.info(f"Fetching latest commit for repository: '{project_key}/{repository['name']}'")
             latest_commit = vcs_client.get_latest_commit(project_key=project_key, repository_id=repository["name"])
             task_parameters = vcs_client.export_repository(repository, latest_commit, vcs_instance_name)
-            project_tasks.append(task_parameters)
+            if latest_commit:
+                project_tasks.append(task_parameters)
+                logger.info(f"Information for repository: '{project_key}/{repository['name']}' "
+                            f"was fetched successfully")
+            else:
+                # Repository has no commits, will not forward to scanner
+                logger.info(f"Repository: '{project_key}/{repository['name']}' has no commits, skipping")
 
-            logger.info(f"Information for repository: '{project_key}/{repository['name']}' was fetched successfully")
         except requests.exceptions.HTTPError as http_exception:
             logger.error(
                 f"Error while processing repository '{project_key}/{repository['name']}':"

Original file line number	Diff line number	Diff line change
`@@ -260,7 +260,8 @@ def scan_repository(args: Namespace):`
`260`	`260`	`username=args.username,`
`261`	`261`	`personal_access_token=args.password,`
`262`	`262`	`local_path=f"{args.dir.absolute()}",`
`263`		`- force_base_scan=args.force_base_scan`
	`263`	`+ force_base_scan=args.force_base_scan,`
	`264`	`+ latest_commit="unknown"`
`264`	`265`	`)`
`265`	`266`
`266`	`267`	`secret_scanner.run_repository_scan()`