Skip to content

fix(cmd/saas): add timeout option #2183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Apr 23, 2025
Merged

fix(cmd/saas): add timeout option #2183

merged 6 commits into from
Apr 23, 2025

Conversation

wadda0714
Copy link
Contributor

@wadda0714 wadda0714 commented Apr 23, 2025
edited
Loading

If this Pull Request is work in progress, Add a prefix of “[WIP]” in the title.

What did you implement:

Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context.

Added timeout option to the vuls-saas command.

C:\Program Files\vuls-saas>vuls.exe saas -h
saas:
        saas
                [-config=/path/to/config.toml]
                [-results-dir=/path/to/results]
                [-log-to-file]
                [-log-dir=/path/to/log]
                [-http-proxy=http://192.168.0.1:8080]
                [-timeout=10]
                [-debug]
                [-quiet]
  -config string
        /path/to/toml (default "C:\\Program Files\\vuls-saas\\config.toml")
  -debug
        debug mode
  -http-proxy string
        http://proxy-url:port (default: empty)
  -log-dir string
        /path/to/log (default "C:\\Users\\ome-202304wada\\AppData\\Roaming\\vuls")
  -log-to-file
        Output log to file
  -quiet
        Quiet mode. No output on stdout
  -results-dir string
        /path/to/results (default "C:\\Program Files\\vuls-saas\\results")
  -timeout int
        Number of seconds for uploading scan reports to saas (default 10)

Fixes # (issue)

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce.

To reproduce an environment where communication times out, a mock server was set up to delay the response.

package main

import (
	"fmt"
	"net/http"
	"time"
)

func main() {
	http.HandleFunc("/upload", func(w http.ResponseWriter, r *http.Request) {
		fmt.Println("Received request, delaying...")

		time.Sleep(10 * time.Second)

		fmt.Println("Done.")
		w.WriteHeader(http.StatusOK)
		w.Write([]byte(`{"status":"ok"}`))
	})

	fmt.Println("Mock server running on :8080")
	http.ListenAndServe(":8080", nil)
}

Changed URL in config.toml to that of the mock server.

# See README for details: https://vuls.io/docs/en/usage-settings.html

version = "v2"

[saas]
  GroupID = xxxx
  Token = "xxxx"
  URL = "http://localhost:8080/upload"

Executed vuls saas command with timeout option
The timeout is set to 5 seconds because the response from the mock server comes back after a 10-second delay.

C:\Program Files\vuls-saas>vuls.exe saas -timeout=5
time="Apr 23 16:51:28" level=info msg="vuls--build-20250423_164702_b6f382c"
time="Apr 23 16:51:28" level=info msg="Validating config..."
time="Apr 23 16:51:28" level=info msg="Loaded: C:\\Program Files\\vuls-saas\\results\\2025-04-23T11-57-49+0900"
time="Apr 23 16:51:33" level=error msg="Failed to upload. err: Post \"http://localhost:8080/upload\": context deadline exceeded"

Errors are output correctly when the context times out.

The timeout is set to 15 seconds

C:\Program Files\vuls-saas>vuls.exe saas -timeout=15
time="Apr 23 18:09:54" level=info msg="vuls--build-20250423_164702_b6f382c"
time="Apr 23 18:09:54" level=info msg="Validating config..."
time="Apr 23 18:09:54" level=info msg="Loaded: C:\\Program Files\\vuls-saas\\results\\2025-04-23T11-57-49+0900"
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x0 pc=0x39b0a75]

goroutine 1 [running]:
github.com/future-architect/vuls/saas.Writer.Write({0xc000d09000?}, {0xc000cb2a08, 0x1, 0xc000cb2a08?})
        github.com/future-architect/vuls/saas/saas.go:107 +0x935
github.com/future-architect/vuls/subcmds.(*SaaSCmd).Execute(0xc000009de8, {0xc00008cbe0?, 0xc000b3ddc0?}, 0xc000891110, {0x1?, 0x3c4c320?, 0xc000b3dd01?})
        github.com/future-architect/vuls/subcmds/saas.go:126 +0x97c
github.com/google/subcommands.(*Commander).Execute(0xc0000ee700, {0x5451bf0, 0x77a48e0}, {0x0, 0x0, 0x0})
        github.com/google/[email protected]/subcommands.go:209 +0x37a
github.com/google/subcommands.Execute(...)
        github.com/google/[email protected]/subcommands.go:492
main.main()
        github.com/future-architect/vuls/cmd/scanner/main.go:35 +0x12d4

The mock server response is returned before the timeout, and the expected error is output.

Checklist:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: YES

Reference

@wadda0714 wadda0714 changed the title add: timeout option to ./vuls saas fix(cmd/saas): add timeout option Apr 23, 2025
@wadda0714 wadda0714 changed the title fix(cmd/saas): add timeout option [WIP]fix(cmd/saas): add timeout option Apr 23, 2025
shino
shino reviewed Apr 23, 2025
View reviewed changes
@wadda0714 wadda0714 changed the title [WIP]fix(cmd/saas): add timeout option fix(cmd/saas): add timeout option Apr 23, 2025
@wadda0714 wadda0714 requested a review from shino April 23, 2025 09:07
MaineK00n
MaineK00n reviewed Apr 23, 2025
View reviewed changes
MaineK00n
MaineK00n reviewed Apr 23, 2025
View reviewed changes
MaineK00n
MaineK00n reviewed Apr 23, 2025
View reviewed changes
@wadda0714 @MaineK00n
delete comment
e05a9e0 
Co-authored-by: MaineK00n <[email protected]>
@MaineK00n MaineK00n force-pushed the wada/add_option_timeout branch from 9d69300 to e05a9e0 Compare April 23, 2025 19:10
@MaineK00n MaineK00n merged commit 0b51049 into future-architect:master Apr 23, 2025
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MaineK00n MaineK00n MaineK00n approved these changes

@shino shino Awaiting requested review from shino

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@wadda0714 @shino @MaineK00n