Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Adding retry for urllib3.exceptions protocolError #5575

Merged
merged 6 commits into from
Sep 19, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,9 @@
from itertools import groupby
from typing import TYPE_CHECKING, Any

from urllib3 import PoolManager
from urllib3.exceptions import ProtocolError

from checkov.common.bridgecrew.integration_features.base_integration_feature import BaseIntegrationFeature
from checkov.common.bridgecrew.integration_features.features.policy_metadata_integration import integration as metadata_integration
from checkov.common.bridgecrew.platform_integration import bc_integration
Expand Down Expand Up @@ -112,8 +115,22 @@ def _get_fixes_for_file(
if not self.bc_integration.http:
raise AttributeError("HTTP manager was not correctly created")

logging.debug(f'Calling fixes API with payload: {json.dumps(payload)}, headers: {headers}, url: {self.fixes_url}')
request = self.bc_integration.http.request("POST", self.fixes_url, headers=headers, body=json.dumps(payload)) # type:ignore[no-untyped-call]
try:
logging.debug(f'Calling fixes API with payload: {json.dumps(payload)}, headers: {headers}, url: {self.fixes_url}')
request = self.bc_integration.http.request("POST", self.fixes_url, headers=headers, body=json.dumps(payload)) # type:ignore[no-untyped-call]

# When running via IDE we can fail here in case of running with -d when the poolManager is broken
except ProtocolError as e:
logging.error(f'Get fixes request for file {filename} failed with response code error: {e}')
if isinstance(self.bc_integration.http, PoolManager):
bo156 marked this conversation as resolved.
Show resolved Hide resolved
self.bc_integration.http = None
self.bc_integration.setup_http_manager(
self.bc_integration.ca_certificate,
self.bc_integration.no_cert_verify
)
request = self.bc_integration.http.request("POST", self.fixes_url, headers=headers, body=json.dumps(payload)) # type:ignore
else:
return None

if request.status != 200:
error_message = extract_error_message(request)
Expand Down
5 changes: 5 additions & 0 deletions checkov/common/bridgecrew/platform_integration.py
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,8 @@ def __init__(self) -> None:
self.support_flag_enabled = False
self.enable_persist_graphs = convert_str_to_bool(os.getenv('BC_ENABLE_PERSIST_GRAPHS', 'True'))
self.persist_graphs_timeout = int(os.getenv('BC_PERSIST_GRAPHS_TIMEOUT', 60))
self.ca_certificate: str | None = None
self.no_cert_verify: bool = False

def set_bc_api_url(self, new_url: str) -> None:
self.bc_api_url = normalize_bc_url(new_url)
Expand Down Expand Up @@ -206,6 +208,9 @@ def setup_http_manager(self, ca_certificate: str | None = None, no_cert_verify:
:param ca_certificate: an optional CA bundle to be used by both libraries.
:param no_cert_verify: whether to skip SSL cert verification
"""
self.ca_certificate = ca_certificate
bo156 marked this conversation as resolved.
Show resolved Hide resolved
self.no_cert_verify = no_cert_verify

ca_certificate = ca_certificate or os.getenv('BC_CA_BUNDLE')
cert_reqs: str | None

Expand Down