From afc1204c5749122c2f54b4d744e4b3f2d34b469a Mon Sep 17 00:00:00 2001 From: Martin Lang Date: Mon, 1 Oct 2018 15:17:25 +0200 Subject: [PATCH 1/5] Added default env variables. Added warnings to log if request fails --- lib/camunda_worker.rb | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/lib/camunda_worker.rb b/lib/camunda_worker.rb index 245a599..7908c4d 100644 --- a/lib/camunda_worker.rb +++ b/lib/camunda_worker.rb @@ -44,9 +44,9 @@ def initialize(camunda_url, topic, variables, task_lock_duration = 3600000, poll @protected_engine = (ENV.has_key? 'ENGINE_BASIC_AUTH_USER') and (ENV.has_key? 'ENGINE_BASIC_AUTH_PASSWORD') @basic_auth_user = ENV.fetch('ENGINE_BASIC_AUTH_USER', '') @basic_auth_password = ENV.fetch('ENGINE_BASIC_AUTH_PASSWORD', '') - @repository_url = ENV.fetch('SCB_REPOSITORY_URL') - @branch = ENV.fetch('SCB_BRANCH') - @commit_id = ENV.fetch('SCB_COMMIT_ID') + @repository_url = ENV.fetch('SCB_REPOSITORY_URL', 'unknown') + @branch = ENV.fetch('SCB_BRANCH', 'unknown') + @commit_id = ENV.fetch('SCB_COMMIT_ID', 'unknown') Thread.new do sleep poll_interval @@ -112,6 +112,7 @@ def fetch_and_lock_task JSON.parse(res) end rescue => e + $logger.warn("Failed to fetch jobs") nil end end @@ -158,13 +159,14 @@ def http_post(url, payload = "") @last_connect = Time.now return nil else + $logger.warn "Unexpected http status code (#{response.code}) received." $logger.debug "Invalid response #{response.to_str} received." @last_connect = "ERROR" fail "Code #{response.code}: Invalid response #{response.to_str} received." end end rescue => e - $logger.debug "Error while connecting to #{url}" + $logger.warn "Error while connecting to #{url}." $logger.debug e.message raise StandardError.new end From d2183bd6ea98740ffd77d5d91d8b59b023bd16b4 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Tue, 30 Oct 2018 17:15:14 +0100 Subject: [PATCH 2/5] Removed unnecessary token for accessing the build status --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1fda65a..427a677 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -![Build Status](https://travis-ci.com/secureCodeBox/scanner-webserver-nikto.svg?token=2Rsf2E9Bq3FduSxRf6tz&branch=develop) +[![Build Status](https://travis-ci.com/secureCodeBox/scanner-webserver-nikto.svg?branch=develop)](https://travis-ci.com/secureCodeBox/scanner-webserver-nikto) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![GitHub release](https://img.shields.io/github/release/secureCodeBox/scanner-webserver-nikto.svg)](https://github.com/secureCodeBox/scanner-webserver-nikto/releases/latest) From 27395d5f5075daba711a2d193d8dfec408aa2c2b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6ran=20Tesse?= Date: Fri, 9 Nov 2018 15:30:48 +0100 Subject: [PATCH 3/5] added curl-based health check --- Dockerfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 64b2c61..d994d0b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM ruby:alpine -RUN apk update && apk upgrade && apk add perl perl-net-ssleay make g++ openssl +RUN apk update && apk upgrade && apk add perl perl-net-ssleay make g++ openssl curl WORKDIR /sectools/ @@ -8,6 +8,8 @@ RUN wget https://github.com/sullo/nikto/archive/master.tar.gz -P /sectools && \ tar zxvf /sectools/master.tar.gz -C /sectools && \ rm /sectools/master.tar.gz +HEALTHCHECK --interval=5s --timeout=5s --start-period=30s --retries=3 CMD curl --fail http://localhost:8080/status || exit 1 + COPY Gemfile src/ RUN bundle install --gemfile=/sectools/src/Gemfile From 8999852bef961e6f7069e185b63912ba737009ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6ran=20Tesse?= Date: Fri, 9 Nov 2018 15:31:44 +0100 Subject: [PATCH 4/5] =?UTF-8?q?unhealthy=20state=20now=20depends=20on=20th?= =?UTF-8?q?e=20scanner=E2=80=99s=20availability=20rather=20than=20the=20en?= =?UTF-8?q?gine=E2=80=99s?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main.rb b/src/main.rb index e6d4523..42db01e 100644 --- a/src/main.rb +++ b/src/main.rb @@ -15,7 +15,7 @@ get '/status' do status 500 - if (healthcheck(client.last_connect) == "UP") + if (scanner_test == "SUCCESSFUL") status 200 end @@ -46,7 +46,7 @@ end def healthcheck(connection) - if (connection != "ERROR" && scanner_test == "SUCCESSFULL") + if (connection != "ERROR" && scanner_test == "SUCCESSFUL") return "UP" end return "DOWN" @@ -55,7 +55,7 @@ def healthcheck(connection) def scanner_test system('perl /sectools/nikto-master/program/nikto.pl -Version > /dev/null') if $? == 0 - return "SUCCESSFULL" + return "SUCCESSFUL" else return "FAILED" end From 55549209610051f9089a2eb4e3b268b2e7a338c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6ran=20Tesse?= Date: Mon, 12 Nov 2018 13:05:26 +0100 Subject: [PATCH 5/5] more sane timings for healthcheck --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d994d0b..4675d39 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ RUN wget https://github.com/sullo/nikto/archive/master.tar.gz -P /sectools && \ tar zxvf /sectools/master.tar.gz -C /sectools && \ rm /sectools/master.tar.gz -HEALTHCHECK --interval=5s --timeout=5s --start-period=30s --retries=3 CMD curl --fail http://localhost:8080/status || exit 1 +HEALTHCHECK --interval=30s --timeout=5s --start-period=120s --retries=3 CMD curl --fail http://localhost:8080/status || exit 1 COPY Gemfile src/