Merge pull request #908 from akto-api-security/hotfix/fix_github_comm…

…ents_error null check in GithubUtils
akto-api-security · Feb 23, 2024 · 60ec465 · 60ec465
2 parents 80447d9 + 546fdea
commit 60ec465
Showing 1 changed file with 21 additions and 1 deletion.
diff --git a/libs/utils/src/main/java/com/akto/github/GithubUtils.java b/libs/utils/src/main/java/com/akto/github/GithubUtils.java
@@ -15,6 +15,7 @@
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import io.jsonwebtoken.lang.RuntimeEnvironment;
+import org.apache.commons.lang3.StringUtils;
 import org.kohsuke.github.*;
 
 import java.security.Key;
@@ -74,11 +75,20 @@ public static void publishGithubStatus(TestingRunResultSummary testingRunResultS
         AccountSettings accountSettings = AccountSettingsDao.instance.findOne(generateFilter());
         String privateKey = accountSettings.getGithubAppSecretKey();
         String githubAppId = accountSettings.getGithubAppId();
+        if (StringUtils.isEmpty(privateKey) || StringUtils.isEmpty(githubAppId)) {//If github app is not integrated
+            return;
+        }
         String jwtToken;
         try {
             Map<String, String> metaData = testingRunResultSummary.getMetadata();
+            if (metaData == null) {//No metaData is present, i.e. not a cicd test
+                return;
+            }
             String repository = metaData.get("repository");
             String commitSHA = metaData.get("commit_sha_head");
+            if (StringUtils.isEmpty(repository)  || StringUtils.isEmpty(commitSHA)) {
+                return;
+            }
             jwtToken = createJWT(githubAppId,privateKey, 10 * 60 * 1000);
             GitHub gitHub = new GitHubBuilder().withJwtToken(jwtToken).build();
             GHApp ghApp = gitHub.getApp();
@@ -115,11 +125,21 @@ public static void publishGithubComments(TestingRunResultSummary testingRunResul
         AccountSettings accountSettings = AccountSettingsDao.instance.findOne(generateFilter());
         String privateKey = accountSettings.getGithubAppSecretKey();
         String githubAppId = accountSettings.getGithubAppId();
+        if (StringUtils.isEmpty(privateKey) || StringUtils.isEmpty(githubAppId)) {//If github app is not integrated
+            return;
+        }
         try {
             Map<String, String> metaData = testingRunResultSummary.getMetadata();
+            if (metaData == null) {//No metaData is present, i.e. not a cicd test
+                return;
+            }
             String repository = metaData.get("repository");
             String pullRequestId = metaData.get("pull_request_id");
             String commitSHA = metaData.get("commit_sha_head");
+            if (StringUtils.isEmpty(repository) || StringUtils.isEmpty(pullRequestId) || StringUtils.isEmpty(commitSHA)) {
+                return;
+            }
+
             boolean isCompleted = testingRunResultSummary.getState() == TestingRun.State.COMPLETED;
             StringBuilder messageStringBuilder = new StringBuilder();
             if (isCompleted) {
@@ -152,7 +172,7 @@ public static void publishGithubComments(TestingRunResultSummary testingRunResul
                 loggerMaker.infoAndAddToDb("Github app doesn't have access to repository", LoggerMaker.LogDb.TESTING);
                 return;
             }
-            if (pullRequestId == null || !pullRequestId.startsWith("refs/pull/")) {
+            if (!pullRequestId.startsWith("refs/pull/")) {
                 loggerMaker.infoAndAddToDb("Pull request id not available", LoggerMaker.LogDb.TESTING);
                 return;
             }