Improve Error Message on Failed attachment of Finding

The original code does not provide the causing error, which makes it dificult to debug the problem. - Add first adding loggign capabilities via SLF4J. - Log the failed attempt of attaching a finding as eror w/ original exception message. - Pass the causing exception to the exception we rethrow to preserve the full stack trace. Signed-off-by: Sven Strittmatter <sven.strittmatter@iteratec.com>
secureCodeBox · Feb 14, 2024 · 130a695 · 130a695
1 parent 74aa334
commit 130a695
Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/pom.xml b/pom.xml
@@ -122,6 +122,12 @@
             <version>${com.fasterxml.jackson.version}</version>
         </dependency>
         <dependency>
+          <groupId>org.slf4j</groupId>
+          <artifactId>slf4j-api</artifactId>
+          <version>2.0.11</version>
+        </dependency>
+
+      <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
             <version>1.18.30</version>

diff --git a/src/main/java/io/securecodebox/persistence/defectdojo/service/DefaultImportScanService.java b/src/main/java/io/securecodebox/persistence/defectdojo/service/DefaultImportScanService.java
@@ -11,6 +11,7 @@
 import io.securecodebox.persistence.defectdojo.model.ScanFile;
 import lombok.Getter;
 import lombok.NonNull;
+import lombok.extern.slf4j.Slf4j;
 import org.apache.http.HttpHost;
 import org.apache.http.auth.AuthScope;
 import org.apache.http.auth.UsernamePasswordCredentials;
@@ -40,6 +41,7 @@
 /*
  * https://defectdojo.security.iteratec.dev/api/v2/oa3/swagger-ui/#operations-tag-import-scan
  */
+@Slf4j
 class DefaultImportScanService implements ImportScanService {
   private static final List<HttpMessageConverter<?>> HTTP_MESSAGE_CONVERTERS = List.of(
     new FormHttpMessageConverter(),
@@ -123,7 +125,8 @@ public String getFilename() {
       final var payload = new HttpEntity<MultiValueMap<String, Object>>(body, headers);
       return exchangeRequest(endpoint, payload);
     } catch (HttpClientErrorException e) {
-      throw new PersistenceException("Failed to attach findings to engagement.");
+      log.error("Exception while attaching findings to engagement: {}", e.getMessage());
+      throw new PersistenceException("Failed to attach findings to engagement.", e);
     }
   }