API Fuzzing job not failing after dotnet license validation failure
Summary
Multiple layers of license checks are performed by API Fuzzing. One of those checks is in the c# scanner engine. During manual integration testing it was found that when the scanner license check fails, the docker container still exists with a valid (0) exit code.
This issue should not occur if the user is using the API Fuzzing CI template as the template also performed a license check, hiding the bug during normal usage.
Steps to reproduce
- Run docker container without the
GITLAB_FEATURES
environment variable, or without theapi_fuzzing
feature. - Note the log output has a license check failure
- Note the container exit code is 0
What is the current bug behavior?
When license check fails, the container exits with success exit code (0).
What is the expected correct behavior?
When license check fails, the container exits with an error code (1)
Technical Solution
- Detect container error exit in template file
- On error display docker logs for
apifuzzer
container - Exit job with error code
1
- Exit after the users post script
Edited by Michael Eddington