René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"\"product with this name already exists.\" error when sending trivy image scan results to DefectDojo","articleBody":"## 🐞 Bug report\r\n\u003c!--\r\nThank you for reporting an issue in our project 🙌\r\n\r\nBefore opening a new issue, please make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead.\r\n--\u003e\r\n\r\n### Describe the bug\r\n\r\nWe scan Docker image using `trivy image` command and the hook `secureCodeBox/persistence-defectdojo` fails with the following error:\r\n\r\n```\r\n2024-02-13 14:29:33 INFO  DefectDojoPersistenceProvider:25 - Starting DefectDojo persistence provider\r\n2024-02-13 14:29:40 INFO  DefectDojoPersistenceProvider:36 - Downloading Scan Result\r\n2024-02-13 14:29:45 INFO  DefectDojoPersistenceProvider:40 - Uploading Findings to DefectDojo at: https://defectdojo.infra.mana.wtf\r\n2024-02-13 14:29:46 INFO  VersionedEngagementsStrategy:85 - Running with DefectDojo User Id: 1\r\n2024-02-13 14:29:46 INFO  VersionedEngagementsStrategy:203 - Looking for ID of ProductType 'Application'\r\n2024-02-13 14:29:47 INFO  VersionedEngagementsStrategy:206 - ProductType 'Application' didn't already exists creating now\r\n2024-02-13 14:29:47 INFO  VersionedEngagementsStrategy:210 - Using ProductType Id: 3\r\n2024-02-13 14:29:47 INFO  VersionedEngagementsStrategy:229 - Creating Product: 'mana-game-service'\r\nException in thread \"main\" org.springframework.web.client.HttpClientErrorException$BadRequest: 400 Bad Request: \"{\"name\":[\"product with this name already exists.\"],\"message\":\"{'name': [ErrorDetail(string='product with this name already exists.', code='unique')]}\"}\"\r\n\tat org.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:101)\r\n\tat org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:168)\r\n\tat org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:122)\r\n\tat org.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63)\r\n\tat org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:825)\r\n\tat org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:783)\r\n\tat org.springframework.web.client.RestTemplate.execute(RestTemplate.java:717)\r\n\tat org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:608)\r\n\tat io.securecodebox.persistence.defectdojo.service.GenericDefectDojoService.create(GenericDefectDojoService.java:221)\r\n\tat io.securecodebox.persistence.strategies.VersionedEngagementsStrategy.lambda$ensureProductExistsForScan$5(VersionedEngagementsStrategy.java:230)\r\n\tat java.base/java.util.Optional.orElseGet(Optional.java:364)\r\n\tat io.securecodebox.persistence.strategies.VersionedEngagementsStrategy.ensureProductExistsForScan(VersionedEngagementsStrategy.java:228)\r\n\tat io.securecodebox.persistence.strategies.VersionedEngagementsStrategy.run(VersionedEngagementsStrategy.java:87)\r\n\tat io.securecodebox.persistence.DefectDojoPersistenceProvider.main(DefectDojoPersistenceProvider.java:43)\r\n```\r\n\r\n(We do have the product in DefectDojo and we want to reuse it for this scan results.)\r\n\r\n### Steps To Reproduce\r\n\r\n1. Create a product \"name-of-the-product\" in DefectDojo\r\n\r\n2. Run trivy scan with the following yaml:\r\n```\r\napiVersion: \"execution.securecodebox.io/v1\"\r\nkind: Scan\r\nmetadata:\r\n  name: \"trivy-image\"\r\n  annotations:\r\n    defectdojo.securecodebox.io/product-type-name: Application\r\n    defectdojo.securecodebox.io/product-name: name-of-the-product\r\n    defectdojo.securecodebox.io/engagement-name: \"Trivy image scan\"\r\n    defectdojo.securecodebox.io/test-title: \"Trivy image @ tag\"\r\nspec:\r\n  scanType: \"trivy-image\"\r\n  parameters:\r\n    - \"registry.domain.tld/image:tag\"\r\n```\r\n\r\n### Expected behavior\r\n\r\nCheck if the hook `persistence-defectdojo` succeeds.\r\n\r\n### System (please complete the following information):\r\n\r\n- operator-4.3.0\r\n- trivy-4.3.0\r\n- persistence-defectdojo-4.3.0\r\n\r\nGoogle Kubernetes Engine\r\n\r\n```\r\nClient Version: version.Info{Major:\"1\", Minor:\"25\", GitVersion:\"v1.25.4\", GitCommit:\"872a965c6c6526caa949f0c6ac028ef7aff3fb78\", GitTreeState:\"clean\", BuildDate:\"2022-11-09T13:28:30Z\", GoVersion:\"go1.19.3\", Compiler:\"gc\", Platform:\"darwin/arm64\"}\r\nKustomize Version: v4.5.7\r\nServer Version: version.Info{Major:\"1\", Minor:\"26\", GitVersion:\"v1.26.10-gke.1101000\", GitCommit:\"375ed214cfa092ed25d2472c1709db5d7dcda078\", GitTreeState:\"clean\", BuildDate:\"2023-11-06T09:23:17Z\", GoVersion:\"go1.20.10 X:boringcrypto\", Compiler:\"gc\", Platform:\"linux/amd64\"}\r\n```\r\n\r\n### Screenshots / Logs\r\n\u003c!-- If applicable, add screenshots to help explain your problem. --\u003e\r\n\r\n### Additional context\r\n\u003c!-- Add any other context about the problem here. --\u003e\r\n","author":{"url":"https://github.com/danil-smirnov","@type":"Person","name":"danil-smirnov"},"datePublished":"2024-02-13T14:53:34.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":3},"url":"https://github.com/2285/secureCodeBox/issues/2285"}