fix: improve target error-handling

Signed-off-by: Christian Kotzbauer <git@ckotzbauer.de>

internal/daemon/daemon.go

@@ -60,15 +60,22 @@ func (c *CronService) runBackgroundService() {
 
 	for _, image := range containerImages {
 		sbom, err := sy.ExecuteSyft(image)
-		// Error is already handled from syft module.
-		if err == nil {
-			for _, pod := range image.Pods {
-				k8s.UpdatePodAnnotation(pod)
-			}
+		if err != nil {
+			// Error is already handled from syft module.
+			continue
 		}
 
+		errOccurred := false
+
 		for _, t := range c.targets {
-			t.ProcessSbom(image, sbom)
+			err = t.ProcessSbom(image, sbom)
+			errOccurred = errOccurred || err != nil
+		}
+
+		if !errOccurred {
+			for _, pod := range image.Pods {
+				k8s.UpdatePodAnnotation(pod)
+			}
 		}
 	}
 

internal/target/dtrack_target.go

@@ -41,19 +41,19 @@ func (g *DependencyTrackTarget) ValidateConfig() error {
 func (g *DependencyTrackTarget) Initialize() {
 }
 
-func (g *DependencyTrackTarget) ProcessSbom(image kubernetes.ContainerImage, sbom string) {
+func (g *DependencyTrackTarget) ProcessSbom(image kubernetes.ContainerImage, sbom string) error {
 	fullRef, err := parser.Parse(image.Image)
 	if err != nil {
 		logrus.WithError(err).Errorf("Could not parse image %s", image.Image)
-		return
+		return nil
 	}
 
 	imageName := fullRef.Repository()
 	tagName := fullRef.Tag()
 
 	if sbom == "" {
 		logrus.Infof("Empty SBOM - skip image (image=%s)", image.ImageID)
-		return
+		return nil
 	}
 
 	client, _ := dtrack.NewClient(g.baseUrl, dtrack.WithAPIKey(g.apiKey))
@@ -67,8 +67,11 @@ func (g *DependencyTrackTarget) ProcessSbom(image kubernetes.ContainerImage, sbo
 	)
 	if err != nil {
 		logrus.Errorf("Could not upload BOM: %v", err)
+		return err
 	}
+
 	logrus.Infof("Uploaded SBOM (upload-token=%s)", uploadToken)
+	return nil
 }
 
 func (g *DependencyTrackTarget) Cleanup(allImages []string) {

internal/target/git/git.go

@@ -99,33 +99,33 @@ func (g *GitAccount) openExistingRepo(path string) (*git.Repository, *git.Worktr
 	return r, w
 }
 
-func (g *GitAccount) CommitAll(path, message string) {
+func (g *GitAccount) CommitAll(path, message string) error {
 	r, w := g.openExistingRepo(path)
 
 	if r == nil && w == nil {
-		return
+		return nil
 	}
 
 	status, err := w.Status()
 
 	if err != nil {
 		logrus.WithError(err).Error("Status failed")
-		return
+		return err
 	}
 
 	if status.IsClean() {
 		logrus.Debug("Git-Worktree is clean, skip commit")
-		return
+		return nil
 	}
 
 	_, err = w.Add(".")
 
 	if err != nil {
 		logrus.WithError(err).Error("Add failed")
-		return
+		return err
 	}
 
-	g.commitAndPush(w, r, message)
+	return g.commitAndPush(w, r, message)
 }
 
 func (g *GitAccount) Remove(workTree, path string) {
@@ -143,29 +143,29 @@ func (g *GitAccount) Remove(workTree, path string) {
 	}
 }
 
-func (g *GitAccount) CommitAndPush(path, message string) {
+func (g *GitAccount) CommitAndPush(path, message string) error {
 	r, w := g.openExistingRepo(path)
 
 	if r == nil && w == nil {
-		return
+		return nil
 	}
 
 	status, err := w.Status()
 
 	if err != nil {
 		logrus.WithError(err).Error("Status failed")
-		return
+		return err
 	}
 
 	if status.IsClean() {
 		logrus.Debug("Git-Worktree is clean, skip commit")
-		return
+		return nil
 	}
 
-	g.commitAndPush(w, r, message)
+	return g.commitAndPush(w, r, message)
 }
 
-func (g *GitAccount) commitAndPush(w *git.Worktree, r *git.Repository, message string) {
+func (g *GitAccount) commitAndPush(w *git.Worktree, r *git.Repository, message string) error {
 	commit, err := w.Commit(message, &git.CommitOptions{
 		Author: &object.Signature{
 			Name:  g.Name,
@@ -178,7 +178,7 @@ func (g *GitAccount) commitAndPush(w *git.Worktree, r *git.Repository, message s
 
 	if err != nil {
 		logrus.WithError(err).Error("Commit failed")
-		return
+		return err
 	}
 
 	err = r.Push(&git.PushOptions{
@@ -187,9 +187,11 @@ func (g *GitAccount) commitAndPush(w *git.Worktree, r *git.Repository, message s
 
 	if err != nil {
 		logrus.WithError(err).Error("Push failed")
+		return err
 	}
 
 	logrus.Info("Push was successful")
+	return nil
 }
 
 func (g *GitAccount) tokenAuth() transport.AuthMethod {

internal/target/git_target.go

@@ -80,23 +80,23 @@ func (g *GitTarget) Initialize() {
 		viper.GetString(internal.ConfigKeyGitBranch))
 }
 
-func (g *GitTarget) ProcessSbom(image kubernetes.ContainerImage, sbom string) {
+func (g *GitTarget) ProcessSbom(image kubernetes.ContainerImage, sbom string) error {
 	imageID := image.ImageID
 	filePath := g.imageIDToFilePath(imageID)
 
 	dir := filepath.Dir(filePath)
 	err := os.MkdirAll(dir, 0777)
 	if err != nil {
 		logrus.WithError(err).Error("Directory could not be created")
-		return
+		return err
 	}
 
 	err = os.WriteFile(filePath, []byte(sbom), 0640)
 	if err != nil {
 		logrus.WithError(err).Error("SBOM could not be saved")
 	}
 
-	g.gitAccount.CommitAll(g.workingTree, fmt.Sprintf("Created new SBOM for image %s", imageID))
+	return g.gitAccount.CommitAll(g.workingTree, fmt.Sprintf("Created new SBOM for image %s", imageID))
 }
 
 func (g *GitTarget) Cleanup(allImages []string) {

internal/target/target.go

@@ -7,6 +7,6 @@ import (
 type Target interface {
 	Initialize()
 	ValidateConfig() error
-	ProcessSbom(imageID kubernetes.ContainerImage, sbom string)
+	ProcessSbom(image kubernetes.ContainerImage, sbom string) error
 	Cleanup(allImages []string)
 }