0

I am working on a bash shell script that makes a POST API call to github to update a pull request status through curl command, below is the script I am using

export scan_status=''
export status_description=''
if[ "$(param.status)" == "Succeeded" ]; then
      scan_status="success"
      status_description="scan successful"
elif[ "$(param.status)" == "Failed" ]; then
      scan_status="failure"
      status_description="scan failed"
else
     scan_status="pending"
     status_description="scan pending"
fi

_HTTP_STATUS=$(
            curl --silent --show-error --insecure \
                --connect-timeout 20 --retry 5 --retry-delay 0 --retry-max-time 60 \
                --header 'Accept: application/vnd.github.v3+json' \
                --header 'Content-Type: application/json' \
                --header 'User-Agent: TektonCD, the peaceful cat' \
                --header 'Authorization: token '${GITHUB_TOKEN} \
                --output ${_OUT_DATA} \
                --write-out "%{http_code}\n" \
                --data '{"state":"${scan_status}","target_url":"","description":"${status_description}","context":"Checkmarx/$(params.datasource)"}' \
                --request POST \
                --url "$PR_STATUS_URL" | head -1
        )

        echo "status:${_HTTP_STATUS}"

When I hit this through script I am getting 422 error on debugging it, I noticed that the parameters scan_status,status_description in data section are being passed as "${scan_status}" & "${status_description}" rather their values.

I have tried passing them without double quotes, wrapping in single quotes, without curly brackets but none of them worked for me.

Can someone please help me to fix this

Karthik Peddineni
  • 81
  • 4

2 Answers2

1

Using here doc, no need to quote anything in your JSON:

 curl --silent --show-error --insecure \
     --connect-timeout 20 --retry 5 --retry-delay 0 --retry-max-time 60 \
     --header 'Accept: application/vnd.github.v3+json' \
     --header 'Content-Type: application/json' \
     --header 'User-Agent: TektonCD, the peaceful cat' \
     --header 'Authorization: token "${GITHUB_TOKEN}" \
     --output "${_OUT_DATA}" \
     --write-out "%{http_code}\n" \
     --url "$PR_STATUS_URL"
     --data "@/dev/stdin"<<EOF
{"state":"${scan_status}","target_url":"","description":"${status_description}","context":"Checkmarx/$(params.datasource)"}
EOF

And don't use UPPER case variables

Learn how to quote properly in shell, it's very important :

"Double quote" every literal that contains spaces/metacharacters and every expansion: "$var", "$(command "$var")", "${array[@]}", "a & b". Use 'single quotes' for code or literal $'s: 'Costs $5 US', ssh host 'echo "$HOSTNAME"'. See
http://mywiki.wooledge.org/Quotes
http://mywiki.wooledge.org/Arguments
http://wiki.bash-hackers.org/syntax/words
when-is-double-quoting-necessary

Gilles Quénot
  • 173,512
  • 41
  • 224
  • 223
0

Update this line

--data '{"state":"${scan_status}","target_url":"","description":"${status_description}","context":"Checkmarx/$(params.datasource)"}' \

to

--data "{\"state\":\"${scan_status}\",\"target_url\":\"\",\"description\":\"${status_description}\",\"context\":\"Checkmarx/$(params.datasource)\"}" \

Note:

  • Values under single quotes doesn't get resolved in bash.
Shubham Vaishnav
  • 1,637
  • 6
  • 18