Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BOM_PROCESSED & BOM_CONSUMED Alerts Not Sent When BOM Processing V2 Enabled #3880

Closed
2 tasks done
msymons opened this issue Jun 25, 2024 · 2 comments · Fixed by #3877
Closed
2 tasks done

BOM_PROCESSED & BOM_CONSUMED Alerts Not Sent When BOM Processing V2 Enabled #3880

msymons opened this issue Jun 25, 2024 · 2 comments · Fixed by #3877
Labels
defect Something isn't working p2 Non-critical bugs, and features that help organizations to identify and reduce risk
Milestone
4.11.5

Comments

@msymons
Copy link
Member

msymons commented Jun 25, 2024

Current Behavior

Alerts that are configured for BOM_PROCESSED & BOM_CONSUMED are incredibly useful for automating synchronisation of BOMs between two Dependency-Track Instances (using alerts of type Webhook in this case).

Thanks to logging introduced in v4.10 once can see proof in the logs when the alerts are failing and also (if desired) when they are working fine.

Such alerts stop working when BOM Processing V2 is enabled. There is no logging at all.

Testing shows that it is not just Webhook alerts that fail... emails also do not get sent.

Steps to Reproduce

  • Create an email alert with scope Portfolio and specifying BOM_PROCESSED (or BOM_CONSUMED)
  • Limit the alert to project X and select " Log successful publish"
  • Ensure that BOM Processing V2 is NOT enabled
  • Upload a BOM to project X and check that the alert has fired successfully (ie, it is logged and you receive the email)
  • Now enable BOM Processing V2
  • Upload a BOM to project X and check that the alert has not been logged this time.

Expected Behavior

Alerts for BOM_PROCESSED & BOM_CONSUMED should work when BOM Processing V2 is enabled.

Dependency-Track Version

4.11.4

Dependency-Track Distribution

Container Image

Database Server

PostgreSQL

Database Server Version

14.x

Browser

Google Chrome

Checklist
@msymons msymons added defect Something isn't working in triage labels Jun 25, 2024
@nscuro nscuro added p2 Non-critical bugs, and features that help organizations to identify and reduce risk and removed in triage labels Jun 25, 2024
@nscuro nscuro added this to the 4.12 milestone Jun 25, 2024
@nscuro
Copy link
Member

nscuro commented Jun 25, 2024

Fixed via #3877. The notifications are dispatched, but using the wrong scope (SYSTEM instead of PORTFOLIO). This causes the configured alert rules to be bypassed.

@nscuro nscuro closed this as completed Jun 25, 2024
@nscuro nscuro mentioned this issue Jun 25, 2024
Merged
2 tasks
@nscuro nscuro modified the milestones: 4.12, 4.11.5 Jul 8, 2024
nscuro added a commit to nscuro/dependency-track that referenced this issue Jul 8, 2024
@nscuro
Fix BOM_CONSUMED and BOM_PROCESSED notifications being dispatched…
44a88f7 
… with wrong scope for BOM processing V2

Fixes DependencyTrack#3880

Signed-off-by: nscuro <nscuro@protonmail.com>
@nscuro nscuro mentioned this issue Jul 8, 2024
Merged
2 tasks
@msymons msymons mentioned this issue Jul 17, 2024
Closed
2 tasks
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 8, 2024

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 8, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
defect Something isn't working p2 Non-critical bugs, and features that help organizations to identify and reduce risk
Projects
None yet
Milestone
4.11.5
2 participants
@msymons @nscuro