No error returned when failed to push to Dependency Track

[dmuse89]

I am currently implementing this tool into our pipelines (kudos, btw, on creating a great all-in-one CycloneDX SBOM Generator) and the pipeline is still still passing, although an error is shown in the cdxgen tool and fails to upload to Dependency Track v4.3.6 (see attached image).

In the event of an error, the application should return an error value to the OS.

Command called:
cdxgen --project-name $CI_PROJECT_NAME --project-version $CI_COMMIT_REF_NAME --server-url $DT_SERVER_URL --api-key $DT_API_KEY -p -r

[prabhu]

@dmuse89 Could you check the value set for DT_SERVER_URL. The code is appending the argument with /api/v1/bom here

https://github.com/AppThreat/cdxgen/blob/master/index.js#L2068

[dmuse89]

Hey @prabhu, indeed that appeared to be the issue in this case. Nevertheless, in the event that cdxgen fails, then it should return an error code to the calling application.

[prabhu]

@dmuse89 I agree. Will keep this ticket open and add some error checks.