fix: [PIPE-23883]: defined cgiTaskResponse, fix NPE error when pipeline execution and secret fetching fails

task/drivers/cgi/execer.go

@@ -14,6 +14,7 @@ import (
 	"os"
 	"path/filepath"
 
+	"github.com/drone/go-task/task"
 	"github.com/drone/go-task/task/logger"
 )
 
@@ -30,7 +31,7 @@ func newExecer(binpath string, cgiConfig *Config) *Execer {
 }
 
 // Exec executes the task given the binary filepath and the configuration
-func (e *Execer) Exec(ctx context.Context, in []byte) ([]byte, error) {
+func (e *Execer) Exec(ctx context.Context, in []byte) (*task.CGITaskResponse, error) {
 	conf := e.CGIConfig
 	log := logger.FromContext(ctx).WithFields(map[string]interface{}{
 		"cgi.dir":    filepath.Dir(e.Binpath),
@@ -82,12 +83,13 @@ func (e *Execer) Exec(ctx context.Context, in []byte) ([]byte, error) {
 	}
 
 	log.Infof("Captured CGI logs: %s", stderrBuf.String())
-	// check the error code and write the error
-	// to the context, if applicable.
-	// TODO should we unmarshal the response body to an error type?
-	if responseRecorder.Code > 299 {
-		return nil, fmt.Errorf("received error code %d", responseRecorder.Code)
-	}
+	return &task.CGITaskResponse{StatusCode: responseRecorder.Code, Body: responseRecorder.Body.Bytes(), Headers: headerToMap(responseRecorder.Header())}, nil
+}
 
-	return responseRecorder.Body.Bytes(), nil
+func headerToMap(header http.Header) map[string][]string {
+	headerMap := make(map[string][]string)
+	for key, values := range header {
+		headerMap[key] = values
+	}
+	return headerMap
 }

task/router.go

@@ -8,6 +8,7 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
+	"fmt"
 
 	"io"
 
@@ -105,17 +106,26 @@ func (h *Router) ResolveSecrets(ctx context.Context, tasks []*Task) ([]*common.S
 		if err := res.Error(); err != nil {
 			return nil, err
 		}
+		out := new(CGITaskResponse)
 
 		// attempt to unmarshal the task response
 		// body into the secrets struct.
-		out := new(common.Secret)
-		if err := json.Unmarshal(res.Body(), &out); err != nil {
+		//out := new(common.Secret)
+		if err := json.Unmarshal(res.Body(), out); err != nil {
 			return nil, err
 		}
-		out.ID = subtask.ID
+		// Check whether it's a successful CGI call. Fail the task if it's not, as we can't proceed without the secret.
+		if out.StatusCode > 299 {
+			return nil, fmt.Errorf("failed to retrieve secret: %s. %s", subtask.ID, out.Body)
+		}
+		secretOutput := new(common.Secret)
+		if err := json.Unmarshal(out.Body, secretOutput); err != nil {
+			return nil, fmt.Errorf("failed to unmarshal secret: %s. %s", subtask.ID, err)
+		}
+		secretOutput.ID = subtask.ID
 
 		// add the secret to request
-		secrets = append(secrets, out)
+		secrets = append(secrets, secretOutput)
 	}
 	return secrets, nil
 }

task/types.go

@@ -84,6 +84,12 @@ type Executable struct {
 	Url  string `json:"url"`
 }
 
+type CGITaskResponse struct {
+	StatusCode int                 `json:"status_code"`
+	Headers    map[string][]string `json:"headers"`
+	Body       []byte              `json:"body"`
+}
+
 // type State struct {
 // 	// ID provides a unique task identifier.
 // 	ID string `json:"id"`