From a7b0009fb2089b2389c8f9bc84d9c90c7f73d43f Mon Sep 17 00:00:00 2001 From: Sascha Schwarze Date: Sat, 15 Jun 2024 22:52:01 +0200 Subject: [PATCH] Do not panic if there are no vulnerabilities --- pkg/reconciler/buildrun/resources/results.go | 6 ++- .../buildrun/resources/results_test.go | 37 +++++++++++++++++-- 2 files changed, 39 insertions(+), 4 deletions(-) diff --git a/pkg/reconciler/buildrun/resources/results.go b/pkg/reconciler/buildrun/resources/results.go index 3b005b0e23..54f87e3dbc 100644 --- a/pkg/reconciler/buildrun/resources/results.go +++ b/pkg/reconciler/buildrun/resources/results.go @@ -82,8 +82,12 @@ func getTaskSpecResults() []pipelineapi.TaskResult { } func getImageVulnerabilitiesResult(result pipelineapi.TaskRunResult) []build.Vulnerability { - vulnerabilities := strings.Split(result.Value.StringVal, ",") var vulns []build.Vulnerability + if len(result.Value.StringVal) == 0 { + return vulns + } + + vulnerabilities := strings.Split(result.Value.StringVal, ",") for _, vulnerability := range vulnerabilities { vuln := strings.Split(vulnerability, ":") severity := getSeverity(vuln[1]) diff --git a/pkg/reconciler/buildrun/resources/results_test.go b/pkg/reconciler/buildrun/resources/results_test.go index 57105a45b9..ea47d129f4 100644 --- a/pkg/reconciler/buildrun/resources/results_test.go +++ b/pkg/reconciler/buildrun/resources/results_test.go @@ -106,9 +106,8 @@ var _ = Describe("TaskRun results to BuildRun", func() { Expect(br.Status.Source.OciArtifact.Digest).To(Equal(bundleImageDigest)) }) - It("should surface the TaskRun results emitting from output step", func() { + It("should surface the TaskRun results emitting from output step with image vulnerabilities", func() { imageDigest := "sha256:fe1b73cd25ac3f11dec752755e2" - vulns := `CVE-2019-12900:C,CVE-2019-8457:H` tr.Status.Results = append(tr.Status.Results, pipelineapi.TaskRunResult{ Name: "shp-image-digest", @@ -128,7 +127,7 @@ var _ = Describe("TaskRun results to BuildRun", func() { Name: "shp-image-vulnerabilities", Value: pipelineapi.ParamValue{ Type: pipelineapi.ParamTypeString, - StringVal: vulns, + StringVal: "CVE-2019-12900:C,CVE-2019-8457:H", }, }) @@ -141,6 +140,38 @@ var _ = Describe("TaskRun results to BuildRun", func() { Expect(br.Status.Output.Vulnerabilities[0].Severity).To(Equal(build.Critical)) }) + It("should surface the TaskRun results emitting from output step without image vulnerabilities", func() { + imageDigest := "sha256:fe1b73cd25ac3f11dec752755e2" + tr.Status.Results = append(tr.Status.Results, + pipelineapi.TaskRunResult{ + Name: "shp-image-digest", + Value: pipelineapi.ParamValue{ + Type: pipelineapi.ParamTypeString, + StringVal: imageDigest, + }, + }, + pipelineapi.TaskRunResult{ + Name: "shp-image-size", + Value: pipelineapi.ParamValue{ + Type: pipelineapi.ParamTypeString, + StringVal: "230", + }, + }, + pipelineapi.TaskRunResult{ + Name: "shp-image-vulnerabilities", + Value: pipelineapi.ParamValue{ + Type: pipelineapi.ParamTypeString, + StringVal: "", + }, + }) + + resources.UpdateBuildRunUsingTaskResults(ctx, br, tr.Status.Results, taskRunRequest) + + Expect(br.Status.Output.Digest).To(Equal(imageDigest)) + Expect(br.Status.Output.Size).To(Equal(int64(230))) + Expect(br.Status.Output.Vulnerabilities).To(HaveLen(0)) + }) + It("should surface the TaskRun results emitting from source and output step", func() { commitSha := "0e0583421a5e4bf562ffe33f3651e16ba0c78591" imageDigest := "sha256:fe1b73cd25ac3f11dec752755e2"