Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: respect custom exit code from plugin #6584

Merged
merged 3 commits into from
May 2, 2024
Merged

feat: respect custom exit code from plugin #6584

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
16a250c
refactor: add a custom error with exit code
knqyf263 Apr 30, 2024
e26381c
feat(plugin): support custom exit code
knqyf263 Apr 30, 2024
badc37c
feat(plugin): silence usage and error
knqyf263 Apr 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions cmd/trivy/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,19 +2,25 @@ package main

import (
"context"
"errors"
"os"

"golang.org/x/xerrors"

"github.com/aquasecurity/trivy/pkg/commands"
"github.com/aquasecurity/trivy/pkg/log"
"github.com/aquasecurity/trivy/pkg/plugin"
"github.com/aquasecurity/trivy/pkg/types"

_ "modernc.org/sqlite" // sqlite driver for RPM DB and Java DB
)

func main() {
if err := run(); err != nil {
var exitError *types.ExitError
if errors.As(err, &exitError) {
os.Exit(exitError.Code)
}
log.Fatal("Fatal error", log.Err(err))
}
}
Expand Down
4 changes: 2 additions & 2 deletions pkg/cloud/aws/commands/run.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (
"github.com/aquasecurity/trivy/pkg/commands/operation"
"github.com/aquasecurity/trivy/pkg/flag"
"github.com/aquasecurity/trivy/pkg/log"
"github.com/aquasecurity/trivy/pkg/types"
)

var allSupportedServicesFunc = awsScanner.AllSupportedServices
Expand Down Expand Up @@ -170,6 +171,5 @@ func Run(ctx context.Context, opt flag.Options) error {
return xerrors.Errorf("unable to write results: %w", err)
}

operation.Exit(opt, r.Failed())
return nil
return operation.Exit(opt, r.Failed(), types.Metadata{})
}
2 changes: 2 additions & 0 deletions pkg/commands/app.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,8 @@ func loadPluginCommands() []*cobra.Command {
return nil
},
DisableFlagParsing: true,
SilenceUsage: true,
SilenceErrors: true,
}
commands = append(commands, cmd)
}
Expand Down
5 changes: 1 addition & 4 deletions pkg/commands/artifact/run.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -452,10 +452,7 @@ func Run(ctx context.Context, opts flag.Options, targetKind TargetKind) (err err
return xerrors.Errorf("report error: %w", err)
}

operation.ExitOnEOL(opts, report.Metadata)
operation.Exit(opts, report.Results.Failed())

return nil
return operation.Exit(opts, report.Results.Failed(), report.Metadata)
}

func disabledAnalyzers(opts flag.Options) []analyzer.Type {
Expand Down
5 changes: 1 addition & 4 deletions pkg/commands/convert/run.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,5 @@ func Run(ctx context.Context, opts flag.Options) (err error) {
return xerrors.Errorf("unable to write results: %w", err)
}

operation.ExitOnEOL(opts, r.Metadata)
operation.Exit(opts, r.Results.Failed())

return nil
return operation.Exit(opts, r.Results.Failed(), r.Metadata)
}
15 changes: 7 additions & 8 deletions pkg/commands/operation/operation.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -204,16 +204,15 @@ func GetTLSConfig(caCertPath, certPath, keyPath string) (*x509.CertPool, tls.Cer
return caCertPool, cert, nil
}

func Exit(opts flag.Options, failedResults bool) {
if opts.ExitCode != 0 && failedResults {
os.Exit(opts.ExitCode)
}
}

func ExitOnEOL(opts flag.Options, m types.Metadata) {
func Exit(opts flag.Options, failedResults bool, m types.Metadata) error {
if opts.ExitOnEOL != 0 && m.OS != nil && m.OS.Eosl {
log.Error("Detected EOL OS", log.String("family", string(m.OS.Family)),
log.String("version", m.OS.Name))
os.Exit(opts.ExitOnEOL)
return &types.ExitError{Code: opts.ExitOnEOL}
}

if opts.ExitCode != 0 && failedResults {
return &types.ExitError{Code: opts.ExitCode}
}
return nil
}
4 changes: 1 addition & 3 deletions pkg/k8s/commands/run.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,9 +122,7 @@ func (r *runner) run(ctx context.Context, artifacts []*k8sArtifacts.Artifact) er
return xerrors.Errorf("unable to write results: %w", err)
}

operation.Exit(r.flagOpts, rpt.Failed())

return nil
return operation.Exit(r.flagOpts, rpt.Failed(), types.Metadata{})
}

// Full-cluster scanning with '--format table' without explicit '--report all' is not allowed so that it won't mess up user's terminal.
Expand Down
9 changes: 7 additions & 2 deletions pkg/plugin/plugin.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package plugin

import (
"context"
"errors"
"fmt"
"io"
"os"
Expand All @@ -15,6 +16,7 @@ import (

"github.com/aquasecurity/trivy/pkg/downloader"
"github.com/aquasecurity/trivy/pkg/log"
"github.com/aquasecurity/trivy/pkg/types"
"github.com/aquasecurity/trivy/pkg/utils/fsutils"
)

Expand Down Expand Up @@ -111,8 +113,11 @@ func (p Plugin) Run(ctx context.Context, opts RunOptions) error {
// out if the error was from not being able to execute the plugin or
// an error set by the plugin itself.
if err = cmd.Run(); err != nil {
if _, ok := err.(*exec.ExitError); !ok {
return xerrors.Errorf("exit: %w", err)
var execError *exec.ExitError
if errors.As(err, &execError) {
return &types.ExitError{
Code: execError.ExitCode(),
}
}
return xerrors.Errorf("plugin exec: %w", err)
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/plugin/plugin_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,7 @@ func TestPlugin_Run(t *testing.T) {
GOOS: "linux",
GOARCH: "amd64",
},
wantErr: "plugin exec: exit status 1",
wantErr: "exit status 1",
},
}
for _, tt := range tests {
Expand Down
13 changes: 13 additions & 0 deletions pkg/types/error.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
package types

import (
"fmt"
)

type ExitError struct {
Code int
}

func (e *ExitError) Error() string {
return fmt.Sprintf("exit status %d", e.Code)
}