Merge pull request #3606 from snyk/fix/none-custom-policies-filtering

fix: none custom policies severity issues should be filtered out before sending them to registry
snyk · Aug 22, 2022 · c3095cf · c3095cf
2 parents 0a5a129 + 4acacd2
commit c3095cf
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 1 deletion.
diff --git a/src/cli/commands/test/iac/local-execution/process-results/share-results-formatter.ts b/src/cli/commands/test/iac/local-execution/process-results/share-results-formatter.ts
@@ -22,7 +22,9 @@ export function formatShareResults(
       filePath: result.filePath,
       fileType: result.fileType,
       projectType: result.projectType,
-      violatedPolicies: result.violatedPolicies,
+      violatedPolicies: result.violatedPolicies.filter(
+        (violatedPolicy) => violatedPolicy.severity !== 'none',
+      ),
     };
   });
 }

diff --git a/test/acceptance/fake-server.ts b/test/acceptance/fake-server.ts
@@ -410,6 +410,15 @@ export const fakeServer = (basePath: string, snykToken: string): FakeServer => {
       });
     }
 
+    if (req.query.org === 'custom-policies') {
+      return res.status(200).send({
+        ...baseResponse,
+        customPolicies: {
+          'SNYK-CC-AZURE-543': { severity: 'none' },
+        },
+      });
+    }
+
     res.status(200).send(baseResponse);
   });
 

diff --git a/test/jest/acceptance/iac/cli-share-results.spec.ts b/test/jest/acceptance/iac/cli-share-results.spec.ts
@@ -181,6 +181,42 @@ describe('CLI Share Results', () => {
       expect(exitCode).toEqual(2);
     });
 
+    it('should filter out NONE custom policies severity issues and then forward', async () => {
+      const { exitCode } = await run(
+        'snyk iac test ./iac/arm/rule_test.json --report --org=custom-policies',
+      );
+
+      const requests = server
+        .getRequests()
+        .filter((request) => request.url?.includes('/iac-cli-share-results'));
+
+      expect(requests.length).toEqual(1);
+      const [request] = requests;
+      expect(request.body).toEqual(
+        expect.objectContaining({
+          contributors: expect.any(Array),
+          scanResults: [
+            {
+              identity: {
+                type: 'armconfig',
+                targetFile: 'iac/arm/rule_test.json',
+              },
+              facts: [],
+              findings: expect.any(Array),
+              policy: '',
+              name: 'fixtures',
+              target: {
+                name: 'fixtures',
+              },
+            },
+          ],
+        }),
+      );
+      // The other SNYK-CC-AZURE-543 issue has been filtered out
+      expect(request.body.scanResults[0].findings.length).toEqual(1);
+      expect(exitCode).toEqual(1);
+    });
+
     describe('with target reference', () => {
       it('forwards the target reference to iac-cli-share-results endpoint', async () => {
         const testTargetRef = 'test-target-ref';