fix: run with no vulnerabilities and --json flag is successful

This commit fixes a bug where if running the snyk iac test --experimental --json on a file with no vulnerabilities we report a failure [CC-805]
snyk · Apr 26, 2021 · 242c03a · 242c03a
1 parent 5b03f34
commit 242c03a
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 42 deletions.
diff --git a/src/cli/commands/test/index.ts b/src/cli/commands/test/index.ts
@@ -171,8 +171,17 @@ async function test(...args: MethodArgs): Promise<TestCommandResult> {
   } = extractDataToSendFromResults(results, jsonData, options);
 
   if (options.json || options.sarif) {
-    // if all results are ok (.ok == true) then return the json
-    if (errorMappedResults.every((res) => res.ok)) {
+    // the new experimental IaC flow does not have the ok field because it returns vulnerabilities and errors separately
+    // the legacy IaC flow may return errors that get mapped into errorMappedResults, but that flow will be removed soon
+    const successfulIacScanning =
+      options.iac &&
+      !foundVulnerabilities &&
+      (!iacScanFailures || iacScanFailures.length === 0);
+
+    // if running iac and it was successful, or
+    // if all results are ok (.ok == true)
+    // then return the json
+    if (successfulIacScanning || errorMappedResults.every((res) => res.ok)) {
       return TestCommandResult.createJsonTestCommandResult(
         stringifiedData,
         stringifiedJsonData,

diff --git a/test/acceptance/cli-test/iac/cli-test.iac-dir.spec.ts b/test/acceptance/cli-test/iac/cli-test.iac-dir.spec.ts
@@ -86,17 +86,11 @@ export const IacDirTests: AcceptanceTests = {
 
     '`iac test directory --json - no issues`': (params, utils) => async (t) => {
       utils.chdirWorkspaces();
-      let testableObject;
-      try {
-        await params.cli.test('iac-kubernetes/', {
-          iac: true,
-          json: true,
-        });
-        t.fail('should have thrown');
-      } catch (error) {
-        testableObject = error;
-      }
-      const res: any = JSON.parse(testableObject.message);
+      const testableObject = await params.cli.test('iac-kubernetes/', {
+        iac: true,
+        json: true,
+      });
+      const res: any = JSON.parse(testableObject);
       iacTestJsonAssertions(
         t,
         res,
@@ -145,17 +139,11 @@ export const IacDirTests: AcceptanceTests = {
       t,
     ) => {
       utils.chdirWorkspaces();
-      let testableObject;
-      try {
-        await params.cli.test('iac-kubernetes/', {
-          iac: true,
-          sarif: true,
-        });
-        t.fail('should have thrown');
-      } catch (error) {
-        testableObject = error;
-      }
-      const res: any = JSON.parse(testableObject.message);
+      const testableObject = await params.cli.test('iac-kubernetes/', {
+        iac: true,
+        sarif: true,
+      });
+      const res: any = JSON.parse(testableObject);
       iacTestSarifAssertions(t, res, null, false);
     },
     '`iac test directory --severity-threshold=low --sarif`': (

diff --git a/test/acceptance/cli-test/iac/cli-test.iac-k8s.spec.ts b/test/acceptance/cli-test/iac/cli-test.iac-k8s.spec.ts
@@ -147,17 +147,14 @@ export const IacK8sTests: AcceptanceTests = {
       t,
     ) => {
       utils.chdirWorkspaces();
-      let testableObject;
-      try {
-        await params.cli.test('iac-kubernetes/multi-file.yaml', {
+      const testableObject = await params.cli.test(
+        'iac-kubernetes/multi-file.yaml',
+        {
           iac: true,
           json: true,
-        });
-        t.fail('should have thrown');
-      } catch (error) {
-        testableObject = error;
-      }
-      const res: any = JSON.parse(testableObject.message);
+        },
+      );
+      const res: any = JSON.parse(testableObject);
       iacTestJsonAssertions(
         t,
         res,
@@ -206,17 +203,14 @@ export const IacK8sTests: AcceptanceTests = {
       t,
     ) => {
       utils.chdirWorkspaces();
-      let testableObject;
-      try {
-        await params.cli.test('iac-kubernetes/multi-file.yaml', {
+      const testableObject = await params.cli.test(
+        'iac-kubernetes/multi-file.yaml',
+        {
           iac: true,
           sarif: true,
-        });
-        t.fail('should have thrown');
-      } catch (error) {
-        testableObject = error;
-      }
-      const res: any = JSON.parse(testableObject.message);
+        },
+      );
+      const res: any = JSON.parse(testableObject);
       iacTestSarifAssertions(t, res, null, false);
     },
     '`iac test multi-file.yaml --severity-threshold=low --sarif`': (