feat: Improve output for dockerfile instructions

This commit allows for use of the installCommand extracted from a RUN instruction in newer versions of the SDP. [CAP-280]
snyk · Nov 24, 2021 · 94c08ad · 94c08ad
1 parent 9ab4e54
commit 94c08ad
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/src/lib/snyk-test/run-test.ts b/src/lib/snyk-test/run-test.ts
@@ -445,7 +445,7 @@ async function parseRes(
       const dockerfilePackage = dockerfilePackages[vuln.name.split('/')[0]];
       if (dockerfilePackage) {
         (vuln as DockerIssue).dockerfileInstruction =
-          dockerfilePackage.instruction;
+          dockerfilePackage.installCommand;
       }
       (vuln as DockerIssue).dockerBaseImage = res.docker!.baseImage;
       return vuln;

diff --git a/test/acceptance/cli-test/cli-test.docker.spec.ts b/test/acceptance/cli-test/cli-test.docker.spec.ts
@@ -215,6 +215,7 @@ export const DockerTests: AcceptanceTests = {
                     dockerfilePackages: {
                       'openssl@1.5.0': {
                         instruction: 'RUN apk add openssl@1.5.0',
+                        installCommand: 'apk add openssl@1.5.0',
                       },
                     },
                     dockerfileLayers: {
@@ -264,6 +265,7 @@ export const DockerTests: AcceptanceTests = {
                   dockerfilePackages: {
                     'openssl@1.5.0': {
                       instruction: 'RUN apk add openssl@1.5.0',
+                      installCommand: 'apk add openssl@1.5.0',
                     },
                   },
                   dockerfileLayers: {
@@ -649,7 +651,7 @@ export const DockerTests: AcceptanceTests = {
                   data: {
                     dockerfilePackages: {
                       bzip2: {
-                        instruction: 'RUN test instruction',
+                        installCommand: 'test installCommand',
                       },
                     },
                   },
@@ -678,7 +680,7 @@ export const DockerTests: AcceptanceTests = {
         t.fail('should have found vuln');
       } catch (err) {
         const msg = err.message;
-        t.match(msg, "Image layer: 'RUN test instruction'");
+        t.match(msg, "Image layer: 'test installCommand'");
       }
     },
 
@@ -697,7 +699,7 @@ export const DockerTests: AcceptanceTests = {
                   data: {
                     dockerfilePackages: {
                       bzip2: {
-                        instruction: 'RUN test instruction',
+                        installCommand: 'test installCommand',
                       },
                     },
                   },
@@ -726,7 +728,7 @@ export const DockerTests: AcceptanceTests = {
         t.fail('should have found vuln');
       } catch (err) {
         const msg = err.message;
-        t.match(msg, "Image layer: 'RUN test instruction'");
+        t.match(msg, "Image layer: 'test installCommand'");
       }
     },