scan: return 0 exit code if unsupported os found

Signed-off-by: Simarpreet Singh <[email protected]>
aquasecurity · Apr 21, 2020 · 676d244 · 676d244
1 parent 17b84f6
commit 676d244
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 2 deletions.
diff --git a/pkg/scanner/scan.go b/pkg/scanner/scan.go
@@ -2,6 +2,7 @@ package scanner
 
 import (
 	"context"
+	"strings"
 
 	"github.com/google/wire"
 	"golang.org/x/xerrors"
@@ -92,8 +93,15 @@ func (s Scanner) ScanImage(options types.ScanOptions) (report.Results, error) {
 
 	results, osFound, eosl, err := s.driver.Scan(imageInfo.Name, imageInfo.ID, imageInfo.LayerIDs, options)
 	if err != nil {
-		return nil, xerrors.Errorf("scan failed: %w", err)
+		switch {
+		case strings.Contains(err.Error(), "unknown OS"):
+			log.Logger.Warn("Unsupported OS")
+			return nil, nil
+		default:
+			return nil, xerrors.Errorf("scan failed: %w", err)
+		}
 	}
+
 	if eosl {
 		log.Logger.Warnf("This OS version is no longer supported by the distribution: %s %s", osFound.Family, osFound.Name)
 		log.Logger.Warnf("The vulnerability detection may be insufficient because security updates are not provided")

diff --git a/pkg/scanner/scan_test.go b/pkg/scanner/scan_test.go
@@ -33,7 +33,7 @@ func TestScanner_ScanImage(t *testing.T) {
 		wantErr            string
 	}{
 		{
-			name: "happy path",
+			name: "happy path: with known OS",
 			args: args{
 				options: types.ScanOptions{VulnType: []string{"os"}},
 			},
@@ -123,6 +123,32 @@ func TestScanner_ScanImage(t *testing.T) {
 				},
 			},
 		},
+		{
+			name: "happy path: Unknown OS and Scan returns an error",
+			args: args{
+				options: types.ScanOptions{VulnType: []string{"os"}},
+			},
+			analyzeExpectation: AnalyzerAnalyzeExpectation{
+				Args: AnalyzerAnalyzeArgs{
+					CtxAnything: true,
+				},
+				Returns: AnalyzerAnalyzeReturns{
+					Info: ftypes.ImageReference{
+						Name: "bogusos:123",
+					},
+				},
+			},
+			scanExpectation: ScanExpectation{
+				Args: ScanArgs{
+					Target:  "bogusos:123",
+					Options: types.ScanOptions{VulnType: []string{"os"}},
+				},
+				Returns: ScanReturns{
+					OsFound: nil,
+					Err:     errors.New("failed to apply layers: unknown OS"),
+				},
+			},
+		},
 		{
 			name: "sad path: AnalyzerAnalyze returns an error",
 			args: args{
@@ -163,6 +189,10 @@ func TestScanner_ScanImage(t *testing.T) {
 					Options:  types.ScanOptions{VulnType: []string{"os"}},
 				},
 				Returns: ScanReturns{
+					OsFound: &ftypes.OS{
+						Family: "alpine",
+						Name:   "3.11",
+					},
 					Err: errors.New("error"),
 				},
 			},