diff --git a/pkg/flag/report_flags.go b/pkg/flag/report_flags.go index 67d553b65553..d69443e89547 100644 --- a/pkg/flag/report_flags.go +++ b/pkg/flag/report_flags.go @@ -6,6 +6,7 @@ import ( "github.com/mattn/go-shellwords" "github.com/samber/lo" + "github.com/spf13/viper" "golang.org/x/xerrors" dbTypes "github.com/aquasecurity/trivy-db/pkg/types" @@ -14,6 +15,7 @@ import ( "github.com/aquasecurity/trivy/pkg/log" "github.com/aquasecurity/trivy/pkg/result" "github.com/aquasecurity/trivy/pkg/types" + "github.com/aquasecurity/trivy/pkg/utils/fsutils" xstrings "github.com/aquasecurity/trivy/pkg/x/strings" ) @@ -238,6 +240,10 @@ func (f *ReportFlagGroup) ToOptions() (ReportOptions, error) { } } + if viper.IsSet(f.IgnoreFile.ConfigName) && !fsutils.FileExists(f.IgnoreFile.Value()) { + return ReportOptions{}, xerrors.Errorf("ignore file not found: %s", f.IgnoreFile.Value()) + } + return ReportOptions{ Format: format, ReportFormat: f.ReportFormat.Value(), diff --git a/pkg/flag/report_flags_test.go b/pkg/flag/report_flags_test.go index 9440bf373905..b113d7c62f97 100644 --- a/pkg/flag/report_flags_test.go +++ b/pkg/flag/report_flags_test.go @@ -209,4 +209,16 @@ func TestReportFlagGroup_ToOptions(t *testing.T) { assert.Equal(t, tt.wantLogs, out.Messages(), tt.name) }) } + + t.Run("Error on non existing ignore file", func(t *testing.T) { + t.Cleanup(viper.Reset) + + setValue(flag.IgnoreFileFlag.ConfigName, string("doesntexist")) + f := &flag.ReportFlagGroup{ + IgnoreFile: flag.IgnoreFileFlag.Clone(), + } + + _, err := f.ToOptions() + assert.ErrorContains(t, err, "ignore file not found: doesntexist") + }) } diff --git a/pkg/result/filter_test.go b/pkg/result/filter_test.go index 2e20234fa7ba..0298cd0d9582 100644 --- a/pkg/result/filter_test.go +++ b/pkg/result/filter_test.go @@ -1016,30 +1016,15 @@ func TestFilter(t *testing.T) { }) } - ignoreFile := tt.args.ignoreFile - if ignoreFile == "" { - ignoreFile = result.DefaultIgnoreFile - } err := result.Filter(ctx, tt.args.report, result.FilterOptions{ Severities: tt.args.severities, VEXSources: vexSources, IgnoreStatuses: tt.args.ignoreStatuses, - IgnoreFile: ignoreFile, + IgnoreFile: tt.args.ignoreFile, PolicyFile: tt.args.policyFile, }) require.NoError(t, err) assert.Equal(t, tt.want, tt.args.report) }) } - - t.Run("Error on existent ignore file", func(t *testing.T) { - fakeTime := time.Date(2020, 8, 10, 7, 28, 17, 958601, time.UTC) - ctx := clock.With(context.Background(), fakeTime) - test := tests[0] - - err := result.Filter(ctx, test.args.report, result.FilterOptions{ - IgnoreFile: "invalid", - }) - assert.ErrorContains(t, err, "invalid error: invalid does not exist") - }) } diff --git a/pkg/result/ignore.go b/pkg/result/ignore.go index 771c1ffc3f8e..dbd1cab83db9 100644 --- a/pkg/result/ignore.go +++ b/pkg/result/ignore.go @@ -184,9 +184,6 @@ func (c *IgnoreConfig) MatchLicense(licenseID, filePath string) *IgnoreFinding { func ParseIgnoreFile(ctx context.Context, ignoreFile string) (IgnoreConfig, error) { var conf IgnoreConfig if _, err := os.Stat(ignoreFile); errors.Is(err, fs.ErrNotExist) { - if ignoreFile != DefaultIgnoreFile { - return IgnoreConfig{}, xerrors.Errorf("%s does not exist", ignoreFile) - } // .trivyignore doesn't necessarily exist return IgnoreConfig{}, nil } else if filepath.Ext(ignoreFile) == ".yml" || filepath.Ext(ignoreFile) == ".yaml" {