Skip to content

Commit

Permalink
redirect stdo to stderr for docker scans
Browse files Browse the repository at this point in the history
  • Loading branch information
@michaeljguarino
michaeljguarino committed Nov 11, 2022
1 parent cfffc8d commit 77acda4
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion apps/core/lib/core/services/scan.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ defmodule Core.Services.Scan do

image = "#{registry_name}:#{image.tag}"
Logger.info "Scanning image #{image}"
case System.cmd("trivy", ["--quiet", "image", "--format", "json", image, "--timeout", "5m0s"], env: env) do
case System.cmd("trivy", ["--quiet", "image", "--format", "json", image, "--timeout", "5m0s"], env: env, stderr_to_stdout: true) do
{output, 0} ->
case Jason.decode(output) do
{:ok, [%{"Vulnerabilities" => vulns} | _]} -> insert_vulns(vulns, img)
Expand Down
4 changes: 2 additions & 2 deletions apps/core/test/services/scan_test.exs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ defmodule Core.Services.ScanTest do
image_name = "dkr.plural.sh/#{image.docker_repository.repository.name}/#{image.docker_repository.name}:#{image.tag}"
vuln = Application.get_env(:core, :vulnerability)
expect(System, :cmd, fn
"trivy", ["--quiet", "image", "--format", "json", ^image_name, "--timeout", "5m0s"], [env: [{"TRIVY_REGISTRY_TOKEN", _}]] ->
"trivy", ["--quiet", "image", "--format", "json", ^image_name, "--timeout", "5m0s"], [env: [{"TRIVY_REGISTRY_TOKEN", _}], stderr_to_stdout: true] ->
{~s([{"Vulnerabilities": [#{vuln}]}]), 0}
end)

Expand All @@ -27,7 +27,7 @@ defmodule Core.Services.ScanTest do
test "it will mark on timeouts" do
image = insert(:docker_image)
expect(System, :cmd, fn
"trivy", ["--quiet", "image", "--format", "json", _, "--timeout", "5m0s"], [env: [{"TRIVY_REGISTRY_TOKEN", _}]] ->
"trivy", ["--quiet", "image", "--format", "json", _, "--timeout", "5m0s"], [{:env, [{"TRIVY_REGISTRY_TOKEN", _}]} | _] ->
{~s(image scan error: scan error: image scan failed: failed analysis: analyze error: timeout: context deadline exceeded), 1}
end)

Expand Down

0 comments on commit 77acda4

Please sign in to comment.