Skip to content

Commit 545e750

Browse files
daanschipperdaanschipper
committed
chore: sync stdout before container is stopped
The container is otherwise stopped before the result of the scan is outputted to stdout, resulting in errored scan jobs.
1 parent 7647456 commit 545e750

File tree

3 files changed

+25
-24
lines changed

3 files changed

+25
-24
lines changed

pkg/plugins/trivy/image.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -690,7 +690,8 @@ func buildTrailingCommandArgs(resultFileName string, compressLogs bool) string {
690690
} else {
691691
cmd = fmt.Sprintf("cat /tmp/scan/%s", resultFileName)
692692
}
693-
return fmt.Sprintf("; rc=$?; if [ $rc -eq 1 ]; then cat /tmp/scan/%s.log; else %s; fi; exit $rc", resultFileName, cmd)
693+
// Sync is required to flush the result to stdout before the scan job container exits, otherwise the output will be cut off halfway.
694+
return fmt.Sprintf("; rc=$?; if [ $rc -eq 1 ]; then cat /tmp/scan/%s.log && sync; else %s && sync; fi; exit $rc", resultFileName, cmd)
694695
}
695696

696697
func GetSbomScanCommandAndArgs(ctx trivyoperator.PluginContext, mode Mode, sbomFile, trivyServerURL, resultFileName string) ([]string, []string) {

pkg/plugins/trivy/image_test.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -79,7 +79,7 @@ func TestGetSbomScanCommandAndArgs(t *testing.T) {
7979
serverUrl: "",
8080
resultFileName: "result_output.json",
8181
compressedLogs: "true",
82-
wantArgs: []string{"-c", "trivy --cache-dir /tmp/trivy/.cache sbom --format json /tmp/scan/bom.json --slow --skip-db-update --output /tmp/scan/result_output.json 2>/tmp/scan/result_output.json.log ; rc=$?; if [ $rc -eq 1 ]; then cat /tmp/scan/result_output.json.log; else bzip2 -c /tmp/scan/result_output.json | base64; fi; exit $rc"},
82+
wantArgs: []string{"-c", "trivy --cache-dir /tmp/trivy/.cache sbom --format json /tmp/scan/bom.json --slow --skip-db-update --output /tmp/scan/result_output.json 2>/tmp/scan/result_output.json.log ; rc=$?; if [ $rc -eq 1 ]; then cat /tmp/scan/result_output.json.log && sync; else bzip2 -c /tmp/scan/result_output.json | base64 && sync; fi; exit $rc"},
8383
wantCmd: []string{"/bin/sh"},
8484
},
8585
{
@@ -89,7 +89,7 @@ func TestGetSbomScanCommandAndArgs(t *testing.T) {
8989
serverUrl: "",
9090
resultFileName: "result_output.json",
9191
compressedLogs: "false",
92-
wantArgs: []string{"-c", "trivy --cache-dir /tmp/trivy/.cache sbom --format json /tmp/scan/bom.json --slow --skip-db-update --output /tmp/scan/result_output.json 2>/tmp/scan/result_output.json.log ; rc=$?; if [ $rc -eq 1 ]; then cat /tmp/scan/result_output.json.log; else cat /tmp/scan/result_output.json; fi; exit $rc"},
92+
wantArgs: []string{"-c", "trivy --cache-dir /tmp/trivy/.cache sbom --format json /tmp/scan/bom.json --slow --skip-db-update --output /tmp/scan/result_output.json 2>/tmp/scan/result_output.json.log ; rc=$?; if [ $rc -eq 1 ]; then cat /tmp/scan/result_output.json.log && sync; else cat /tmp/scan/result_output.json && sync; fi; exit $rc"},
9393
wantCmd: []string{"/bin/sh"},
9494
},
9595
{
@@ -99,7 +99,7 @@ func TestGetSbomScanCommandAndArgs(t *testing.T) {
9999
serverUrl: "http://trivy-server:8080",
100100
resultFileName: "result_output.json",
101101
compressedLogs: "true",
102-
wantArgs: []string{"-c", "trivy --cache-dir /tmp/trivy/.cache sbom --format json --server http://trivy-server:8080 /tmp/scan/bom.json --slow --output /tmp/scan/result_output.json 2>/tmp/scan/result_output.json.log ; rc=$?; if [ $rc -eq 1 ]; then cat /tmp/scan/result_output.json.log; else bzip2 -c /tmp/scan/result_output.json | base64; fi; exit $rc"},
102+
wantArgs: []string{"-c", "trivy --cache-dir /tmp/trivy/.cache sbom --format json --server http://trivy-server:8080 /tmp/scan/bom.json --slow --output /tmp/scan/result_output.json 2>/tmp/scan/result_output.json.log ; rc=$?; if [ $rc -eq 1 ]; then cat /tmp/scan/result_output.json.log && sync; else bzip2 -c /tmp/scan/result_output.json | base64 && sync; fi; exit $rc"},
103103
wantCmd: []string{"/bin/sh"},
104104
},
105105
{
@@ -109,7 +109,7 @@ func TestGetSbomScanCommandAndArgs(t *testing.T) {
109109
serverUrl: "http://trivy-server:8080",
110110
resultFileName: "result_output.json",
111111
compressedLogs: "false",
112-
wantArgs: []string{"-c", "trivy --cache-dir /tmp/trivy/.cache sbom --format json --server http://trivy-server:8080 /tmp/scan/bom.json --slow --output /tmp/scan/result_output.json 2>/tmp/scan/result_output.json.log ; rc=$?; if [ $rc -eq 1 ]; then cat /tmp/scan/result_output.json.log; else cat /tmp/scan/result_output.json; fi; exit $rc"},
112+
wantArgs: []string{"-c", "trivy --cache-dir /tmp/trivy/.cache sbom --format json --server http://trivy-server:8080 /tmp/scan/bom.json --slow --output /tmp/scan/result_output.json 2>/tmp/scan/result_output.json.log ; rc=$?; if [ $rc -eq 1 ]; then cat /tmp/scan/result_output.json.log && sync; else cat /tmp/scan/result_output.json && sync; fi; exit $rc"},
113113
wantCmd: []string{"/bin/sh"},
114114
},
115115
}

0 commit comments

Comments
 (0)