fix: fail k8s resource scanning (#5529)

Signed-off-by: chenk <hen.keinan@gmail.com>
aquasecurity · Nov 8, 2023 · 05df244 · 05df244
1 parent a1b4744
commit 05df244
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 1 deletion.
diff --git a/integration/k8s_test.go b/integration/k8s_test.go
@@ -109,4 +109,49 @@ func TestK8s(t *testing.T) {
 		}))
 
 	})
+
+	t.Run("specific resource scan", func(t *testing.T) {
+		// Set up the output file
+		outputFile := filepath.Join(t.TempDir(), "output.json")
+
+		osArgs := []string{
+			"k8s",
+			"-n",
+			"default",
+			"deployments/nginx-deployment",
+			"-q",
+			"--timeout",
+			"5m0s",
+			"--format",
+			"json",
+			"--components",
+			"workload",
+			"--context",
+			"kind-kind-test",
+			"--output",
+			outputFile,
+		}
+
+		// Run Trivy
+		err := execute(osArgs)
+		require.NoError(t, err)
+
+		var got report.Report
+		f, err := os.Open(outputFile)
+		require.NoError(t, err)
+		defer f.Close()
+
+		err = json.NewDecoder(f).Decode(&got)
+		require.NoError(t, err)
+
+		// Flatten findings
+		results := lo.FlatMap(got.Resources, func(resource report.Resource, _ int) []types.Result {
+			return resource.Results
+		})
+
+		// Has vulnerabilities
+		assert.True(t, lo.SomeBy(results, func(r types.Result) bool {
+			return len(r.Vulnerabilities) > 0
+		}))
+	})
 }
diff --git a/pkg/k8s/scanner/scanner.go b/pkg/k8s/scanner/scanner.go
@@ -226,7 +226,7 @@ func (s *Scanner) scanK8sVulns(ctx context.Context, artifactsData []*artifacts.A
 	var resources []report.Resource
 	var nodeName string
 	if nodeName = findNodeName(artifactsData); nodeName == "" {
-		return nil, fmt.Errorf("failed to find node name")
+		return resources, nil
 	}
 
 	k8sScanner := k8s.NewKubenetesScanner()