8000 feat: return exit code 2 for --fail-on errors by devodev · Pull Request #2575 · anchore/grype · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

feat: return exit code 2 for --fail-on errors #2575

New issue 8000

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 2, 2025
Merged

feat: return exit code 2 for --fail-on errors #2575

merged 3 commits into from
Apr 2, 2025

Conversation

devodev
Copy link
Contributor
@devodev devodev commented Apr 1, 2025
edited
Loading

Return exit code 2 from the CLI when --fail-on <severity> flag is used to differentiate from grype-specific errors.

Use new MapExitCode feature of clio added in: anchore/clio#110.

Test

$ ./grype anchore/grype:v0.90.0 --fail-on medium || echo "exit code: $?"
 ✔ Parsed image                                                                                             sha256:9dc5e63559f1691f220dbc68ee6ea7068171b3a4590edd59f9f4ff4e9e5bfd98 
 ✔ Cataloged contents                                                                                              486b8eaf3044a4a53b27c3b2377e9dafb4b2e5e3e825475a021d31d14d6e4f4c 
   ├── ✔ Packages                        [249 packages]  
   ├── ✔ Executables                     [1 executables]  
   ├── ✔ File digests                    [1 files]  
   └── ✔ File metadata                   [1 locations]  
 ✘ Scan for vulnerabilities        [1 vulnerability matches]  
   ├── by severity: 0 critical, 0 high, 1 medium, 0 low, 0 negligible
   └── by status:   1 fixed, 0 not-fixed, 0 ignored 
NAME                              INSTALLED  FIXED-IN  TYPE       VULNERABILITY        SEVERITY 
github.com/containerd/containerd  v1.7.26    1.7.27    go-module  GHSA-265r-hfxg-fhmg  Medium
[0001] ERROR discovered vulnerabilities at or above the severity threshold
exit code: 2

Fixes: #1922

@devodev devodev mentioned this pull request Apr 1, 2025
Closed
devodev added 2 commits April 1, 2025 11:36
@devodev
fix: bump anchore/clio to latest
65bf795 
Grab change: feat: allow mapping cmd error to exit code.

Signed-off-by: Alexandre Barone <abalexandrebarone@gmail.com>
@devodev
feat: return exit code 2 for --fail-on errors
ae566c0 
Return exit code 2 from the CLI when --fail-on <severity> flag is used
to differentiate from grype-specific errors.

Signed-off-by: Alexandre Barone <abalexandrebarone@gmail.com>
@devodev devodev force-pushed the pr/devodev/map-exit-code-failed-scan branch from 7a231a8 to ae566c0 Compare April 1, 2025 15:39
@devodev devodev marked this pull request as ready for review April 1, 2025 15:39
kzantow
kzantow reviewed Apr 1, 2025
View reviewed changes
@devodev
fix: use error to propagate db upgrade available
d404ae7 
Use the newly introduced mapping of errors to exit code in the
cli to catch a new ErrDBUpgradeAvailable error and exit with 100.

This also avoids calling os.Exit outside the main func which bypasses
all defer on the callpaths.

Signed-off-by: Alexandre Barone <abalexandrebarone@gmail.com>
@kzantow kzantow mentioned this pull request Apr 2, 2025
Open
kzantow
kzantow approved these changes Apr 2, 2025
View reviewed changes
Copy link
Contributor
@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@kzantow kzantow merged commit 4b35276 into anchore:main Apr 2, 2025
12 checks passed
@devodev
Copy link
Contributor Author
devodev commented Apr 2, 2025

Thanks @kzantow !
Another ping just to make sure this is brought up, the issue was prematurely closed and the release notes of 0.91.0 mention this feature where I think it will only be available in next release (probably 0.92.0).
#1922 (comment)

@devodev devodev mentioned this pull request Apr 2, 2025
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kzantow kzantow kzantow approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Exit with a different return code for a failed scan
2 participants
@devodev @kzantow
0