diff --git a/pkg/reconciler/buildrun/resources/results.go b/pkg/reconciler/buildrun/resources/results.go index 3b005b0e23..f89ab5e340 100644 --- a/pkg/reconciler/buildrun/resources/results.go +++ b/pkg/reconciler/buildrun/resources/results.go @@ -82,8 +82,12 @@ func getTaskSpecResults() []pipelineapi.TaskResult { } func getImageVulnerabilitiesResult(result pipelineapi.TaskRunResult) []build.Vulnerability { - vulnerabilities := strings.Split(result.Value.StringVal, ",") var vulns []build.Vulnerability + if len(result.Value.StringVal) == 0 { + return vulns + } + + vulnerabilities := strings.Split(result.Value.StringVal, ",") for _, vulnerability := range vulnerabilities { vuln := strings.Split(vulnerability, ":") severity := getSeverity(vuln[1]) @@ -96,7 +100,7 @@ func getImageVulnerabilitiesResult(result pipelineapi.TaskRunResult) []build.Vul } func getSeverity(sev string) build.VulnerabilitySeverity { - switch sev { + switch strings.ToUpper(sev) { case "L": return build.Low case "M": diff --git a/pkg/reconciler/buildrun/resources/results_test.go b/pkg/reconciler/buildrun/resources/results_test.go index 57105a45b9..7d96f8b9f8 100644 --- a/pkg/reconciler/buildrun/resources/results_test.go +++ b/pkg/reconciler/buildrun/resources/results_test.go @@ -106,9 +106,8 @@ var _ = Describe("TaskRun results to BuildRun", func() { Expect(br.Status.Source.OciArtifact.Digest).To(Equal(bundleImageDigest)) }) - It("should surface the TaskRun results emitting from output step", func() { + It("should surface the TaskRun results emitting from output step with image vulnerabilities", func() { imageDigest := "sha256:fe1b73cd25ac3f11dec752755e2" - vulns := `CVE-2019-12900:C,CVE-2019-8457:H` tr.Status.Results = append(tr.Status.Results, pipelineapi.TaskRunResult{ Name: "shp-image-digest", @@ -128,7 +127,7 @@ var _ = Describe("TaskRun results to BuildRun", func() { Name: "shp-image-vulnerabilities", Value: pipelineapi.ParamValue{ Type: pipelineapi.ParamTypeString, - StringVal: vulns, + StringVal: "CVE-2019-12900:c,CVE-2019-8457:h", }, }) @@ -141,6 +140,38 @@ var _ = Describe("TaskRun results to BuildRun", func() { Expect(br.Status.Output.Vulnerabilities[0].Severity).To(Equal(build.Critical)) }) + It("should surface the TaskRun results emitting from output step without image vulnerabilities", func() { + imageDigest := "sha256:fe1b73cd25ac3f11dec752755e2" + tr.Status.Results = append(tr.Status.Results, + pipelineapi.TaskRunResult{ + Name: "shp-image-digest", + Value: pipelineapi.ParamValue{ + Type: pipelineapi.ParamTypeString, + StringVal: imageDigest, + }, + }, + pipelineapi.TaskRunResult{ + Name: "shp-image-size", + Value: pipelineapi.ParamValue{ + Type: pipelineapi.ParamTypeString, + StringVal: "230", + }, + }, + pipelineapi.TaskRunResult{ + Name: "shp-image-vulnerabilities", + Value: pipelineapi.ParamValue{ + Type: pipelineapi.ParamTypeString, + StringVal: "", + }, + }) + + resources.UpdateBuildRunUsingTaskResults(ctx, br, tr.Status.Results, taskRunRequest) + + Expect(br.Status.Output.Digest).To(Equal(imageDigest)) + Expect(br.Status.Output.Size).To(Equal(int64(230))) + Expect(br.Status.Output.Vulnerabilities).To(HaveLen(0)) + }) + It("should surface the TaskRun results emitting from source and output step", func() { commitSha := "0e0583421a5e4bf562ffe33f3651e16ba0c78591" imageDigest := "sha256:fe1b73cd25ac3f11dec752755e2"