Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trivy JUnit template (@contrib/junit.tpl) does not consider pass results? #5766

Closed
2 tasks
DmitriyLewen opened this issue Dec 8, 2023 Discussed in #5737 · 2 comments · Fixed by #5767
Closed
2 tasks

Trivy JUnit template (@contrib/junit.tpl) does not consider pass results? #5766

DmitriyLewen opened this issue Dec 8, 2023 Discussed in #5737 · 2 comments · Fixed by #5767
Assignees
@DmitriyLewen
Labels
kind/bug Categorizes issue or PR as related to a bug.
Milestone
v0.48.1

Comments

@DmitriyLewen
Copy link
Contributor

Discussed in #5737

Originally posted by jamesatribal December 6, 2023

Description

Hello,

I am running trivy misconfiguration scanning with the --include-non-failures flag and using the @contrib/junit.tpl template to output it into a JUnit format file to be uploaded to Azure DevOps test results. The reason I've used the --include-non-failures flag is to show (in my Test results) the total number of tests that were run against my IAC, and also the number of pass/fail tests (to give the whole picture - instead of just showing the number of errors).

E.g. this is how I'm running my trivy command
trivy config --include-non-failures --format template --template "@contrib/junit.tpl" --output "/tmp/trivyReport.xml" /myiacdir

Sample summary output:
s3_bucket.tf (terraform) ======================== Tests: 285 (SUCCESSES: 225, FAILURES: 60, EXCEPTIONS: 0) Failures: 60 (UNKNOWN: 0, LOW: 15, MEDIUM: 15, HIGH: 30, CRITICAL: 0)

Using trivy version: Version: 0.47.0

Desired Behavior

From the sample summary output, I am expecting to see 285 tests, with 225 successes and 60 failures being reported

Actual Behavior

When the /tmp/trivyReport.xml report is uploaded to Azure DevOps Test results, it is correctly reporting 285 tests have been done. However, instead of reporting 225 successes and 60 failures, it is detecting it as 285 failures (i.e. all tests are considered as failures in the JUnit output)

Reproduction Steps

1. Run trivy config with the --include-non-failure flag, and use the --template @contrib/junit.tpl combined with --output flag to generate a report in JUnit format
2. Compare the pass/fail results in the summary output against the pass/fail counts in the report in JUnit format

Target

None

Scanner

Misconfiguration

Output Format

None

Mode

Standalone

Debug Output

N/A

Operating System

ubuntu 22.04 (ubuntu-latest from Azure DevOps Microsoft hosted agent)

Version

Version: 0.47.0

Checklist
@DmitriyLewen DmitriyLewen added the kind/bug Categorizes issue or PR as related to a bug. label Dec 8, 2023
@DmitriyLewen DmitriyLewen mentioned this issue Dec 8, 2023
Merged
6 tasks
@DmitriyLewen
Copy link
Contributor Author

DmitriyLewen commented Dec 8, 2023
edited
Loading

Hello @jamesatribal
I created the update for junit.tpl - #5767.
Can you take a look?

Thank you in advance!

@DmitriyLewen DmitriyLewen self-assigned this Dec 8, 2023
@jamesatribal
Copy link

Hi @DmitriyLewen ,

Thanks for looking into this and coming up with a solution so promptly.

Looks good to me, thanks!

Cheers,
James

@knqyf263 knqyf263 added this to the v0.48.1 milestone Dec 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DmitriyLewen DmitriyLewen

Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
v0.48.1
Development

Successfully merging a pull request may close this issue.

fix(report): don't mark misconfig passed tests as failed in junit.tpl aquasecurity/trivy
3 participants
@knqyf263 @jamesatribal @DmitriyLewen