bugfix: github fetch first (#78)

In github we need fetch first the remote branch Also added cleanup for base and head names in results Co-authored-by: oranmoshai <oran.moshai@aquasec.com>
aquasecurity · Apr 24, 2022 · df0f916 · df0f916
1 parent 90a0e25
commit df0f916
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 2 deletions.
diff --git a/pkg/processor/result_processor.go b/pkg/processor/result_processor.go
@@ -64,6 +64,17 @@ func PrDiffResults(r report.Results) (reports report.Results, err error) {
 		}
 	}
 
+	// Cleanup tmp file names
+	for k, v := range reports {
+		if strings.Contains(v.Target, "head/") {
+			v.Target = strings.Replace(v.Target, "head/", "", 1)
+			reports[k] = v
+		}
+		if strings.Contains(v.Target, "base/") {
+			v.Target = strings.Replace(v.Target, "base/", "", 1)
+			reports[k] = v
+		}
+	}
 	return reports, nil
 }
 

diff --git a/pkg/processor/result_processor_test.go b/pkg/processor/result_processor_test.go
@@ -130,7 +130,7 @@ func TestPrDiffResults(t *testing.T) {
 			name: "happy path - new file",
 			args: args{r: report.Results{
 				report.Result{Target: "head/cf/pr-bucket.yaml"}, report.Result{Target: "base/cf/bucket.yaml"}}},
-			wantReports: report.Results{report.Result{Target: "head/cf/pr-bucket.yaml"}},
+			wantReports: report.Results{report.Result{Target: "cf/pr-bucket.yaml"}},
 		},
 
 		{
@@ -143,7 +143,7 @@ func TestPrDiffResults(t *testing.T) {
 					types.DetectedMisconfiguration{ID: "AVD-001"}}}},
 			},
 			wantReports: report.Results{report.Result{
-				Target: "head/cf/bucket.yaml", Misconfigurations: []types.DetectedMisconfiguration{
+				Target: "cf/bucket.yaml", Misconfigurations: []types.DetectedMisconfiguration{
 					types.DetectedMisconfiguration{ID: "AVD-001"}}, Vulnerabilities: []types.DetectedVulnerability{}}},
 		},
 	}

diff --git a/pkg/scanner/diff.go b/pkg/scanner/diff.go
@@ -53,11 +53,20 @@ func createDiffScanFs() error {
 		return errors.Wrap(err, "failed create aqua tmp dir")
 	}
 
+	// In GitHub we need fetch the remote branch first
+	if os.Getenv("GITHUB_BASE_REF") != "" {
+		_, err = gitExec("fetch", "origin", fmt.Sprintf("refs/heads/%s", os.Getenv("GITHUB_BASE_REF")))
+		if err != nil {
+			return errors.Wrap(err, "failed git fetch ref")
+		}
+	}
+
 	diffCmd := metadata.GetBaseRef()
 	out, err := gitExec("diff", "--name-status", diffCmd)
 	if err != nil {
 		return errors.Wrap(err, "failed git diff")
 	}
+
 	if out != "" {
 		diffFiles := strings.Split(out, "\n")
 		for _, v := range diffFiles {