Merge pull request #24446 from PushkarJ/cleanup-scan-script

Removes printing of snyk scan results
kubernetes · Nov 24, 2021 · 0ef1e22 · 0ef1e22
2 parents e8b0948 + 31a3c63
commit 0ef1e22
Showing 1 changed file with 2 additions and 4 deletions.
diff --git a/config/jobs/kubernetes/sig-k8s-infra/trusted/sig-security-trusted.yaml b/config/jobs/kubernetes/sig-k8s-infra/trusted/sig-security-trusted.yaml
@@ -38,14 +38,13 @@ periodics:
         EXIT_CODE=0
         RESULT_UNFILTERED=$(snyk test -d --json) || EXIT_CODE=$?
         if [ $EXIT_CODE -gt 1 ]; then
-          echo "Failed to run snyk scan with exit code $EXIT_CODE . Error message: $RESULT_UNFILTERED"
+          echo "Failed to run snyk scan with exit code $EXIT_CODE "
           exit 1
         fi
         RESULT=$(echo $RESULT_UNFILTERED | jq \
         '{vulnerabilities: .vulnerabilities | map(select((.type != "license") and (.version !=  "0.0.0"))) | select(length > 0) }')
         if [[ ${RESULT} ]]; then
           echo "Vulnerability filtering failed"
-          echo "Snyk tool output:\n $RESULT_UNFILTERED"
           exit 1
         else
           echo "Scan completed"
@@ -66,8 +65,7 @@ periodics:
           '{vulnerabilities: .vulnerabilities | map(select(.isUpgradable == true or .isPatchable == true)) | select(length > 0) }')
           if [[ ${RESULT} ]]; then
             echo "Vulnerability filtering failed"
-            echo "Snyk tool output:\n $RESULT_UNFILTERED"
-            #exit 1
+            # exit 1 (To allow other images to be scanned even if one fails)
           else
             echo "Scan completed image $image"
           fi