From 946f98ef49e5871fb953d28ab627d65d64f1cfa7 Mon Sep 17 00:00:00 2001
From: John Kjell <john@testifysec.com>
Date: Tue, 11 Jun 2024 11:08:16 -0500
Subject: [PATCH] Step analyze fix (#257)

* If any matching evidence is found, step should pass
* Remove passed step results if artifacts don't match

---------

Signed-off-by: John Kjell <john@testifysec.com>
---
 policy/policy.go | 1 +
 policy/step.go   | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/policy/policy.go b/policy/policy.go
index b6bb9576..81a4f34b 100644
--- a/policy/policy.go
+++ b/policy/policy.go
@@ -331,6 +331,7 @@ func (p Policy) verifyArtifacts(resultsByStep map[string]StepResult) (map[string
 				}
 
 				result.Rejected = append(result.Rejected, reject)
+				result.Passed = []source.CollectionVerificationResult{}
 				resultsByStep[step.Name] = result
 			}
 		}
diff --git a/policy/step.go b/policy/step.go
index 7f121e6f..5cd5630d 100644
--- a/policy/step.go
+++ b/policy/step.go
@@ -65,7 +65,7 @@ type StepResult struct {
 // in order to save the failure reasons so we can present them all at the end of the verification process.
 func (r StepResult) Analyze() bool {
 	var pass bool
-	if len(r.Passed) > 0 && len(r.Rejected) == 0 {
+	if len(r.Passed) > 0 {
 		pass = true
 	}