From e548b825399b10887c3da636372004cca084e814 Mon Sep 17 00:00:00 2001
From: Martin Hrabovcin <martin.hrabovcin@nutanix.com>
Date: Mon, 19 Feb 2024 17:22:27 +0100
Subject: [PATCH] fix: check for vulnerabilities presence

---
 .github/actions/copacetic-action/pkg/image/scan.go | 8 ++++++++
 .github/actions/copacetic-action/pkg/patch/task.go | 4 ++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/.github/actions/copacetic-action/pkg/image/scan.go b/.github/actions/copacetic-action/pkg/image/scan.go
index 3caf20a..35f3fbf 100644
--- a/.github/actions/copacetic-action/pkg/image/scan.go
+++ b/.github/actions/copacetic-action/pkg/image/scan.go
@@ -22,6 +22,14 @@ func (r *Report) WriteTo(path string) error {
 	return os.WriteFile(path, data, 0o755)
 }
 
+func (r *Report) Vulnerabilities() []types.DetectedVulnerability {
+	vulnerabilities := []types.DetectedVulnerability{}
+	for _, resultClass := range r.Results {
+		vulnerabilities = append(vulnerabilities, resultClass.Vulnerabilities...)
+	}
+	return vulnerabilities
+}
+
 type CmdErr struct {
 	Err    error
 	Stdout []byte
diff --git a/.github/actions/copacetic-action/pkg/patch/task.go b/.github/actions/copacetic-action/pkg/patch/task.go
index f068c6e..9702332 100644
--- a/.github/actions/copacetic-action/pkg/patch/task.go
+++ b/.github/actions/copacetic-action/pkg/patch/task.go
@@ -54,12 +54,12 @@ func Run(ctx context.Context, imageRef string, reg registry.Registry, imageTagSu
 		return withErr(t, err), err
 	}
 
-	if len(report.Results) == 0 {
+	if len(report.Vulnerabilities()) == 0 {
 		logger.Info("no fixable vulnerabilities found in scanned image", "scannedImage", imagePatch.Scanned)
 		return t, nil
 	}
 
-	logger.Info("found patchable vulnerabilities", "report", report.Results)
+	logger.Info("found patchable vulnerabilities", "vulnerabilites", report.Vulnerabilities())
 
 	buildId, err := randutil.Alphanumeric(5)
 	logger.Info("generated unique buildId", "buildId", buildId)