Prevent adding both skipped and failure elements (#1123)

* Prevent adding both skipped and failure elements This is a potential fix to prevent both `skipped` and `failure` elements on a skipped violation in JUnit output format Fixes: #1122 * rebase to fix tests, and remove violation details from skip message
tenable · Feb 8, 2022 · c37172a · c37172a
1 parent 87ce30e
commit c37172a
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 6 deletions.
diff --git a/pkg/writer/junit_xml.go b/pkg/writer/junit_xml.go
@@ -164,18 +164,22 @@ func violationsToTestCases(violations []*results.Violation, isSkipped bool) []JU
 	for _, v := range violations {
 		var testCase JUnitTestCase
 		if isSkipped {
-			testCase = JUnitTestCase{Failure: new(JUnitFailure), SkipMessage: new(JUnitSkipMessage)}
-			testCase.SkipMessage.Message = v.Comment
+			testCase = JUnitTestCase{SkipMessage: new(JUnitSkipMessage)}
+			// since junitXML doesn't contain the attributes we want to show as violations
+			// we would add details of violations in the skip message, with any provided skip comment
+			if v.Comment != "" {
+				testCase.SkipMessage.Message = v.Comment
+			}
 		} else {
 			testCase = JUnitTestCase{Failure: new(JUnitFailure)}
+			// since junitXML doesn't contain the attributes we want to show as violations
+			// we would add details of violations in the failure message
+			testCase.Failure.Message = getViolationString(*v)
 		}
 		testCase.Classname = v.File
 		testCase.Name = fmt.Sprintf(testNameFormatFailed, v.ResourceName, v.LineNumber, v.RuleID)
 		testCase.Severity = v.Severity
 		testCase.Category = v.Category
-		// since junitXML doesn't contain the attributes we want to show as violations
-		// we would add details of violations in the failure message
-		testCase.Failure.Message = getViolationString(*v)
 		testCases = append(testCases, testCase)
 	}
 	return testCases

diff --git a/pkg/writer/junit_xml_test.go b/pkg/writer/junit_xml_test.go
@@ -39,7 +39,6 @@ func TestJUnitXMLWriter(t *testing.T) {
     </testcase>
     <testcase classname="modules/m1/main.tf" name="[ERROR] resource: &#34;bucket&#34; at line: 20, violates: RULE - AWS.S3Bucket.DS.High.1043" severity="HIGH" category="S3">
       <skipped message=""></skipped>
-      <failure message="Description: S3 bucket Access is allowed to all AWS Account Users., File: modules/m1/main.tf, Line: 20, Severity: HIGH, Rule Name: s3EnforceUserACL, Rule ID: AWS.S3Bucket.DS.High.1043, Resource Name: bucket, Resource Type: aws_s3_bucket, Category: S3" type=""></failure>
     </testcase>
   </testsuite>
 </testsuites>