Improve Logic in Twistlock Scan
Current Behavior
The Twistock scan job within the Scanning stage may output a JSON file with an empty Vulnerabilities list and a value in the err
field.
Live Example
https://repo1.dsop.io/dsop/redhat/ubi/ubi8/-/pipelines/105250 https://repo1.dsop.io/dsop/opensource/goharbor/harbor-db/-/pipelines/105223
Viewing the twistlock_cve.json file for these runs shows that the have empty vulnerability lists and an error message in the err
field that contains Failed to pull image
Expected Behavior
Logic to handle an error message in the err
field
Possible Solution
When an error exists either attempt the scan again a set number of times and then fail, or fail immediately.