handle if results is null

Signed-off-by: Sertac Ozercan <[email protected]>

.github/workflows/patch.yaml

@@ -1,5 +1,6 @@
-name: Patch images
+name: Patch vulnerable images
 on:
+  # change this to your preferred trigger
   workflow_dispatch:
 jobs:
   patch:
@@ -32,7 +33,7 @@ jobs:
         id: vuln_count
         run: |
           report_file="report.json"
-          vuln_count=$(jq '[.Results[] | select(.Class=="os-pkgs" and .Vulnerabilities!=null) | .Vulnerabilities[]] | length' "$report_file")
+          vuln_count=$(jq 'if .Results then [.Results[] | select(.Class=="os-pkgs" and .Vulnerabilities!=null) | .Vulnerabilities[]] | length else 0 end' "$report_file")
           echo "vuln_count=$vuln_count" >> $GITHUB_OUTPUT
 
         # copa action will only run if there are vulnerabilities

README.md

@@ -24,4 +24,4 @@ Copacetic Action is supported with Copa version 0.3.0 and later.
 
 ## Example usage
 
-https://github.com/sozercan/copa-action/blob/1318614969da67670fc36a7be0f55c4d5c3f1de8/.github/workflows/patch.yaml#L1-L64
+https://github.com/sozercan/copa-action/blob/1318614969da67670fc36a7be0f55c4d5c3f1de8/.github/workflows/patch.yaml#L1-L64

test/test.bats

@@ -15,6 +15,6 @@ teardown_file() {
 @test "Run trivy on patched image" {
     run trivy image --exit-code 1 --vuln-type os --ignore-unfixed -f json -o nginx.1.21.6-patched.json 'docker.io/library/nginx:1.21.6-patched'
     [ "$status" -eq 0 ]
-    vulns=$(jq '[.Results[] | select(.Class=="os-pkgs" and .Vulnerabilities!=null) | .Vulnerabilities[]] | length' nginx.1.21.6-patched.json)
+    vulns=$(jq 'if .Results then [.Results[] | select(.Class=="os-pkgs" and .Vulnerabilities!=null) | .Vulnerabilities[]] | length else 0 end' nginx.1.21.6-patched.json)
     assert_equal "$vulns" "0"
 }