Merge pull request #1305 from Checkmarx/bug/containers-temp-folder-delete

cx-anurag-dalke · web-flow · commit 90eeb9495128 · 2025-09-17T19:17:25.000+05:30
Containers - checkmarx folder deleted (AST-106461)
diff --git a/internal/commands/scan.go b/internal/commands/scan.go
@@ -1942,6 +1942,8 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW
 				if unzip {
 					_ = cleanTempUnzipDirectory(directoryPath)
 				}
+				// Clean up .checkmarx/containers directory on container scan error
+				_ = cleanCheckmarxContainersDirectory(directoryPath)
 				return "", "", containerResolverError
 			}
 		}
@@ -1950,12 +1952,26 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW
 			logger.PrintIfVerbose("Single container scan triggered: compressing only the container resolution file")
 			containerResolutionFilePath := filepath.Join(directoryPath, ".checkmarx", "containers", containerResolutionFileName)
 			zipFilePath, dirPathErr = util.CompressFile(containerResolutionFilePath, containerResolutionFileName, directoryCreationPrefix)
+
+			// Clean up .checkmarx/containers directory after successful container scan compression
+			if dirPathErr == nil {
+				_ = cleanCheckmarxContainersDirectory(directoryPath)
+			}
 		} else {
 			if !isSbom {
 				zipFilePath, dirPathErr = compressFolder(directoryPath, sourceDirFilter, userIncludeFilter, scaResolver)
 			}
+
+			// Clean up .checkmarx/containers directory after successful mixed scan (including containers) compression
+			if dirPathErr == nil && containerScanTriggered && containerResolveLocally {
+				_ = cleanCheckmarxContainersDirectory(directoryPath)
+			}
 		}
 		if dirPathErr != nil {
+			// Clean up .checkmarx/containers directory on compression error if container scan was involved
+			if containerScanTriggered && containerResolveLocally {
+				_ = cleanCheckmarxContainersDirectory(directoryPath)
+			}
 			return "", "", dirPathErr
 		}
 
@@ -1975,6 +1991,24 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW
 	return preSignedURL, zipFilePath, nil
 }
 
+// cleanCheckmarxContainersDirectory removes only the .checkmarx/containers directory after container scan completion
+func cleanCheckmarxContainersDirectory(directoryPath string) error {
+	containersPath := filepath.Join(directoryPath, ".checkmarx", "containers")
+	if _, err := os.Stat(containersPath); os.IsNotExist(err) {
+		logger.PrintIfVerbose("No .checkmarx/containers directory found to clean up")
+		return nil
+	}
+
+	logger.PrintIfVerbose("Cleaning up .checkmarx/containers directory after container scan")
+	err := os.RemoveAll(containersPath)
+	if err != nil {
+		logger.PrintIfVerbose(fmt.Sprintf("Warning: Failed to clean up .checkmarx/containers directory: %s", err.Error()))
+		return errors.Wrapf(err, "Failed to clean up .checkmarx/containers directory")
+	}
+	logger.PrintIfVerbose("Successfully cleaned up .checkmarx/containers directory")
+	return nil
+}
+
 func runContainerResolver(cmd *cobra.Command, directoryPath, containerImageFlag string, containerResolveLocally bool) error {
 	debug, _ := cmd.Flags().GetBool(commonParams.DebugFlag)
 	var containerImagesList []string
