From f1bc80d18bef844c8e36f2f4f13214cc85939e67 Mon Sep 17 00:00:00 2001 From: Dima R <90623914+cx-dmitri-rivin@users.noreply.github.com> Date: Sun, 14 Sep 2025 10:46:51 +0300 Subject: [PATCH 1/2] checkmarx folder deleted --- internal/commands/scan.go | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/internal/commands/scan.go b/internal/commands/scan.go index fdf20e749..d7812d47b 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -1942,6 +1942,8 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW if unzip { _ = cleanTempUnzipDirectory(directoryPath) } + // Clean up .checkmarx directory on container scan error + _ = cleanCheckmarxContainersDirectory(directoryPath) return "", "", containerResolverError } } @@ -1950,12 +1952,26 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW logger.PrintIfVerbose("Single container scan triggered: compressing only the container resolution file") containerResolutionFilePath := filepath.Join(directoryPath, ".checkmarx", "containers", containerResolutionFileName) zipFilePath, dirPathErr = util.CompressFile(containerResolutionFilePath, containerResolutionFileName, directoryCreationPrefix) + + // Clean up .checkmarx directory after successful container scan compression + if dirPathErr == nil { + _ = cleanCheckmarxContainersDirectory(directoryPath) + } } else { if !isSbom { zipFilePath, dirPathErr = compressFolder(directoryPath, sourceDirFilter, userIncludeFilter, scaResolver) } + + // Clean up .checkmarx directory after successful mixed scan (including containers) compression + if dirPathErr == nil && containerScanTriggered && containerResolveLocally { + _ = cleanCheckmarxContainersDirectory(directoryPath) + } } if dirPathErr != nil { + // Clean up .checkmarx directory on compression error if container scan was involved + if containerScanTriggered && containerResolveLocally { + _ = cleanCheckmarxContainersDirectory(directoryPath) + } return "", "", dirPathErr } @@ -1975,6 +1991,24 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW return preSignedURL, zipFilePath, nil } +// cleanCheckmarxContainersDirectory removes the .checkmarx/containers directory after container scan completion +func cleanCheckmarxContainersDirectory(directoryPath string) error { + checkmarxPath := filepath.Join(directoryPath, ".checkmarx") + if _, err := os.Stat(checkmarxPath); os.IsNotExist(err) { + logger.PrintIfVerbose("No .checkmarx directory found to clean up") + return nil + } + + logger.PrintIfVerbose("Cleaning up .checkmarx directory after container scan") + err := os.RemoveAll(checkmarxPath) + if err != nil { + logger.PrintIfVerbose(fmt.Sprintf("Warning: Failed to clean up .checkmarx directory: %s", err.Error())) + return errors.Wrapf(err, "Failed to clean up .checkmarx directory") + } + logger.PrintIfVerbose("Successfully cleaned up .checkmarx directory") + return nil +} + func runContainerResolver(cmd *cobra.Command, directoryPath, containerImageFlag string, containerResolveLocally bool) error { debug, _ := cmd.Flags().GetBool(commonParams.DebugFlag) var containerImagesList []string From 030edbd716c6b336a7b39f6b03189a92d2a0349d Mon Sep 17 00:00:00 2001 From: Dima R <90623914+cx-dmitri-rivin@users.noreply.github.com> Date: Tue, 16 Sep 2025 11:49:31 +0300 Subject: [PATCH 2/2] only containers folder deleted --- internal/commands/scan.go | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/internal/commands/scan.go b/internal/commands/scan.go index d7812d47b..b1e93b18a 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -1942,7 +1942,7 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW if unzip { _ = cleanTempUnzipDirectory(directoryPath) } - // Clean up .checkmarx directory on container scan error + // Clean up .checkmarx/containers directory on container scan error _ = cleanCheckmarxContainersDirectory(directoryPath) return "", "", containerResolverError } @@ -1953,7 +1953,7 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW containerResolutionFilePath := filepath.Join(directoryPath, ".checkmarx", "containers", containerResolutionFileName) zipFilePath, dirPathErr = util.CompressFile(containerResolutionFilePath, containerResolutionFileName, directoryCreationPrefix) - // Clean up .checkmarx directory after successful container scan compression + // Clean up .checkmarx/containers directory after successful container scan compression if dirPathErr == nil { _ = cleanCheckmarxContainersDirectory(directoryPath) } @@ -1962,13 +1962,13 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW zipFilePath, dirPathErr = compressFolder(directoryPath, sourceDirFilter, userIncludeFilter, scaResolver) } - // Clean up .checkmarx directory after successful mixed scan (including containers) compression + // Clean up .checkmarx/containers directory after successful mixed scan (including containers) compression if dirPathErr == nil && containerScanTriggered && containerResolveLocally { _ = cleanCheckmarxContainersDirectory(directoryPath) } } if dirPathErr != nil { - // Clean up .checkmarx directory on compression error if container scan was involved + // Clean up .checkmarx/containers directory on compression error if container scan was involved if containerScanTriggered && containerResolveLocally { _ = cleanCheckmarxContainersDirectory(directoryPath) } @@ -1991,21 +1991,21 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW return preSignedURL, zipFilePath, nil } -// cleanCheckmarxContainersDirectory removes the .checkmarx/containers directory after container scan completion +// cleanCheckmarxContainersDirectory removes only the .checkmarx/containers directory after container scan completion func cleanCheckmarxContainersDirectory(directoryPath string) error { - checkmarxPath := filepath.Join(directoryPath, ".checkmarx") - if _, err := os.Stat(checkmarxPath); os.IsNotExist(err) { - logger.PrintIfVerbose("No .checkmarx directory found to clean up") + containersPath := filepath.Join(directoryPath, ".checkmarx", "containers") + if _, err := os.Stat(containersPath); os.IsNotExist(err) { + logger.PrintIfVerbose("No .checkmarx/containers directory found to clean up") return nil } - logger.PrintIfVerbose("Cleaning up .checkmarx directory after container scan") - err := os.RemoveAll(checkmarxPath) + logger.PrintIfVerbose("Cleaning up .checkmarx/containers directory after container scan") + err := os.RemoveAll(containersPath) if err != nil { - logger.PrintIfVerbose(fmt.Sprintf("Warning: Failed to clean up .checkmarx directory: %s", err.Error())) - return errors.Wrapf(err, "Failed to clean up .checkmarx directory") + logger.PrintIfVerbose(fmt.Sprintf("Warning: Failed to clean up .checkmarx/containers directory: %s", err.Error())) + return errors.Wrapf(err, "Failed to clean up .checkmarx/containers directory") } - logger.PrintIfVerbose("Successfully cleaned up .checkmarx directory") + logger.PrintIfVerbose("Successfully cleaned up .checkmarx/containers directory") return nil }