KICS exiting with status code 30, 40

[jatinmehrotra]

• I am trying to run KICS against sample-app provided by AWS workshop. https://cdkworkshop.com/20-typescript/20-create-project/100-cdk-init.html

• I am seeing errors with ect status code 40 and 30

Exit status code 40

• After running KICS it simply exits with status 40

• It also throws status 40 when I try to exclude severties for HIGH categories

const app = new cdk.App({
    policyValidationBeta1: [new KicsValidator({
        excludeSeverities: [Severity.HIGH],
    })],
});

Error Message

Error: Command exited with status 40

Validation Report
-----------------

╔═══════════════════════════════════════╗
║             Plugin Report             ║
║   Plugin: kics-cdk-validator-plugin   ║
║   Version: N/A                        ║
║   Status: failure                     ║
╚═══════════════════════════════════════╝


Policy Validation Report Summary

╔═══════════════════════════╤═════════╗
║ Plugin                    │ Status  ║
╟───────────────────────────┼─────────╢
║ kics-cdk-validator-plugin │ failure ║
╚═══════════════════════════╧═════════╝

Validation failed. See the validation report above for details

Subprocess exited with error 1

CDK stack code

import { Duration, Stack, StackProps } from 'aws-cdk-lib';
import * as sns from 'aws-cdk-lib/aws-sns';
import * as subs from 'aws-cdk-lib/aws-sns-subscriptions';
import * as sqs from 'aws-cdk-lib/aws-sqs';
import * as s3 from 'aws-cdk-lib/aws-s3';
import { Construct } from 'constructs';

export class CdkLeftShiftStack extends Stack {
  constructor(scope: Construct, id: string, props?: StackProps) {
    super(scope, id, props);

    new s3.Bucket(this, 'MyFirstBucket'); // had to add as workaround

    const queue = new sqs.Queue(this, 'CdkLeftShiftQueue', {
      visibilityTimeout: Duration.seconds(300)
    });

    const topic = new sns.Topic(this, 'CdkLeftShiftTopic');

    topic.addSubscription(new subs.SqsSubscription(queue));
  }
}

If i add a s3 bucket to the CDK code then it works fine.

Exit status code 30

• When I use failureSeverities with Severity.LOW it exits with status code 30 and fails

new KicsValidator({
  failureSeverities: [
    Severity.LOW,
  ],
});

Is this behaviour of error status code and error intended?

[gabriel-cx]

Hi @jatinmehrotra,

Kindly check KICS exit codes documentation, hope this clarifies your doubts!

[jatinmehrotra]

@gabriel-cx 　Thank you for the documentation.

I understood exit code 40,30 is intended but in that case too I was expecting to see failure report to show me MEDIUM/LOW category reports but in my above case, it only shows report status as failure with no reports