fix: exit with a non-zero code when showing help (#2309)

Note I've purposely not used a new error code for now because I can't
imagine a use-case for wanting to identify this particular situation in
a scripting context, which is where exit code values are relevant (we
can always use a more specific code later if a use case is presented)

Resolves #2303

Author: G-Rath

.github/workflows/checks.yml

@@ -177,8 +177,6 @@ jobs:
           ) | .name' output.json | while read -r image; do
             echo "Testing image $image"
 
-            docker run $image -h
-
             exit_code=0
             docker run -v ${PWD}:/src $image -L /src/go.mod || exit_code=$?
 

cmd/osv-scanner/__snapshots__/main_test.snap

@@ -22,6 +22,29 @@ OPTIONS:
 
 ---
 
+[Test_run/#01 - 1]
+NAME:
+   osv-scanner scan - scans projects and container images for dependencies, and checks them against the OSV database.
+
+USAGE:
+   osv-scanner scan [command [command options]]
+
+DESCRIPTION:
+   scans projects and container images for dependencies, and checks them against the OSV database.
+
+COMMANDS:
+   source  scans a source project's dependencies for known vulnerabilities using the OSV database.
+   image   detects vulnerabilities in a container image's dependencies, pulling the image if it's not found locally
+
+OPTIONS:
+   --help, -h  show help
+
+---
+
+[Test_run/#01 - 2]
+
+---
+
 [Test_run/version - 1]
 osv-scanner version: 2.2.4
 osv-scalibr version: 0.3.6

cmd/osv-scanner/internal/cmd/run.go

@@ -50,6 +50,11 @@ func Run(args []string, stdout, stderr io.Writer, commands []CommandBuilder) int
 	}
 	// ---
 
+	cli.HelpPrinter = func(w io.Writer, templ string, data any) {
+		cmdlogger.SetHasErrored()
+		cli.HelpPrinterCustom(w, templ, data, nil)
+	}
+
 	cli.VersionPrinter = func(cmd *cli.Command) {
 		cmdlogger.Infof("osv-scanner version: %s", cmd.Version)
 		cmdlogger.Infof("osv-scalibr version: %s", scalibr.ScannerVersion)

cmd/osv-scanner/main_test.go

@@ -15,7 +15,12 @@ func Test_run(t *testing.T) {
 		{
 			Name: "",
 			Args: []string{""},
-			Exit: 0,
+			Exit: 127,
+		},
+		{
+			Name: "",
+			Args: []string{"--help"},
+			Exit: 127,
 		},
 		{
 			Name: "version",

cmd/osv-scanner/scan/__snapshots__/command_test.snap

@@ -11,6 +11,26 @@ No issues found
 
 ---
 
+[TestCommand_SubCommands/with_no_arguments - 1]
+NAME:
+   osv-scanner scan - scans projects and container images for dependencies, and checks them against the OSV database.
+
+USAGE:
+   osv-scanner scan [command [command options]]
+
+DESCRIPTION:
+   scans projects and container images for dependencies, and checks them against the OSV database.
+
+COMMANDS:
+   source  scans a source project's dependencies for known vulnerabilities using the OSV database.
+   image   detects vulnerabilities in a container image's dependencies, pulling the image if it's not found locally
+
+---
+
+[TestCommand_SubCommands/with_no_arguments - 2]
+
+---
+
 [TestCommand_SubCommands/with_no_subcommand - 1]
 Scanning dir ./testdata/locks-many/composer.lock
 Scanned <rootdir>/testdata/locks-many/composer.lock file and found 1 package

cmd/osv-scanner/scan/command_test.go

@@ -11,6 +11,11 @@ func TestCommand_SubCommands(t *testing.T) {
 	t.Parallel()
 
 	tests := []testcmd.Case{
+		{
+			Name: "with_no_arguments",
+			Args: []string{"", "scan"},
+			Exit: 127,
+		},
 		// without subcommands
 		{
 			Name: "with no subcommand",

cmd/osv-scanner/update/__snapshots__/command_test.snap

@@ -292,3 +292,23 @@ file not found: ./testdata/does_not_exist.xml
 </project>
 
 ---
+
+[TestCommand/with_no_arguments - 1]
+NAME:
+   osv-scanner update - [EXPERIMENTAL] scans a manifest file then updates dependencies
+
+USAGE:
+   osv-scanner update
+
+OPTIONS:
+   --manifest string, -M string                                                     path to manifest file (required)
+   --ignore-dev                                                                     whether to ignore development dependencies for updates (default: false)
+   --upgrade-config [package-name:]level [ --upgrade-config [package-name:]level ]  the allowed package upgrades, in the format [package-name:]level. If package-name is omitted, level is applied to all packages. level must be one of (major, minor, patch, none). (default: major)
+   --data-source string                                                             source to fetch package information from; value can be: deps.dev, native (default: "deps.dev")
+
+---
+
+[TestCommand/with_no_arguments - 2]
+Required flag "manifest" not set
+
+---

cmd/osv-scanner/update/command_test.go

@@ -12,6 +12,11 @@ func TestCommand(t *testing.T) {
 	t.Parallel()
 
 	tests := []testcmd.Case{
+		{
+			Name: "with_no_arguments",
+			Args: []string{"", "update"},
+			Exit: 127,
+		},
 		{
 			Name: "update pom.xml with in-place changes",
 			Args: []string{"", "update", "-M=./testdata/pom.xml"},

internal/cmdlogger/handler.go

@@ -46,7 +46,7 @@ func (c *Handler) writer(level slog.Level) io.Writer {
 
 func (c *Handler) Enabled(ctx context.Context, level slog.Level) bool {
 	if level == slog.LevelError {
-		c.hasErrored = true
+		c.SetHasErrored()
 	}
 
 	if c.overrideHandler != nil {
@@ -58,7 +58,7 @@ func (c *Handler) Enabled(ctx context.Context, level slog.Level) bool {
 
 func (c *Handler) Handle(ctx context.Context, record slog.Record) error {
 	if record.Level == slog.LevelError {
-		c.hasErrored = true
+		c.SetHasErrored()
 
 		if strings.HasPrefix(record.Message, "Ignored invalid config file") {
 			c.hasErroredBecauseInvalidConfig = true
@@ -74,6 +74,10 @@ func (c *Handler) Handle(ctx context.Context, record slog.Record) error {
 	return err
 }
 
+func (c *Handler) SetHasErrored() {
+	c.hasErrored = true
+}
+
 // HasErrored returns true if there have been any calls to Handle with
 // a level of [slog.LevelError]
 func (c *Handler) HasErrored() bool {

internal/cmdlogger/interface.go

@@ -5,6 +5,7 @@ import "log/slog"
 type CmdLogger interface {
 	slog.Handler
 	SendEverythingToStderr()
+	SetHasErrored()
 	HasErrored() bool
 	HasErroredBecauseInvalidConfig() bool
 	SetLevel(level slog.Leveler)