make the zap parser not error out when receiving an empty file

Author: northdpole

components/scanners/zaproxy/internal/transformer/transformer.go

@@ -124,7 +124,10 @@ func (g *zapTransformer) Transform(ctx context.Context) ([]*ocsf.VulnerabilityFi
 		}
 		return nil, errors.Errorf("failed to read raw output file '%s': %w", g.rawOutFilePath, err)
 	}
-
+	if len(b) == 0 {
+		logger.Info("input file is empty, exiting without findings")
+		return []*ocsf.VulnerabilityFinding{}, nil
+	}
 	var report sarifschemav210.SchemaJson
 	if err := report.UnmarshalJSON(b); err != nil {
 		return nil, errors.Errorf("failed to parse raw zap output: %w", err)

components/scanners/zaproxy/internal/transformer/transformer_test.go

@@ -3,6 +3,7 @@ package transformer_test
 import (
 	"context"
 	_ "embed"
+	"os"
 	"testing"
 	"time"
 
@@ -230,4 +231,28 @@ func TestZapTransformer_Transform(t *testing.T) {
 			assert.Equal(t, expectedMetadataUIDs[idx], *finding.Metadata.Uid, "Unexpected metadata uid for finding %d", idx)
 		}
 	})
+	t.Run("it should return an empty finding array when the input file is empty", func(t *testing.T) {
+		emptyFilePath := "./testdata/empty.sarif.json"
+		require.NoError(t, os.WriteFile(emptyFilePath, []byte{}, 0644))
+		defer func() {
+			require.NoError(t, os.Remove(emptyFilePath))
+		}()
+
+		ocsfTransformer, err := transformer.New(
+			transformer.ZapRawOutFilePath(emptyFilePath),
+			transformer.ZapTransformerWithTarget(transformer.TargetTypeWebsite),
+			transformer.ZapTransformerWithClock(clock),
+		)
+		require.NoError(t, err)
+
+		ctx := context.WithValue(ctx, component.SCANNER_TARGET_METADATA_CTX_KEY, &ocsffindinginfo.DataSource{
+			TargetType: ocsffindinginfo.DataSource_TARGET_TYPE_WEBSITE,
+		})
+		ctx, cancel := context.WithCancel(ctx)
+		defer cancel()
+
+		findings, err := ocsfTransformer.Transform(ctx)
+		require.NoError(t, err)
+		assert.Empty(t, findings, "Expected no findings for an empty input file")
+	})
 }