Merge branch 'main' into registry-scannign

Signed-off-by: David Wertenteil <[email protected]>

.github/workflows/pr-merged.yaml

@@ -37,12 +37,11 @@ jobs:
       BUILD_PLATFORM: linux/amd64,linux/arm64
       GO_VERSION: "1.21"
       REQUIRED_TESTS: '[
-                        "vulnerability_scanning", 
-                        "vulnerability_scanning_trigger_scan_on_new_image", 
-                        "vulnerability_scanning_trigger_scan_public_registry", 
-                        "vulnerability_scanning_trigger_scan_public_registry_excluded", 
-                        "vulnerability_scanning_trigger_scan_private_quay_registry", 
-                        "vulnerability_scanning_triggering_with_cron_job", 
+                        "vuln_scan", 
+                        "vuln_scan_trigger_scan_public_registry", 
+                        "vuln_scan_trigger_scan_public_registry_excluded", 
+                        "vuln_scan_trigger_scan_private_quay_registry", 
+                        "vuln_scan_triggering_with_cron_job", 
                         "registry_scanning_triggering_with_cron_job", 
                         "ks_microservice_ns_creation",
                         "ks_microservice_on_demand", 
@@ -52,8 +51,8 @@ jobs:
                         "ks_microservice_update_cronjob_schedule", 
                         "ks_microservice_delete_cronjob", 
                         "ks_microservice_create_2_cronjob_mitre_and_nsa",
-                        "vulnerability_scanning_test_public_registry_connectivity_by_backend",
-                        "vulnerability_scanning_test_public_registry_connectivity_excluded_by_backend",
+                        "vuln_scan_test_public_registry_connectivity_by_backend",
+                        "vuln_scan_test_public_registry_connectivity_excluded_by_backend",
                         "relevantCVEs",
                         "relevancy_enabled_stop_sniffing",
                         "relevant_data_is_appended",

.github/workflows/scorecard.yml

@@ -32,12 +32,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
+        uses: actions/checkout@v4
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
+        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
         with:
           results_file: results.sarif
           results_format: sarif

go.mod

@@ -12,7 +12,7 @@ require (
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/deckarep/golang-set/v2 v2.6.0
 	github.com/distribution/reference v0.5.0
-	github.com/docker/docker v25.0.1+incompatible
+	github.com/docker/docker v25.0.5+incompatible
 	github.com/go-openapi/runtime v0.27.1
 	github.com/google/go-containerregistry v0.19.0
 	github.com/google/uuid v1.6.0
@@ -245,14 +245,14 @@ require (
 	go.opentelemetry.io/proto/otlp v1.0.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	golang.org/x/crypto v0.19.0 // indirect
+	golang.org/x/crypto v0.21.0 // indirect
 	golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
 	golang.org/x/mod v0.15.0 // indirect
-	golang.org/x/net v0.21.0 // indirect
+	golang.org/x/net v0.23.0 // indirect
 	golang.org/x/oauth2 v0.16.0 // indirect
 	golang.org/x/sync v0.6.0 // indirect
-	golang.org/x/sys v0.17.0 // indirect
-	golang.org/x/term v0.17.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
+	golang.org/x/term v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
 	golang.org/x/tools v0.18.0 // indirect
@@ -263,7 +263,7 @@ require (
 	google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac // indirect
 	google.golang.org/grpc v1.61.0 // indirect
-	google.golang.org/protobuf v1.32.0 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/square/go-jose.v2 v2.6.0 // indirect

go.sum

@@ -285,10 +285,10 @@ github.com/docker/cli v24.0.7+incompatible h1:wa/nIwYFW7BVTGa7SWPVyyXU9lgORqUb1x
 github.com/docker/cli v24.0.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
 github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v25.0.1+incompatible h1:k5TYd5rIVQRSqcTwCID+cyVA0yRg86+Pcrz1ls0/frA=
-github.com/docker/docker v25.0.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-credential-helpers v0.8.1 h1:j/eKUktUltBtMzKqmfLB0PAgqYyMHOp5vfsD1807oKo=
 github.com/docker/docker-credential-helpers v0.8.1/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
+github.com/docker/docker v25.0.5+incompatible h1:UmQydMduGkrD5nQde1mecF/YnSbTOaPeFIeP5C4W+DE=
+github.com/docker/docker v25.0.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c h1:+pKlWGMw7gf6bQ+oDZB4KHQFypsfjYlq/C4rfL7D3g8=
@@ -1017,8 +1017,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo=
-golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -1121,8 +1121,8 @@ golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qx
 golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
-golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
+golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
+golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
@@ -1237,12 +1237,12 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
-golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
-golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
+golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
+golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -1503,8 +1503,8 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I=
-google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

mainhandler/imageregistryhandler.go

@@ -163,7 +163,7 @@ func (reg *registryAuth) initDefaultValues(ctx context.Context) error {
 	switch reg.AuthMethod {
 	case string(accessTokenAuth), "", "credentials":
 		if reg.Password == "" || reg.Username == "" {
-			return errorWithDocumentationRef("auth_method accesstoken requirers username and password")
+			return errorWithDocumentationRef("auth_method accesstoken requires username and password")
 		}
 	case "public":
 		//do nothing
@@ -203,7 +203,7 @@ func (reg *registryAuth) initDefaultValues(ctx context.Context) error {
 			return err
 		}
 	} else {
-		//try to get the kind from the reg name - if not found it will fallback to default kind
+		//try to get the kind from the reg name - if not found it will fall back to default kind
 		reg.Kind, _ = regCommon.GetRegistryKind(strings.Split(reg.Registry, "/")[0])
 	}
 	return err
@@ -213,7 +213,7 @@ func (rs *registryScan) filterRepositories(ctx context.Context, repos []string)
 	if len(rs.registryInfo.Include) == 0 && len(rs.registryInfo.Exclude) == 0 {
 		return repos
 	}
-	filteredRepos := []string{}
+	var filteredRepos []string
 	for _, repo := range repos {
 		// if rs.registry.projectID != "" {
 		// 	if !strings.Contains(repo, rs.registry.projectID+"/") {
@@ -273,7 +273,7 @@ func (registryScan *registryScan) createTriggerRequestSecret(k8sAPI *k8sinterfac
 	return nil
 }
 
-func (registryScan *registryScan) createTriggerRequestConfigMap(k8sAPI *k8sinterface.KubernetesApi, name, registryName string, webSocketScanCMD apis.Command) error {
+func (registryScan *registryScan) createTriggerRequestConfigMap(k8sAPI *k8sinterface.KubernetesApi, name string) error {
 	configMap := corev1.ConfigMap{}
 	configMap.Name = name
 	if configMap.Labels == nil {
@@ -292,7 +292,7 @@ func (registryScan *registryScan) createTriggerRequestConfigMap(k8sAPI *k8sinter
 	}
 
 	// command will be mounted into cronjob by using this configmap
-	configMap.Data[requestBodyFile] = string(command)
+	configMap.Data[requestBodyFile] = command
 
 	if _, err := k8sAPI.KubernetesClient.CoreV1().ConfigMaps(registryScan.config.Namespace()).Create(context.Background(), &configMap, metav1.CreateOptions{}); err != nil {
 		return err
@@ -301,7 +301,7 @@ func (registryScan *registryScan) createTriggerRequestConfigMap(k8sAPI *k8sinter
 }
 
 func (registryScan *registryScan) getImagesForScanning(ctx context.Context, reporter beClientV1.IReportSender) error {
-	logger.L().Info("getImagesForScanning: enumerating repoes...")
+	logger.L().Info("getImagesForScanning: enumerating repos...")
 	errChan := make(chan error)
 	repos, err := registryScan.enumerateRepos(ctx)
 	if err != nil {
@@ -310,15 +310,9 @@ func (registryScan *registryScan) getImagesForScanning(ctx context.Context, repo
 	}
 	logger.L().Info(fmt.Sprintf("GetImagesForScanning: enumerating repos successfully, found %d repos", len(repos)))
 
-	reposToTags := make(chan map[string][]string, len(repos))
 	for _, repo := range repos {
-		currentRepo := repo
-		go registryScan.setImageToTagsMap(ctx, currentRepo, reporter, reposToTags)
-	}
-	for i := 0; i < len(repos); i++ {
-		res := <-reposToTags
-		for k, v := range res {
-			registryScan.mapImageToTags[k] = v
+		if err := registryScan.setImageToTagsMap(ctx, repo, reporter, registryScan.mapImageToTags); err != nil {
+			logger.L().Ctx(ctx).Error("setImageToTagsMap failed", helpers.String("registry", registryScan.registry.hostname), helpers.Error(err))
 		}
 	}
 
@@ -338,7 +332,7 @@ func (registryScan *registryScan) getImagesForScanning(ctx context.Context, repo
 	return nil
 }
 
-func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo string, sender beClientV1.IReportSender, c chan map[string][]string) error {
+func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo string, sender beClientV1.IReportSender, imageToTags map[string][]string) error {
 	logger.L().Info(fmt.Sprintf("Fetching repository %s tags", repo))
 	iRegistry, err := registryScan.makeRegistryInterface()
 	if err != nil {
@@ -348,13 +342,13 @@ func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo st
 	firstPage := regCommon.MakePagination(tagsPageSize)
 	latestTagFound := false
 	tagsDepth := registryScan.registryInfo.Depth
-	tags := []string{}
-	options := []remote.Option{}
+	var tags []string
+	var options []remote.Option
 	if registryScan.isPrivate() {
 		options = append(options, remote.WithAuth(registryScan.registryCredentials()))
 	}
 	if latestTags, err := iRegistry.GetLatestTags(repo, *tagsDepth, options...); err == nil {
-		tags := []string{}
+		var tags []string
 		for _, tag := range latestTags {
 			// filter out signature tags
 			if strings.HasSuffix(tag, ".sig") {
@@ -367,25 +361,18 @@ func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo st
 			} else {
 				if tagsForDigestLen > *tagsDepth {
 					tags = append(tags, tagsForDigest[:*tagsDepth]...)
-					errMsg := fmt.Sprintf("image %s has %d tags. scanning only first %d tags - %s", repo, tagsForDigestLen, tagsDepth, strings.Join(tagsForDigest[:*tagsDepth], ","))
+					errMsg := fmt.Sprintf("image %s has %d tags. scanning only first %d tags - %s", repo, tagsForDigestLen, *tagsDepth, strings.Join(tagsForDigest[:*tagsDepth], ","))
 					if sender != nil {
-						errChan := make(chan error)
 						err := errorWithDocumentationRef(errMsg)
 						sender.SendWarning(err.Error(), registryScan.sendReport, true)
-						if err := <-errChan; err != nil {
-							logger.L().Ctx(ctx).Error("GetLatestTags failed to send error report",
-								helpers.String("registry", registryScan.registry.hostname), helpers.Error(err))
-						}
 					}
 					logger.L().Ctx(ctx).Warning("GetImagesForScanning: " + errMsg)
 				} else {
 					tags = append(tags, tagsForDigest...)
 				}
 			}
 		}
-		c <- map[string][]string{
-			registryScan.registry.hostname + "/" + repo: tags,
-		}
+		imageToTags[registryScan.registry.hostname+"/"+repo] = tags
 
 	} else { //fallback to list images lexicographically
 		logger.L().Ctx(ctx).Error("get latestTags failed, fetching lexicographical list of tags", helpers.String("repository", repo), helpers.Error(err))
@@ -407,9 +394,7 @@ func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo st
 				break
 			}
 		}
-		c <- map[string][]string{
-			registryScan.registry.hostname + "/" + repo: tags,
-		}
+		imageToTags[registryScan.registry.hostname+"/"+repo] = tags
 	}
 	return nil
 }
@@ -514,7 +499,7 @@ func (registryScan *registryScan) getCommandForConfigMap() (string, error) {
 	return string(scanV1Bytes), nil
 }
 
-func (registryScan *registryScan) setCronJobTemplate(jobTemplateObj *v1.CronJob, name, schedule, jobID, registryName string) error {
+func (registryScan *registryScan) setCronJobTemplate(jobTemplateObj *v1.CronJob, name, schedule, registryName string) error {
 	jobTemplateObj.Name = name
 	if schedule == "" {
 		return fmt.Errorf("schedule cannot be empty")
@@ -619,7 +604,7 @@ func (registryScan *registryScan) createTriggerRequestCronJob(k8sAPI *k8sinterfa
 		return err
 	}
 
-	err = registryScan.setCronJobTemplate(jobTemplateObj, name, getCronTabSchedule(command), command.JobTracking.JobID, registryName)
+	err = registryScan.setCronJobTemplate(jobTemplateObj, name, getCronTabSchedule(command), registryName)
 	if err != nil {
 		return err
 	}
@@ -799,9 +784,9 @@ func (registryScan *registryScan) getRegistryConfig(registryInfo *armotypes.Regi
 	if err != nil {
 		return string(cmDefaultMode), fmt.Errorf("error parsing ConfigMap: %s", err.Error())
 	}
-	for _, config := range registriesConfigs {
-		if config.Registry == registryInfo.RegistryName {
-			registryScan.setRegistryInfoFromConfigMap(registryInfo, config)
+	for _, c := range registriesConfigs {
+		if c.Registry == registryInfo.RegistryName {
+			registryScan.setRegistryInfoFromConfigMap(registryInfo, c)
 			return string(cmLoadedMode), nil
 		}
 	}
@@ -835,7 +820,7 @@ func getRegistryScanSecrets(k8sAPI IWorkloadsGetter, namespace, secretName strin
 	}
 
 	// when secret name is not provided, we will try to find all secrets starting with kubescape-registry-scan
-	registryScanSecrets := []k8sinterface.IWorkload{}
+	var registryScanSecrets []k8sinterface.IWorkload
 	all, err := k8sAPI.ListWorkloads2(namespace, "Secret")
 	if err == nil {
 		for _, secret := range all {

mainhandler/imageregistryhandlerhelper.go

@@ -188,7 +188,7 @@ func (actionHandler *ActionHandler) setRegistryScanCronJob(ctx context.Context,
 	}
 
 	// create configmap with POST data to trigger websocket
-	err = registryScan.createTriggerRequestConfigMap(actionHandler.k8sAPI, name, registryScan.registryInfo.RegistryName, sessionObj.Command)
+	err = registryScan.createTriggerRequestConfigMap(actionHandler.k8sAPI, name)
 	if err != nil {
 		logger.L().Info("In setRegistryScanCronJob: createTriggerRequestConfigMap failed", helpers.Error(err))
 		sessionObj.Reporter.SetDetails("createTriggerRequestConfigMap")

mainhandler/vulnscan.go

@@ -264,7 +264,7 @@ func (actionHandler *ActionHandler) testRegistryConnect(ctx context.Context, reg
 
 	// check that we can pull tags. One is enough
 	if len(repos) > 0 {
-		reposToTags := make(chan map[string][]string, 1)
+		reposToTags := make(map[string][]string)
 		if err := registry.setImageToTagsMap(ctx, repos[0], sessionObj.Reporter, reposToTags); err != nil {
 			sessionObj.Reporter.SetDetails(string(testRegistryRetrieveTagsStatus))
 			return fmt.Errorf("setImageToTagsMap failed with err %v", err)