diff --git a/.github/workflows/pr-merged.yaml b/.github/workflows/pr-merged.yaml index f2bbbc5..8fde5ae 100644 --- a/.github/workflows/pr-merged.yaml +++ b/.github/workflows/pr-merged.yaml @@ -37,12 +37,11 @@ jobs: BUILD_PLATFORM: linux/amd64,linux/arm64 GO_VERSION: "1.21" REQUIRED_TESTS: '[ - "vulnerability_scanning", - "vulnerability_scanning_trigger_scan_on_new_image", - "vulnerability_scanning_trigger_scan_public_registry", - "vulnerability_scanning_trigger_scan_public_registry_excluded", - "vulnerability_scanning_trigger_scan_private_quay_registry", - "vulnerability_scanning_triggering_with_cron_job", + "vuln_scan", + "vuln_scan_trigger_scan_public_registry", + "vuln_scan_trigger_scan_public_registry_excluded", + "vuln_scan_trigger_scan_private_quay_registry", + "vuln_scan_triggering_with_cron_job", "registry_scanning_triggering_with_cron_job", "ks_microservice_ns_creation", "ks_microservice_on_demand", @@ -52,8 +51,8 @@ jobs: "ks_microservice_update_cronjob_schedule", "ks_microservice_delete_cronjob", "ks_microservice_create_2_cronjob_mitre_and_nsa", - "vulnerability_scanning_test_public_registry_connectivity_by_backend", - "vulnerability_scanning_test_public_registry_connectivity_excluded_by_backend", + "vuln_scan_test_public_registry_connectivity_by_backend", + "vuln_scan_test_public_registry_connectivity_excluded_by_backend", "relevantCVEs", "relevancy_enabled_stop_sniffing", "relevant_data_is_appended", diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3279553..4d9ea43 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -32,12 +32,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@v4 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif diff --git a/go.mod b/go.mod index 461e7bf..af6af70 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/cenkalti/backoff v2.2.1+incompatible github.com/deckarep/golang-set/v2 v2.6.0 github.com/distribution/reference v0.5.0 - github.com/docker/docker v25.0.1+incompatible + github.com/docker/docker v25.0.5+incompatible github.com/go-openapi/runtime v0.27.1 github.com/google/go-containerregistry v0.19.0 github.com/google/uuid v1.6.0 @@ -245,14 +245,14 @@ require ( go.opentelemetry.io/proto/otlp v1.0.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect - golang.org/x/crypto v0.19.0 // indirect + golang.org/x/crypto v0.21.0 // indirect golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect golang.org/x/mod v0.15.0 // indirect - golang.org/x/net v0.21.0 // indirect + golang.org/x/net v0.23.0 // indirect golang.org/x/oauth2 v0.16.0 // indirect golang.org/x/sync v0.6.0 // indirect - golang.org/x/sys v0.17.0 // indirect - golang.org/x/term v0.17.0 // indirect + golang.org/x/sys v0.18.0 // indirect + golang.org/x/term v0.18.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.5.0 // indirect golang.org/x/tools v0.18.0 // indirect @@ -263,7 +263,7 @@ require ( google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac // indirect google.golang.org/grpc v1.61.0 // indirect - google.golang.org/protobuf v1.32.0 // indirect + google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/square/go-jose.v2 v2.6.0 // indirect diff --git a/go.sum b/go.sum index e1ee205..9d171d5 100644 --- a/go.sum +++ b/go.sum @@ -285,10 +285,10 @@ github.com/docker/cli v24.0.7+incompatible h1:wa/nIwYFW7BVTGa7SWPVyyXU9lgORqUb1x github.com/docker/cli v24.0.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v25.0.1+incompatible h1:k5TYd5rIVQRSqcTwCID+cyVA0yRg86+Pcrz1ls0/frA= -github.com/docker/docker v25.0.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.8.1 h1:j/eKUktUltBtMzKqmfLB0PAgqYyMHOp5vfsD1807oKo= github.com/docker/docker-credential-helpers v0.8.1/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M= +github.com/docker/docker v25.0.5+incompatible h1:UmQydMduGkrD5nQde1mecF/YnSbTOaPeFIeP5C4W+DE= +github.com/docker/docker v25.0.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c h1:+pKlWGMw7gf6bQ+oDZB4KHQFypsfjYlq/C4rfL7D3g8= @@ -1017,8 +1017,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo= -golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= +golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= +golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1121,8 +1121,8 @@ golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= +golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -1237,12 +1237,12 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y= -golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U= -golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= +golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= +golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1503,8 +1503,8 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= -google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/mainhandler/imageregistryhandler.go b/mainhandler/imageregistryhandler.go index 1baf525..18a240d 100644 --- a/mainhandler/imageregistryhandler.go +++ b/mainhandler/imageregistryhandler.go @@ -163,7 +163,7 @@ func (reg *registryAuth) initDefaultValues(ctx context.Context) error { switch reg.AuthMethod { case string(accessTokenAuth), "", "credentials": if reg.Password == "" || reg.Username == "" { - return errorWithDocumentationRef("auth_method accesstoken requirers username and password") + return errorWithDocumentationRef("auth_method accesstoken requires username and password") } case "public": //do nothing @@ -203,7 +203,7 @@ func (reg *registryAuth) initDefaultValues(ctx context.Context) error { return err } } else { - //try to get the kind from the reg name - if not found it will fallback to default kind + //try to get the kind from the reg name - if not found it will fall back to default kind reg.Kind, _ = regCommon.GetRegistryKind(strings.Split(reg.Registry, "/")[0]) } return err @@ -213,7 +213,7 @@ func (rs *registryScan) filterRepositories(ctx context.Context, repos []string) if len(rs.registryInfo.Include) == 0 && len(rs.registryInfo.Exclude) == 0 { return repos } - filteredRepos := []string{} + var filteredRepos []string for _, repo := range repos { // if rs.registry.projectID != "" { // if !strings.Contains(repo, rs.registry.projectID+"/") { @@ -273,7 +273,7 @@ func (registryScan *registryScan) createTriggerRequestSecret(k8sAPI *k8sinterfac return nil } -func (registryScan *registryScan) createTriggerRequestConfigMap(k8sAPI *k8sinterface.KubernetesApi, name, registryName string, webSocketScanCMD apis.Command) error { +func (registryScan *registryScan) createTriggerRequestConfigMap(k8sAPI *k8sinterface.KubernetesApi, name string) error { configMap := corev1.ConfigMap{} configMap.Name = name if configMap.Labels == nil { @@ -292,7 +292,7 @@ func (registryScan *registryScan) createTriggerRequestConfigMap(k8sAPI *k8sinter } // command will be mounted into cronjob by using this configmap - configMap.Data[requestBodyFile] = string(command) + configMap.Data[requestBodyFile] = command if _, err := k8sAPI.KubernetesClient.CoreV1().ConfigMaps(registryScan.config.Namespace()).Create(context.Background(), &configMap, metav1.CreateOptions{}); err != nil { return err @@ -301,7 +301,7 @@ func (registryScan *registryScan) createTriggerRequestConfigMap(k8sAPI *k8sinter } func (registryScan *registryScan) getImagesForScanning(ctx context.Context, reporter beClientV1.IReportSender) error { - logger.L().Info("getImagesForScanning: enumerating repoes...") + logger.L().Info("getImagesForScanning: enumerating repos...") errChan := make(chan error) repos, err := registryScan.enumerateRepos(ctx) if err != nil { @@ -310,15 +310,9 @@ func (registryScan *registryScan) getImagesForScanning(ctx context.Context, repo } logger.L().Info(fmt.Sprintf("GetImagesForScanning: enumerating repos successfully, found %d repos", len(repos))) - reposToTags := make(chan map[string][]string, len(repos)) for _, repo := range repos { - currentRepo := repo - go registryScan.setImageToTagsMap(ctx, currentRepo, reporter, reposToTags) - } - for i := 0; i < len(repos); i++ { - res := <-reposToTags - for k, v := range res { - registryScan.mapImageToTags[k] = v + if err := registryScan.setImageToTagsMap(ctx, repo, reporter, registryScan.mapImageToTags); err != nil { + logger.L().Ctx(ctx).Error("setImageToTagsMap failed", helpers.String("registry", registryScan.registry.hostname), helpers.Error(err)) } } @@ -338,7 +332,7 @@ func (registryScan *registryScan) getImagesForScanning(ctx context.Context, repo return nil } -func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo string, sender beClientV1.IReportSender, c chan map[string][]string) error { +func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo string, sender beClientV1.IReportSender, imageToTags map[string][]string) error { logger.L().Info(fmt.Sprintf("Fetching repository %s tags", repo)) iRegistry, err := registryScan.makeRegistryInterface() if err != nil { @@ -348,13 +342,13 @@ func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo st firstPage := regCommon.MakePagination(tagsPageSize) latestTagFound := false tagsDepth := registryScan.registryInfo.Depth - tags := []string{} - options := []remote.Option{} + var tags []string + var options []remote.Option if registryScan.isPrivate() { options = append(options, remote.WithAuth(registryScan.registryCredentials())) } if latestTags, err := iRegistry.GetLatestTags(repo, *tagsDepth, options...); err == nil { - tags := []string{} + var tags []string for _, tag := range latestTags { // filter out signature tags if strings.HasSuffix(tag, ".sig") { @@ -367,15 +361,10 @@ func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo st } else { if tagsForDigestLen > *tagsDepth { tags = append(tags, tagsForDigest[:*tagsDepth]...) - errMsg := fmt.Sprintf("image %s has %d tags. scanning only first %d tags - %s", repo, tagsForDigestLen, tagsDepth, strings.Join(tagsForDigest[:*tagsDepth], ",")) + errMsg := fmt.Sprintf("image %s has %d tags. scanning only first %d tags - %s", repo, tagsForDigestLen, *tagsDepth, strings.Join(tagsForDigest[:*tagsDepth], ",")) if sender != nil { - errChan := make(chan error) err := errorWithDocumentationRef(errMsg) sender.SendWarning(err.Error(), registryScan.sendReport, true) - if err := <-errChan; err != nil { - logger.L().Ctx(ctx).Error("GetLatestTags failed to send error report", - helpers.String("registry", registryScan.registry.hostname), helpers.Error(err)) - } } logger.L().Ctx(ctx).Warning("GetImagesForScanning: " + errMsg) } else { @@ -383,9 +372,7 @@ func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo st } } } - c <- map[string][]string{ - registryScan.registry.hostname + "/" + repo: tags, - } + imageToTags[registryScan.registry.hostname+"/"+repo] = tags } else { //fallback to list images lexicographically logger.L().Ctx(ctx).Error("get latestTags failed, fetching lexicographical list of tags", helpers.String("repository", repo), helpers.Error(err)) @@ -407,9 +394,7 @@ func (registryScan *registryScan) setImageToTagsMap(ctx context.Context, repo st break } } - c <- map[string][]string{ - registryScan.registry.hostname + "/" + repo: tags, - } + imageToTags[registryScan.registry.hostname+"/"+repo] = tags } return nil } @@ -514,7 +499,7 @@ func (registryScan *registryScan) getCommandForConfigMap() (string, error) { return string(scanV1Bytes), nil } -func (registryScan *registryScan) setCronJobTemplate(jobTemplateObj *v1.CronJob, name, schedule, jobID, registryName string) error { +func (registryScan *registryScan) setCronJobTemplate(jobTemplateObj *v1.CronJob, name, schedule, registryName string) error { jobTemplateObj.Name = name if schedule == "" { return fmt.Errorf("schedule cannot be empty") @@ -619,7 +604,7 @@ func (registryScan *registryScan) createTriggerRequestCronJob(k8sAPI *k8sinterfa return err } - err = registryScan.setCronJobTemplate(jobTemplateObj, name, getCronTabSchedule(command), command.JobTracking.JobID, registryName) + err = registryScan.setCronJobTemplate(jobTemplateObj, name, getCronTabSchedule(command), registryName) if err != nil { return err } @@ -799,9 +784,9 @@ func (registryScan *registryScan) getRegistryConfig(registryInfo *armotypes.Regi if err != nil { return string(cmDefaultMode), fmt.Errorf("error parsing ConfigMap: %s", err.Error()) } - for _, config := range registriesConfigs { - if config.Registry == registryInfo.RegistryName { - registryScan.setRegistryInfoFromConfigMap(registryInfo, config) + for _, c := range registriesConfigs { + if c.Registry == registryInfo.RegistryName { + registryScan.setRegistryInfoFromConfigMap(registryInfo, c) return string(cmLoadedMode), nil } } @@ -835,7 +820,7 @@ func getRegistryScanSecrets(k8sAPI IWorkloadsGetter, namespace, secretName strin } // when secret name is not provided, we will try to find all secrets starting with kubescape-registry-scan - registryScanSecrets := []k8sinterface.IWorkload{} + var registryScanSecrets []k8sinterface.IWorkload all, err := k8sAPI.ListWorkloads2(namespace, "Secret") if err == nil { for _, secret := range all { diff --git a/mainhandler/imageregistryhandlerhelper.go b/mainhandler/imageregistryhandlerhelper.go index a78c096..1ee2500 100644 --- a/mainhandler/imageregistryhandlerhelper.go +++ b/mainhandler/imageregistryhandlerhelper.go @@ -188,7 +188,7 @@ func (actionHandler *ActionHandler) setRegistryScanCronJob(ctx context.Context, } // create configmap with POST data to trigger websocket - err = registryScan.createTriggerRequestConfigMap(actionHandler.k8sAPI, name, registryScan.registryInfo.RegistryName, sessionObj.Command) + err = registryScan.createTriggerRequestConfigMap(actionHandler.k8sAPI, name) if err != nil { logger.L().Info("In setRegistryScanCronJob: createTriggerRequestConfigMap failed", helpers.Error(err)) sessionObj.Reporter.SetDetails("createTriggerRequestConfigMap") diff --git a/mainhandler/vulnscan.go b/mainhandler/vulnscan.go index 77a88b7..1e8f052 100644 --- a/mainhandler/vulnscan.go +++ b/mainhandler/vulnscan.go @@ -264,7 +264,7 @@ func (actionHandler *ActionHandler) testRegistryConnect(ctx context.Context, reg // check that we can pull tags. One is enough if len(repos) > 0 { - reposToTags := make(chan map[string][]string, 1) + reposToTags := make(map[string][]string) if err := registry.setImageToTagsMap(ctx, repos[0], sessionObj.Reporter, reposToTags); err != nil { sessionObj.Reporter.SetDetails(string(testRegistryRetrieveTagsStatus)) return fmt.Errorf("setImageToTagsMap failed with err %v", err)