From 9353eb5b549d8e5027f0eaafaa41aef16cf55250 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 16 Jan 2026 14:49:43 +0000 Subject: [PATCH 1/3] Initial plan From 872c0c9fab58d95ae5e6c11c142962c1bf7c43ed Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 16 Jan 2026 14:58:58 +0000 Subject: [PATCH 2/3] Fix workload scan to include allcontrols framework Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com> --- cmd/scan/workload.go | 2 +- cmd/scan/workload_test.go | 19 +++++++++++++++---- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/cmd/scan/workload.go b/cmd/scan/workload.go index ae10af3b..1a0f1796 100644 --- a/cmd/scan/workload.go +++ b/cmd/scan/workload.go @@ -95,7 +95,7 @@ func setWorkloadScanInfo(scanInfo *cautils.ScanInfo, kind string, name string) { scanInfo.ScanObject.SetKind(kind) scanInfo.ScanObject.SetName(name) - scanInfo.SetPolicyIdentifiers([]string{"workloadscan"}, v1.KindFramework) + scanInfo.SetPolicyIdentifiers([]string{"workloadscan", "allcontrols"}, v1.KindFramework) if scanInfo.FilePath != "" { scanInfo.InputPatterns = []string{scanInfo.FilePath} diff --git a/cmd/scan/workload_test.go b/cmd/scan/workload_test.go index 44809c26..0e25b5c3 100644 --- a/cmd/scan/workload_test.go +++ b/cmd/scan/workload_test.go @@ -28,6 +28,10 @@ func TestSetWorkloadScanInfo(t *testing.T) { Identifier: "workloadscan", Kind: v1.KindFramework, }, + { + Identifier: "allcontrols", + Kind: v1.KindFramework, + }, }, ScanType: cautils.ScanTypeWorkload, ScanObject: &objectsenvelopes.ScanObject{ @@ -59,12 +63,19 @@ func TestSetWorkloadScanInfo(t *testing.T) { t.Errorf("got: %v, want: %v", scanInfo.ScanObject.Metadata.Name, tc.want.ScanObject.Metadata.Name) } - if len(scanInfo.PolicyIdentifier) != 1 { - t.Errorf("got: %v, want: %v", len(scanInfo.PolicyIdentifier), 1) + if len(scanInfo.PolicyIdentifier) != len(tc.want.PolicyIdentifier) { + t.Errorf("got: %v policy identifiers, want: %v", len(scanInfo.PolicyIdentifier), len(tc.want.PolicyIdentifier)) } - if scanInfo.PolicyIdentifier[0].Identifier != tc.want.PolicyIdentifier[0].Identifier { - t.Errorf("got: %v, want: %v", scanInfo.PolicyIdentifier[0].Identifier, tc.want.PolicyIdentifier[0].Identifier) + for i, wantPolicy := range tc.want.PolicyIdentifier { + if i < len(scanInfo.PolicyIdentifier) { + if scanInfo.PolicyIdentifier[i].Identifier != wantPolicy.Identifier { + t.Errorf("got: %v, want: %v", scanInfo.PolicyIdentifier[i].Identifier, wantPolicy.Identifier) + } + if scanInfo.PolicyIdentifier[i].Kind != wantPolicy.Kind { + t.Errorf("got: %v, want: %v", scanInfo.PolicyIdentifier[i].Kind, wantPolicy.Kind) + } + } } }, ) From 7ca609d39f6e448617b4c674e3eabd3d7ea190bc Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 16 Jan 2026 15:03:01 +0000 Subject: [PATCH 3/3] Complete fix for workload scan missing controls Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com> --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 9f237551..f5ab8915 100644 --- a/go.mod +++ b/go.mod @@ -56,7 +56,6 @@ require ( go.opentelemetry.io/otel v1.39.0 go.opentelemetry.io/otel/metric v1.39.0 golang.org/x/mod v0.31.0 - golang.org/x/sync v0.19.0 golang.org/x/term v0.38.0 gopkg.in/op/go-logging.v1 v1.0.0-20160211212156-b2cb9fa56473 gopkg.in/yaml.v3 v3.0.1 @@ -557,6 +556,7 @@ require ( golang.org/x/image v0.25.0 // indirect golang.org/x/net v0.48.0 // indirect golang.org/x/oauth2 v0.34.0 // indirect + golang.org/x/sync v0.19.0 // indirect golang.org/x/sys v0.39.0 // indirect golang.org/x/text v0.32.0 // indirect golang.org/x/time v0.14.0 // indirect