fix buildnumber test

Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>

.github/workflows/00-pr-scanner.yaml

@@ -66,7 +66,7 @@ jobs:
       COMPONENT_NAME: kubescape
       CGO_ENABLED: 0
       GO111MODULE: ""
-      GO_VERSION: "1.23"
+      GO_VERSION: "1.24"
       RELEASE: "latest"
       CLIENT: test
     secrets: inherit

.github/workflows/02-release.yaml

@@ -38,7 +38,7 @@ jobs:
       COMPONENT_NAME: kubescape
       CGO_ENABLED: 0
       GO111MODULE: ""
-      GO_VERSION: "1.23"
+      GO_VERSION: "1.24"
       RELEASE: ${{ needs.retag.outputs.NEW_TAG }}
       CLIENT: release
     secrets: inherit

.github/workflows/a-pr-scanner.yaml

@@ -92,7 +92,7 @@ jobs:
       - uses: actions/setup-go@v4
         name: Installing go
         with:
-          go-version: "1.23"
+          go-version: "1.24"
       - name: Scanning - Forbidden Licenses (go-licenses)
         id: licenses-scan
         continue-on-error: true

.github/workflows/b-binary-build-and-e2e-tests.yaml

@@ -18,7 +18,7 @@ on:
       GO_VERSION:
         required: false
         type: string
-        default: "1.23"
+        default: "1.24"
       GO111MODULE:
         required: false
         type: string
@@ -70,7 +70,7 @@ on:
         type: string
       GO_VERSION:
         type: string
-        default: "1.23"
+        default: "1.24"
       GO111MODULE:
         required: true
         type: string
@@ -248,7 +248,7 @@ jobs:
       CGO_ENABLED: 0
       GO111MODULE: "on"
       BUILD_PLATFORM: linux/amd64,linux/arm64
-      GO_VERSION: "1.23"
+      GO_VERSION: "1.24"
       REQUIRED_TESTS: '[
                 "ks_microservice_create_2_cronjob_mitre_and_nsa_proxy", 
                 "ks_microservice_triggering_with_cron_job",

.github/workflows/build-image.yaml

@@ -33,7 +33,7 @@ jobs:
       CGO_ENABLED: 0
       GO111MODULE: "on"
       BUILD_PLATFORM: ${{ inputs.PLATFORMS && 'linux/amd64,linux/arm64' || 'linux/amd64' }}
-      GO_VERSION: "1.23"
+      GO_VERSION: "1.24"
       REQUIRED_TESTS: '[]'
       COSIGN: ${{ inputs.CO_SIGN }}
       HELM_E2E_TEST: false

build/Dockerfile

@@ -1,4 +1,4 @@
-FROM --platform=$BUILDPLATFORM golang:1.23-bookworm AS builder
+FROM --platform=$BUILDPLATFORM golang:1.24-bookworm AS builder
 
 ENV GO111MODULE=on CGO_ENABLED=0
 WORKDIR /work

cmd/scan/control.go

@@ -99,7 +99,7 @@ func getControlCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comman
 			if err != nil {
 				logger.L().Fatal(err.Error())
 			}
-			if err := results.HandleResults(ks.Context()); err != nil {
+			if err := results.HandleResults(ks.Context(), scanInfo); err != nil {
 				logger.L().Fatal(err.Error())
 			}
 			if !scanInfo.VerboseMode {

cmd/scan/framework.go

@@ -117,7 +117,7 @@ func getFrameworkCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comm
 				logger.L().Fatal(err.Error())
 			}
 
-			if err = results.HandleResults(ks.Context()); err != nil {
+			if err = results.HandleResults(ks.Context(), scanInfo); err != nil {
 				logger.L().Fatal(err.Error())
 			}
 

cmd/scan/scan.go

@@ -139,7 +139,7 @@ func securityScan(scanInfo cautils.ScanInfo, ks meta.IKubescape) error {
 		return err
 	}
 
-	if err = results.HandleResults(ks.Context()); err != nil {
+	if err = results.HandleResults(ks.Context(), &scanInfo); err != nil {
 		return err
 	}
 

cmd/scan/workload.go

@@ -70,7 +70,7 @@ func getWorkloadCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comma
 				logger.L().Fatal(err.Error())
 			}
 
-			if err = results.HandleResults(ks.Context()); err != nil {
+			if err = results.HandleResults(ks.Context(), scanInfo); err != nil {
 				logger.L().Fatal(err.Error())
 			}
 

cmd/version/version.go

@@ -16,14 +16,11 @@ func GetVersionCmd(ks meta.IKubescape) *cobra.Command {
 		Long:  ``,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			v := versioncheck.NewIVersionCheckHandler(ks.Context())
-			versionCheckRequest := versioncheck.NewVersionCheckRequest("", versioncheck.BuildNumber, "", "", "version", nil)
-			if err := v.CheckLatestVersion(ks.Context(), versionCheckRequest); err != nil {
-				return err
-			}
+			_ = v.CheckLatestVersion(ks.Context(), versioncheck.NewVersionCheckRequest("", versioncheck.BuildNumber, "", "", "version", nil))
 
-			fmt.Fprintf(cmd.OutOrStdout(),
+			_, _ = fmt.Fprintf(cmd.OutOrStdout(),
 				"Your current version is: %s\n",
-				versionCheckRequest.ClientVersion,
+				versioncheck.BuildNumber,
 			)
 			return nil
 		},

cmd/version/version_test.go

@@ -20,7 +20,7 @@ func TestGetVersionCmd(t *testing.T) {
 	}{
 		{
 			name:        "Undefined Build Number",
-			buildNumber: "",
+			buildNumber: "unknown",
 			want:        "Your current version is: unknown\n",
 		},
 		{

core/core/image_scan.go

@@ -165,7 +165,12 @@ func (ks *Kubescape) ScanImage(imgScanInfo *ksmetav1.ImageScanInfo, scanInfo *ca
 	logger.L().Start(fmt.Sprintf("Scanning image %s...", imgScanInfo.Image))
 
 	dbCfg, _ := imagescan.NewDefaultDBConfig()
-	svc := imagescan.NewScanService(dbCfg)
+	svc, err := imagescan.NewScanService(dbCfg)
+	if err != nil {
+		logger.L().StopError(fmt.Sprintf("Failed to initialize image scanner: %s", err))
+		return nil, err
+	}
+	defer svc.Close()
 
 	creds := imagescan.RegistryCredentials{
 		Username: imgScanInfo.Username,
@@ -207,5 +212,5 @@ func (ks *Kubescape) ScanImage(imgScanInfo *ksmetav1.ImageScanInfo, scanInfo *ca
 		},
 	}
 
-	return scanResults, resultsHandler.HandleResults(ks.Context())
+	return scanResults, resultsHandler.HandleResults(ks.Context(), scanInfo)
 }

core/core/patch.go

@@ -31,7 +31,12 @@ func (ks *Kubescape) Patch(patchInfo *ksmetav1.PatchInfo, scanInfo *cautils.Scan
 
 	// Setup the scan service
 	dbCfg, _ := imagescan.NewDefaultDBConfig()
-	svc := imagescan.NewScanService(dbCfg)
+	svc, err := imagescan.NewScanService(dbCfg)
+	if err != nil {
+		logger.L().StopError(fmt.Sprintf("Failed to initialize image scanner: %s", err))
+		return nil, err
+	}
+	defer svc.Close()
 	creds := imagescan.RegistryCredentials{
 		Username: patchInfo.Username,
 		Password: patchInfo.Password,
@@ -106,7 +111,7 @@ func (ks *Kubescape) Patch(patchInfo *ksmetav1.PatchInfo, scanInfo *cautils.Scan
 		},
 	}
 
-	return scanResultsPatched, resultsHandler.HandleResults(ks.Context())
+	return scanResultsPatched, resultsHandler.HandleResults(ks.Context(), scanInfo)
 }
 
 func disableCopaLogger() {

core/core/scan.go

@@ -244,7 +244,12 @@ func scanImages(scanType cautils.ScanTypes, scanData *cautils.OPASessionObj, ctx
 	}
 
 	dbCfg, _ := imagescan.NewDefaultDBConfig()
-	svc := imagescan.NewScanService(dbCfg)
+	svc, err := imagescan.NewScanService(dbCfg)
+	if err != nil {
+		logger.L().StopError(fmt.Sprintf("Failed to initialize image scanner: %s", err))
+		return
+	}
+	defer svc.Close()
 
 	for _, img := range imagesToScan {
 		logger.L().Start("Scanning", helpers.String("image", img))
@@ -255,7 +260,7 @@ func scanImages(scanType cautils.ScanTypes, scanData *cautils.OPASessionObj, ctx
 	}
 }
 
-func scanSingleImage(ctx context.Context, img string, svc imagescan.Service, resultsHandling *resultshandling.ResultsHandler) error {
+func scanSingleImage(ctx context.Context, img string, svc *imagescan.Service, resultsHandling *resultshandling.ResultsHandler) error {
 
 	scanResults, err := svc.Scan(ctx, img, imagescan.RegistryCredentials{}, nil, nil)
 	if err != nil {

core/pkg/resourcehandler/k8sresources.go

@@ -478,8 +478,15 @@ func (k8sHandler *K8sResourceHandler) setCloudProvider() error {
 // NoSchedule taint with empty value is usually applied to controlplane
 func isMasterNodeTaints(taints []v1.Taint) bool {
 	for _, taint := range taints {
-		if taint.Effect == v1.TaintEffectNoSchedule && taint.Value == "" {
-			return true
+		if taint.Effect == v1.TaintEffectNoSchedule {
+			// NoSchedule taint with empty value is usually applied to controlplane
+			if taint.Value == "" {
+				return true
+			}
+
+			if taint.Key == "node-role.kubernetes.io/control-plane" && taint.Value == "true" {
+				return true
+			}
 		}
 	}
 	return false

core/pkg/resourcehandler/k8sresources_test.go

@@ -14,264 +14,264 @@ import (
 )
 
 func TestIsMasterNodeTaints(t *testing.T) {
-	noTaintNode := `
-{
-"apiVersion": "v1",
-"kind": "Node",
-"metadata": {
-	"annotations": {
-		"kubeadm.alpha.kubernetes.io/cri-socket": "/var/run/dockershim.sock",
-		"node.alpha.kubernetes.io/ttl": "0",
-		"volumes.kubernetes.io/controller-managed-attach-detach": "true"
-	},
-	"creationTimestamp": "2022-05-16T10:52:32Z",
-	"labels": {
-		"beta.kubernetes.io/arch": "amd64",
-		"beta.kubernetes.io/os": "linux",
-		"kubernetes.io/arch": "amd64",
-		"kubernetes.io/hostname": "danielg-minikube",
-		"kubernetes.io/os": "linux",
-		"minikube.k8s.io/commit": "3e64b11ed75e56e4898ea85f96b2e4af0301f43d",
-		"minikube.k8s.io/name": "danielg-minikube",
-		"minikube.k8s.io/updated_at": "2022_05_16T13_52_35_0700",
-		"minikube.k8s.io/version": "v1.25.1",
-		"node-role.kubernetes.io/control-plane": "",
-		"node-role.kubernetes.io/master": "",
-		"node.kubernetes.io/exclude-from-external-load-balancers": ""
-	},
-	"name": "danielg-minikube",
-	"resourceVersion": "9432",
-	"uid": "fc4afcb6-4ca4-4038-ba54-5e16065a614a"
-},
-"spec": {
-	"podCIDR": "10.244.0.0/24",
-	"podCIDRs": [
-		"10.244.0.0/24"
-	]
-},
-"status": {
-	"addresses": [
+	noTaintNodeJson := `
 		{
-			"address": "192.168.49.2",
-			"type": "InternalIP"
+		"apiVersion": "v1",
+		"kind": "Node",
+		"metadata": {
+			"annotations": {
+				"kubeadm.alpha.kubernetes.io/cri-socket": "/var/run/dockershim.sock",
+				"node.alpha.kubernetes.io/ttl": "0",
+				"volumes.kubernetes.io/controller-managed-attach-detach": "true"
+			},
+			"creationTimestamp": "2022-05-16T10:52:32Z",
+			"labels": {
+				"beta.kubernetes.io/arch": "amd64",
+				"beta.kubernetes.io/os": "linux",
+				"kubernetes.io/arch": "amd64",
+				"kubernetes.io/hostname": "danielg-minikube",
+				"kubernetes.io/os": "linux",
+				"minikube.k8s.io/commit": "3e64b11ed75e56e4898ea85f96b2e4af0301f43d",
+				"minikube.k8s.io/name": "danielg-minikube",
+				"minikube.k8s.io/updated_at": "2022_05_16T13_52_35_0700",
+				"minikube.k8s.io/version": "v1.25.1",
+				"node-role.kubernetes.io/control-plane": "",
+				"node-role.kubernetes.io/master": "",
+				"node.kubernetes.io/exclude-from-external-load-balancers": ""
+			},
+			"name": "danielg-minikube",
+			"resourceVersion": "9432",
+			"uid": "fc4afcb6-4ca4-4038-ba54-5e16065a614a"
 		},
-		{
-			"address": "danielg-minikube",
-			"type": "Hostname"
+		"spec": {
+			"podCIDR": "10.244.0.0/24",
+			"podCIDRs": [
+				"10.244.0.0/24"
+			]
+		},
+		"status": {
+			"addresses": [
+				{
+					"address": "192.168.49.2",
+					"type": "InternalIP"
+				},
+				{
+					"address": "danielg-minikube",
+					"type": "Hostname"
+				}
+			],
+			"allocatable": {
+				"cpu": "4",
+				"ephemeral-storage": "94850516Ki",
+				"hugepages-2Mi": "0",
+				"memory": "10432976Ki",
+				"pods": "110"
+			},
+			"capacity": {
+				"cpu": "4",
+				"ephemeral-storage": "94850516Ki",
+				"hugepages-2Mi": "0",
+				"memory": "10432976Ki",
+				"pods": "110"
+			},
+			"conditions": [
+				{
+					"lastHeartbeatTime": "2022-05-16T14:14:31Z",
+					"lastTransitionTime": "2022-05-16T10:52:29Z",
+					"message": "kubelet has sufficient memory available",
+					"reason": "KubeletHasSufficientMemory",
+					"status": "False",
+					"type": "MemoryPressure"
+				},
+				{
+					"lastHeartbeatTime": "2022-05-16T14:14:31Z",
+					"lastTransitionTime": "2022-05-16T10:52:29Z",
+					"message": "kubelet has no disk pressure",
+					"reason": "KubeletHasNoDiskPressure",
+					"status": "False",
+					"type": "DiskPressure"
+				},
+				{
+					"lastHeartbeatTime": "2022-05-16T14:14:31Z",
+					"lastTransitionTime": "2022-05-16T10:52:29Z",
+					"message": "kubelet has sufficient PID available",
+					"reason": "KubeletHasSufficientPID",
+					"status": "False",
+					"type": "PIDPressure"
+				},
+				{
+					"lastHeartbeatTime": "2022-05-16T14:14:31Z",
+					"lastTransitionTime": "2022-05-16T10:52:45Z",
+					"message": "kubelet is posting ready status",
+					"reason": "KubeletReady",
+					"status": "True",
+					"type": "Ready"
+				}
+			],
+			"daemonEndpoints": {
+				"kubeletEndpoint": {
+					"Port": 10250
+				}
+			},
+			"images": [
+				{
+					"names": [
+						"requarks/wiki@sha256:dd83fff15e77843ff934b25c28c865ac000edf7653e5d11adad1dd51df87439d"
+					],
+					"sizeBytes": 441083858
+				},
+				{
+					"names": [
+						"mariadb@sha256:821d0411208eaa88f9e1f0daccd1d534f88d19baf724eb9a2777cbedb10b6c66"
+					],
+					"sizeBytes": 400782682
+				},
+				{
+					"names": [
+						"k8s.gcr.io/etcd@sha256:64b9ea357325d5db9f8a723dcf503b5a449177b17ac87d69481e126bb724c263",
+						"k8s.gcr.io/etcd:3.5.1-0"
+					],
+					"sizeBytes": 292558922
+				},
+				{
+					"names": [
+						"kubernetesui/dashboard@sha256:ec27f462cf1946220f5a9ace416a84a57c18f98c777876a8054405d1428cc92e",
+						"kubernetesui/dashboard:v2.3.1"
+					],
+					"sizeBytes": 220033604
+				},
+				{
+					"names": [
+						"k8s.gcr.io/kube-apiserver@sha256:f54681a71cce62cbc1b13ebb3dbf1d880f849112789811f98b6aebd2caa2f255",
+						"k8s.gcr.io/kube-apiserver:v1.23.1"
+					],
+					"sizeBytes": 135162256
+				},
+				{
+					"names": [
+						"k8s.gcr.io/kube-controller-manager@sha256:a7ed87380108a2d811f0d392a3fe87546c85bc366e0d1e024dfa74eb14468604",
+						"k8s.gcr.io/kube-controller-manager:v1.23.1"
+					],
+					"sizeBytes": 124971684
+				},
+				{
+					"names": [
+						"k8s.gcr.io/kube-proxy@sha256:e40f3a28721588affcf187f3f246d1e078157dabe274003eaa2957a83f7170c8",
+						"k8s.gcr.io/kube-proxy:v1.23.1"
+					],
+					"sizeBytes": 112327826
+				},
+				{
+					"names": [
+						"quay.io/kubescape/kubescape@sha256:6196f766be50d94b45d903a911f5ee95ac99bc392a1324c3e063bec41efd98ba",
+						"quay.io/kubescape/kubescape:v2.0.153"
+					],
+					"sizeBytes": 110345054
+				},
+				{
+					"names": [
+						"nginx@sha256:f7988fb6c02e0ce69257d9bd9cf37ae20a60f1df7563c3a2a6abe24160306b8d"
+					],
+					"sizeBytes": 109129446
+				},
+				{
+					"names": [
+						"quay.io/armosec/action-trigger@sha256:b93707d10ff86aac8dfa42ad37192d6bcf9aceeb4321b21756e438389c26e07c",
+						"quay.io/armosec/action-trigger:v0.0.5"
+					],
+					"sizeBytes": 65127067
+				},
+				{
+					"names": [
+						"quay.io/armosec/images-vulnerabilities-scan@sha256:a5f9ddc04a7fdce6d52ef85a21f0de567d8e04d418c2bc5bf5d72b151c997625",
+						"quay.io/armosec/images-vulnerabilities-scan:v0.0.7"
+					],
+					"sizeBytes": 61446712
+				},
+				{
+					"names": [
+						"quay.io/armosec/images-vulnerabilities-scan@sha256:2f879858da89f6542e3223fb18d6d793810cc2ad6e398b66776475e4218b6af5",
+						"quay.io/armosec/images-vulnerabilities-scan:v0.0.8"
+					],
+					"sizeBytes": 61446528
+				},
+				{
+					"names": [
+						"quay.io/armosec/cluster-collector@sha256:2c4f733d09f7f4090ace04585230bdfacbbc29a3ade38a2e1233d2c0f730d9b6",
+						"quay.io/armosec/cluster-collector:v0.0.9"
+					],
+					"sizeBytes": 53699576
+				},
+				{
+					"names": [
+						"k8s.gcr.io/kube-scheduler@sha256:8be4eb1593cf9ff2d91b44596633b7815a3753696031a1eb4273d1b39427fa8c",
+						"k8s.gcr.io/kube-scheduler:v1.23.1"
+					],
+					"sizeBytes": 53488305
+				},
+				{
+					"names": [
+						"k8s.gcr.io/coredns/coredns@sha256:5b6ec0d6de9baaf3e92d0f66cd96a25b9edbce8716f5f15dcd1a616b3abd590e",
+						"k8s.gcr.io/coredns/coredns:v1.8.6"
+					],
+					"sizeBytes": 46829283
+				},
+				{
+					"names": [
+						"kubernetesui/metrics-scraper@sha256:36d5b3f60e1a144cc5ada820910535074bdf5cf73fb70d1ff1681537eef4e172",
+						"kubernetesui/metrics-scraper:v1.0.7"
+					],
+					"sizeBytes": 34446077
+				},
+				{
+					"names": [
+						"gcr.io/k8s-minikube/storage-provisioner@sha256:18eb69d1418e854ad5a19e399310e52808a8321e4c441c1dddad8977a0d7a944",
+						"gcr.io/k8s-minikube/storage-provisioner:v5"
+					],
+					"sizeBytes": 31465472
+				},
+				{
+					"names": [
+						"quay.io/armosec/notification-server@sha256:b6e9b296cd53bd3b2b42c516d8ab43db998acff1124a57aff8d66b3dd7881979",
+						"quay.io/armosec/notification-server:v0.0.3"
+					],
+					"sizeBytes": 20209940
+				},
+				{
+					"names": [
+						"quay.io/kubescape/host-scanner@sha256:82139d2561039726be060df2878ef023c59df7c536fbd7f6d766af5a99569fee",
+						"quay.io/kubescape/host-scanner:latest"
+					],
+					"sizeBytes": 11796788
+				},
+				{
+					"names": [
+						"k8s.gcr.io/pause@sha256:3d380ca8864549e74af4b29c10f9cb0956236dfb01c40ca076fb6c37253234db",
+						"k8s.gcr.io/pause:3.6"
+					],
+					"sizeBytes": 682696
+				}
+			],
+			"nodeInfo": {
+				"architecture": "amd64",
+				"bootID": "828cbe73-120b-43cf-aae0-9e2d15b8c873",
+				"containerRuntimeVersion": "docker://20.10.12",
+				"kernelVersion": "5.13.0-40-generic",
+				"kubeProxyVersion": "v1.23.1",
+				"kubeletVersion": "v1.23.1",
+				"machineID": "8de776e053e140d6a14c2d2def3d6bb8",
+				"operatingSystem": "linux",
+				"osImage": "Ubuntu 20.04.2 LTS",
+				"systemUUID": "da12dc19-10bf-4033-a440-2d9aa33d6fe3"
+			}
 		}
-	],
-	"allocatable": {
-		"cpu": "4",
-		"ephemeral-storage": "94850516Ki",
-		"hugepages-2Mi": "0",
-		"memory": "10432976Ki",
-		"pods": "110"
-	},
-	"capacity": {
-		"cpu": "4",
-		"ephemeral-storage": "94850516Ki",
-		"hugepages-2Mi": "0",
-		"memory": "10432976Ki",
-		"pods": "110"
-	},
-	"conditions": [
-		{
-			"lastHeartbeatTime": "2022-05-16T14:14:31Z",
-			"lastTransitionTime": "2022-05-16T10:52:29Z",
-			"message": "kubelet has sufficient memory available",
-			"reason": "KubeletHasSufficientMemory",
-			"status": "False",
-			"type": "MemoryPressure"
-		},
-		{
-			"lastHeartbeatTime": "2022-05-16T14:14:31Z",
-			"lastTransitionTime": "2022-05-16T10:52:29Z",
-			"message": "kubelet has no disk pressure",
-			"reason": "KubeletHasNoDiskPressure",
-			"status": "False",
-			"type": "DiskPressure"
-		},
-		{
-			"lastHeartbeatTime": "2022-05-16T14:14:31Z",
-			"lastTransitionTime": "2022-05-16T10:52:29Z",
-			"message": "kubelet has sufficient PID available",
-			"reason": "KubeletHasSufficientPID",
-			"status": "False",
-			"type": "PIDPressure"
-		},
-		{
-			"lastHeartbeatTime": "2022-05-16T14:14:31Z",
-			"lastTransitionTime": "2022-05-16T10:52:45Z",
-			"message": "kubelet is posting ready status",
-			"reason": "KubeletReady",
-			"status": "True",
-			"type": "Ready"
 		}
-	],
-	"daemonEndpoints": {
-		"kubeletEndpoint": {
-			"Port": 10250
-		}
-	},
-	"images": [
-		{
-			"names": [
-				"requarks/wiki@sha256:dd83fff15e77843ff934b25c28c865ac000edf7653e5d11adad1dd51df87439d"
-			],
-			"sizeBytes": 441083858
-		},
-		{
-			"names": [
-				"mariadb@sha256:821d0411208eaa88f9e1f0daccd1d534f88d19baf724eb9a2777cbedb10b6c66"
-			],
-			"sizeBytes": 400782682
-		},
-		{
-			"names": [
-				"k8s.gcr.io/etcd@sha256:64b9ea357325d5db9f8a723dcf503b5a449177b17ac87d69481e126bb724c263",
-				"k8s.gcr.io/etcd:3.5.1-0"
-			],
-			"sizeBytes": 292558922
-		},
-		{
-			"names": [
-				"kubernetesui/dashboard@sha256:ec27f462cf1946220f5a9ace416a84a57c18f98c777876a8054405d1428cc92e",
-				"kubernetesui/dashboard:v2.3.1"
-			],
-			"sizeBytes": 220033604
-		},
-		{
-			"names": [
-				"k8s.gcr.io/kube-apiserver@sha256:f54681a71cce62cbc1b13ebb3dbf1d880f849112789811f98b6aebd2caa2f255",
-				"k8s.gcr.io/kube-apiserver:v1.23.1"
-			],
-			"sizeBytes": 135162256
-		},
-		{
-			"names": [
-				"k8s.gcr.io/kube-controller-manager@sha256:a7ed87380108a2d811f0d392a3fe87546c85bc366e0d1e024dfa74eb14468604",
-				"k8s.gcr.io/kube-controller-manager:v1.23.1"
-			],
-			"sizeBytes": 124971684
-		},
-		{
-			"names": [
-				"k8s.gcr.io/kube-proxy@sha256:e40f3a28721588affcf187f3f246d1e078157dabe274003eaa2957a83f7170c8",
-				"k8s.gcr.io/kube-proxy:v1.23.1"
-			],
-			"sizeBytes": 112327826
-		},
-		{
-			"names": [
-				"quay.io/kubescape/kubescape@sha256:6196f766be50d94b45d903a911f5ee95ac99bc392a1324c3e063bec41efd98ba",
-				"quay.io/kubescape/kubescape:v2.0.153"
-			],
-			"sizeBytes": 110345054
-		},
-		{
-			"names": [
-				"nginx@sha256:f7988fb6c02e0ce69257d9bd9cf37ae20a60f1df7563c3a2a6abe24160306b8d"
-			],
-			"sizeBytes": 109129446
-		},
-		{
-			"names": [
-				"quay.io/armosec/action-trigger@sha256:b93707d10ff86aac8dfa42ad37192d6bcf9aceeb4321b21756e438389c26e07c",
-				"quay.io/armosec/action-trigger:v0.0.5"
-			],
-			"sizeBytes": 65127067
-		},
-		{
-			"names": [
-				"quay.io/armosec/images-vulnerabilities-scan@sha256:a5f9ddc04a7fdce6d52ef85a21f0de567d8e04d418c2bc5bf5d72b151c997625",
-				"quay.io/armosec/images-vulnerabilities-scan:v0.0.7"
-			],
-			"sizeBytes": 61446712
-		},
-		{
-			"names": [
-				"quay.io/armosec/images-vulnerabilities-scan@sha256:2f879858da89f6542e3223fb18d6d793810cc2ad6e398b66776475e4218b6af5",
-				"quay.io/armosec/images-vulnerabilities-scan:v0.0.8"
-			],
-			"sizeBytes": 61446528
-		},
-		{
-			"names": [
-				"quay.io/armosec/cluster-collector@sha256:2c4f733d09f7f4090ace04585230bdfacbbc29a3ade38a2e1233d2c0f730d9b6",
-				"quay.io/armosec/cluster-collector:v0.0.9"
-			],
-			"sizeBytes": 53699576
-		},
-		{
-			"names": [
-				"k8s.gcr.io/kube-scheduler@sha256:8be4eb1593cf9ff2d91b44596633b7815a3753696031a1eb4273d1b39427fa8c",
-				"k8s.gcr.io/kube-scheduler:v1.23.1"
-			],
-			"sizeBytes": 53488305
-		},
-		{
-			"names": [
-				"k8s.gcr.io/coredns/coredns@sha256:5b6ec0d6de9baaf3e92d0f66cd96a25b9edbce8716f5f15dcd1a616b3abd590e",
-				"k8s.gcr.io/coredns/coredns:v1.8.6"
-			],
-			"sizeBytes": 46829283
-		},
-		{
-			"names": [
-				"kubernetesui/metrics-scraper@sha256:36d5b3f60e1a144cc5ada820910535074bdf5cf73fb70d1ff1681537eef4e172",
-				"kubernetesui/metrics-scraper:v1.0.7"
-			],
-			"sizeBytes": 34446077
-		},
-		{
-			"names": [
-				"gcr.io/k8s-minikube/storage-provisioner@sha256:18eb69d1418e854ad5a19e399310e52808a8321e4c441c1dddad8977a0d7a944",
-				"gcr.io/k8s-minikube/storage-provisioner:v5"
-			],
-			"sizeBytes": 31465472
-		},
-		{
-			"names": [
-				"quay.io/armosec/notification-server@sha256:b6e9b296cd53bd3b2b42c516d8ab43db998acff1124a57aff8d66b3dd7881979",
-				"quay.io/armosec/notification-server:v0.0.3"
-			],
-			"sizeBytes": 20209940
-		},
-		{
-			"names": [
-				"quay.io/kubescape/host-scanner@sha256:82139d2561039726be060df2878ef023c59df7c536fbd7f6d766af5a99569fee",
-				"quay.io/kubescape/host-scanner:latest"
-			],
-			"sizeBytes": 11796788
-		},
-		{
-			"names": [
-				"k8s.gcr.io/pause@sha256:3d380ca8864549e74af4b29c10f9cb0956236dfb01c40ca076fb6c37253234db",
-				"k8s.gcr.io/pause:3.6"
-			],
-			"sizeBytes": 682696
-		}
-	],
-	"nodeInfo": {
-		"architecture": "amd64",
-		"bootID": "828cbe73-120b-43cf-aae0-9e2d15b8c873",
-		"containerRuntimeVersion": "docker://20.10.12",
-		"kernelVersion": "5.13.0-40-generic",
-		"kubeProxyVersion": "v1.23.1",
-		"kubeletVersion": "v1.23.1",
-		"machineID": "8de776e053e140d6a14c2d2def3d6bb8",
-		"operatingSystem": "linux",
-		"osImage": "Ubuntu 20.04.2 LTS",
-		"systemUUID": "da12dc19-10bf-4033-a440-2d9aa33d6fe3"
-	}
-}
-}
-`
-	var l v1.Node
-	_ = json.Unmarshal([]byte(noTaintNode), &l)
-	assert.False(t, isMasterNodeTaints(l.Spec.Taints))
+		`
+	var noTaintNode v1.Node
+	_ = json.Unmarshal([]byte(noTaintNodeJson), &noTaintNode)
+	assert.False(t, isMasterNodeTaints(noTaintNode.Spec.Taints))
 
-	taintNode :=
+	taintNodeJson :=
 		`
 	{
     "apiVersion": "v1",
@@ -532,8 +532,60 @@ func TestIsMasterNodeTaints(t *testing.T) {
     }
 }
 `
-	_ = json.Unmarshal([]byte(taintNode), &l)
-	assert.True(t, isMasterNodeTaints(l.Spec.Taints))
+	var taintNode v1.Node
+	_ = json.Unmarshal([]byte(taintNodeJson), &taintNode)
+	assert.True(t, isMasterNodeTaints(taintNode.Spec.Taints))
+
+	taintNodeJson1 :=
+		`
+			{
+			"apiVersion": "v1",
+			"kind": "Node",
+			"metadata": {
+				"annotations": {
+					"kubeadm.alpha.kubernetes.io/cri-socket": "/var/run/dockershim.sock",
+					"node.alpha.kubernetes.io/ttl": "0",
+					"volumes.kubernetes.io/controller-managed-attach-detach": "true"
+				},
+				"creationTimestamp": "2022-05-16T10:52:32Z",
+				"labels": {
+					"beta.kubernetes.io/arch": "amd64",
+					"beta.kubernetes.io/os": "linux",
+					"kubernetes.io/arch": "amd64",
+					"kubernetes.io/hostname": "danielg-minikube",
+					"kubernetes.io/os": "linux",
+					"minikube.k8s.io/commit": "3e64b11ed75e56e4898ea85f96b2e4af0301f43d",
+					"minikube.k8s.io/name": "danielg-minikube",
+					"minikube.k8s.io/updated_at": "2022_05_16T13_52_35_0700",
+					"minikube.k8s.io/version": "v1.25.1",
+					"node-role.kubernetes.io/control-plane": "",
+					"node-role.kubernetes.io/master": "",
+					"node.kubernetes.io/exclude-from-external-load-balancers": ""
+				},
+				"name": "danielg-minikube",
+				"resourceVersion": "9871",
+				"uid": "fc4afcb6-4ca4-4038-ba54-5e16065a614a"
+			},
+			"spec": {
+				"podCIDR": "10.244.0.0/24",
+				"podCIDRs": [
+					"10.244.0.0/24"
+				],
+				"taints": [
+					{
+						"effect": "NoSchedule",
+						"key": "node-role.kubernetes.io/control-plane",
+						"value": "true"
+					}
+				]
+			},
+			"status": {}
+		}
+		`
+
+	var taintNode1 v1.Node
+	_ = json.Unmarshal([]byte(taintNodeJson1), &taintNode1)
+	assert.True(t, isMasterNodeTaints(taintNode1.Spec.Taints))
 }
 
 func TestSetMapNamespaceToNumOfResources(t *testing.T) {

core/pkg/resultshandling/results.go

@@ -75,7 +75,7 @@ func (rh *ResultsHandler) GetResults() *reporthandlingv2.PostureReport {
 }
 
 // HandleResults handles all necessary actions for the scan results
-func (rh *ResultsHandler) HandleResults(ctx context.Context) error {
+func (rh *ResultsHandler) HandleResults(ctx context.Context, scanInfo *cautils.ScanInfo) error {
 	// Display scan results in the UI first to give immediate value.
 
 	rh.UiPrinter.ActionPrint(ctx, rh.ScanData, rh.ImageScanData)
@@ -92,7 +92,7 @@ func (rh *ResultsHandler) HandleResults(ctx context.Context) error {
 
 	// We should submit only after printing results, so a user can see
 	// results at all times, even if submission fails
-	if rh.ReporterObj != nil {
+	if rh.ReporterObj != nil && scanInfo.Submit {
 		if err := rh.ReporterObj.Submit(ctx, rh.ScanData); err != nil {
 			return err
 		}

core/pkg/resultshandling/results_test.go

@@ -50,7 +50,7 @@ func TestResultsHandlerHandleResultsPrintsResultsToUI(t *testing.T) {
 	rh := NewResultsHandler(reporter, printers, uiPrinter)
 	rh.SetData(fakeScanData)
 
-	err := rh.HandleResults(context.TODO())
+	err := rh.HandleResults(context.TODO(), &cautils.ScanInfo{})
 	assert.NoError(t, err)
 
 	want := 1

httphandler/handlerequests/v1/requestshandlerutils.go

@@ -83,7 +83,7 @@ func scan(ctx context.Context, scanInfo *cautils.ScanInfo, scanID string) (*repo
 	if err != nil {
 		return nil, writeScanErrorToFile(err, scanID)
 	}
-	if err := result.HandleResults(ctx); err != nil {
+	if err := result.HandleResults(ctx, scanInfo); err != nil {
 		return nil, err
 	}
 	storage := storage.GetStorage()

internal/testutils/dir.go

@@ -7,7 +7,7 @@ import (
 
 // CurrentDir returns the directory of the file where this function is defined.
 func CurrentDir() string {
-	_, filename, ok := runtime.Caller(0)
+	_, filename, _, ok := runtime.Caller(1)
 	if !ok {
 		panic("failed to get current file info")
 	}

pkg/imagescan/imagescan.go

@@ -115,7 +115,10 @@ func getProviderConfig(creds RegistryCredentials) pkg.ProviderConfig {
 //
 // It performs image scanning and everything needed in between.
 type Service struct {
-	dbCfg db.Config
+	dbCfg    db.Config
+	dbCloser *db.Closer
+	dbStatus *db.Status
+	dbStore  *store.Store
 }
 
 func getIgnoredMatches(vulnerabilityExceptions []string, store *store.Store, packages []pkg.Package, pkgContext pkg.Context) (*match.Matches, []match.IgnoredMatch, error) {
@@ -178,47 +181,51 @@ func filterMatchesBasedOnSeverity(severityExceptions []string, remainingMatches
 	return filteredMatches
 }
 
-func (s *Service) Scan(ctx context.Context, userInput string, creds RegistryCredentials, vulnerabilityExceptions, severityExceptions []string) (*models.PresenterConfig, error) {
-	store, status, dbCloser, err := NewVulnerabilityDB(s.dbCfg, true)
-	if err = validateDBLoad(err, status); err != nil {
-		return nil, err
-	}
-
+func (s *Service) Scan(_ context.Context, userInput string, creds RegistryCredentials, vulnerabilityExceptions, severityExceptions []string) (*models.PresenterConfig, error) {
 	packages, pkgContext, sbom, err := pkg.Provide(userInput, getProviderConfig(creds))
 	if err != nil {
 		return nil, err
 	}
 
-	if dbCloser != nil {
-		defer dbCloser.Close()
-	}
-
-	remainingMatches, ignoredMatches, err := getIgnoredMatches(vulnerabilityExceptions, store, packages, pkgContext)
+	remainingMatches, ignoredMatches, err := getIgnoredMatches(vulnerabilityExceptions, s.dbStore, packages, pkgContext)
 	if err != nil {
 		return nil, err
 	}
 
-	filteredMatches := filterMatchesBasedOnSeverity(severityExceptions, *remainingMatches, store)
+	filteredMatches := filterMatchesBasedOnSeverity(severityExceptions, *remainingMatches, s.dbStore)
 
 	pb := models.PresenterConfig{
 		Matches:          filteredMatches,
 		IgnoredMatches:   ignoredMatches,
 		Packages:         packages,
 		Context:          pkgContext,
-		MetadataProvider: store,
+		MetadataProvider: s.dbStore,
 		SBOM:             sbom,
 		AppConfig:        nil,
-		DBStatus:         status,
+		DBStatus:         s.dbStatus,
 	}
 	return &pb, nil
 }
 
+func (s *Service) Close() {
+	s.dbCloser.Close()
+}
+
 func NewVulnerabilityDB(cfg db.Config, update bool) (*store.Store, *db.Status, *db.Closer, error) {
 	return grype.LoadVulnerabilityDB(cfg, update)
 }
 
-func NewScanService(dbCfg db.Config) Service {
-	return Service{dbCfg: dbCfg}
+func NewScanService(dbCfg db.Config) (*Service, error) {
+	dbStore, dbStatus, dbCloser, err := NewVulnerabilityDB(dbCfg, true)
+	if err = validateDBLoad(err, dbStatus); err != nil {
+		return nil, err
+	}
+	return &Service{
+		dbCfg:    dbCfg,
+		dbCloser: dbCloser,
+		dbStatus: dbStatus,
+		dbStore:  dbStore,
+	}, nil
 }
 
 // ParseSeverity returns a Grype severity given a severity string

pkg/imagescan/imagescan_test.go

@@ -17,6 +17,7 @@ import (
 	syftPkg "github.com/anchore/syft/syft/pkg"
 	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestVulnerabilityAndSeverityExceptions(t *testing.T) {
@@ -27,7 +28,9 @@ func TestVulnerabilityAndSeverityExceptions(t *testing.T) {
 		DBRootDir:  path.Join(xdg.CacheHome, "grype-light", "db"),
 		ListingURL: "http://localhost:8000/listing.json",
 	}
-	svc := NewScanService(dbCfg)
+	svc, err := NewScanService(dbCfg)
+	require.NoError(t, err)
+	defer svc.Close()
 	creds := RegistryCredentials{}
 
 	tests := []struct {
@@ -338,7 +341,9 @@ func TestGetProviderConfig(t *testing.T) {
 
 func TestNewScanService(t *testing.T) {
 	defaultConfig, _ := NewDefaultDBConfig()
-	svc := NewScanService(defaultConfig)
+	svc, err := NewScanService(defaultConfig)
+	require.NoError(t, err)
+	defer svc.Close()
 	assert.Equal(t, defaultConfig, svc.dbCfg)
 }