🐛 fix private image container scans (#1070)

* fix private image container scans Signed-off-by: Ivan Milchev <[email protected]> * fix tests Signed-off-by: Ivan Milchev <[email protected]> --------- Signed-off-by: Ivan Milchev <[email protected]>
mondoohq · Mar 26, 2024 · 220eb5a · 220eb5a
1 parent 15b620d
commit 220eb5a
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 7 deletions.
diff --git a/controllers/container_image/resources.go b/controllers/container_image/resources.go
@@ -34,8 +34,8 @@ func CronJob(image, integrationMrn, clusterUid, privateImageScanningSecretName s
 
 	cmd := []string{
 		"cnspec", "scan", "k8s",
-		"--config", "/etc/opt/mondoo/mondoo.yml",
-		"--inventory-file", "/etc/opt/mondoo/inventory.yml",
+		"--config", "/etc/opt/mondoo/config/mondoo.yml",
+		"--inventory-file", "/etc/opt/mondoo/config/inventory.yml",
 		"--score-threshold", "0",
 	}
 
@@ -89,7 +89,7 @@ func CronJob(image, integrationMrn, clusterUid, privateImageScanningSecretName s
 										{
 											Name:      "config",
 											ReadOnly:  true,
-											MountPath: "/etc/opt/",
+											MountPath: "/etc/opt/mondoo/config",
 										},
 										{
 											Name:      "temp",
@@ -118,7 +118,7 @@ func CronJob(image, integrationMrn, clusterUid, privateImageScanningSecretName s
 														LocalObjectReference: corev1.LocalObjectReference{Name: ConfigMapName(m.Name)},
 														Items: []corev1.KeyToPath{{
 															Key:  "inventory",
-															Path: "mondoo/inventory.yml",
+															Path: "inventory.yml",
 														}},
 													},
 												},
@@ -127,7 +127,7 @@ func CronJob(image, integrationMrn, clusterUid, privateImageScanningSecretName s
 														LocalObjectReference: m.Spec.MondooCredsSecretRef,
 														Items: []corev1.KeyToPath{{
 															Key:  "config",
-															Path: "mondoo/mondoo.yml",
+															Path: "mondoo.yml",
 														}},
 													},
 												},

diff --git a/tests/integration/audit_config_base_suite.go b/tests/integration/audit_config_base_suite.go
@@ -1119,13 +1119,11 @@ var (
 	}
 	defaultK8sNodePolicyMrns = []string{
 		"//policy.api.mondoo.app/policies/platform-eol",
-		"//policy.api.mondoo.app/policies/platform-vulnerability",
 		"//policy.api.mondoo.app/policies/mondoo-kubernetes-security",
 		"//policy.api.mondoo.app/policies/mondoo-linux-security",
 	}
 	defaultOsPolicyMrns = []string{
 		"//policy.api.mondoo.app/policies/platform-eol",
-		"//policy.api.mondoo.app/policies/platform-vulnerability",
 		"//policy.api.mondoo.app/policies/mondoo-linux-security",
 	}
 )