From 220eb5a4abfbc141d2f95e9f6fd2be601cc2e10b Mon Sep 17 00:00:00 2001
From: Ivan Milchev <ivan@mondoo.com>
Date: Tue, 26 Mar 2024 14:45:19 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20fix=20private=20image=20containe?=
 =?UTF-8?q?r=20scans=20(#1070)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fix private image container scans

Signed-off-by: Ivan Milchev <ivan@mondoo.com>

* fix tests

Signed-off-by: Ivan Milchev <ivan@mondoo.com>

---------

Signed-off-by: Ivan Milchev <ivan@mondoo.com>
---
 controllers/container_image/resources.go     | 10 +++++-----
 tests/integration/audit_config_base_suite.go |  2 --
 2 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/controllers/container_image/resources.go b/controllers/container_image/resources.go
index 7970bf50..68ec0d01 100644
--- a/controllers/container_image/resources.go
+++ b/controllers/container_image/resources.go
@@ -34,8 +34,8 @@ func CronJob(image, integrationMrn, clusterUid, privateImageScanningSecretName s
 
 	cmd := []string{
 		"cnspec", "scan", "k8s",
-		"--config", "/etc/opt/mondoo/mondoo.yml",
-		"--inventory-file", "/etc/opt/mondoo/inventory.yml",
+		"--config", "/etc/opt/mondoo/config/mondoo.yml",
+		"--inventory-file", "/etc/opt/mondoo/config/inventory.yml",
 		"--score-threshold", "0",
 	}
 
@@ -89,7 +89,7 @@ func CronJob(image, integrationMrn, clusterUid, privateImageScanningSecretName s
 										{
 											Name:      "config",
 											ReadOnly:  true,
-											MountPath: "/etc/opt/",
+											MountPath: "/etc/opt/mondoo/config",
 										},
 										{
 											Name:      "temp",
@@ -118,7 +118,7 @@ func CronJob(image, integrationMrn, clusterUid, privateImageScanningSecretName s
 														LocalObjectReference: corev1.LocalObjectReference{Name: ConfigMapName(m.Name)},
 														Items: []corev1.KeyToPath{{
 															Key:  "inventory",
-															Path: "mondoo/inventory.yml",
+															Path: "inventory.yml",
 														}},
 													},
 												},
@@ -127,7 +127,7 @@ func CronJob(image, integrationMrn, clusterUid, privateImageScanningSecretName s
 														LocalObjectReference: m.Spec.MondooCredsSecretRef,
 														Items: []corev1.KeyToPath{{
 															Key:  "config",
-															Path: "mondoo/mondoo.yml",
+															Path: "mondoo.yml",
 														}},
 													},
 												},
diff --git a/tests/integration/audit_config_base_suite.go b/tests/integration/audit_config_base_suite.go
index 3c9624aa..61c0ad0c 100644
--- a/tests/integration/audit_config_base_suite.go
+++ b/tests/integration/audit_config_base_suite.go
@@ -1119,13 +1119,11 @@ var (
 	}
 	defaultK8sNodePolicyMrns = []string{
 		"//policy.api.mondoo.app/policies/platform-eol",
-		"//policy.api.mondoo.app/policies/platform-vulnerability",
 		"//policy.api.mondoo.app/policies/mondoo-kubernetes-security",
 		"//policy.api.mondoo.app/policies/mondoo-linux-security",
 	}
 	defaultOsPolicyMrns = []string{
 		"//policy.api.mondoo.app/policies/platform-eol",
-		"//policy.api.mondoo.app/policies/platform-vulnerability",
 		"//policy.api.mondoo.app/policies/mondoo-linux-security",
 	}
 )