aquasecurity
fix: When submitting a scan job correctly check presence of reused reports before fetching credentials for each image
Description
This PR fixes an issue in the logic that determines when to fetch private registry credentials. Previously, the code only checked whether the number of reused reports was greater than 0. This caused issues when the workload was composed of several images and at least one of the images had a corresponding ClusterSbomReport which was reused for the current scan; if one of the remaining images did not have a corresponding ClusterSbomReport and was from a private registry, it's credentials were not being fetched and added to the PodSpec's environment.
The updated logic instead compares the number of reused reports with the total number of container images. If the counts differ, it indicates that not all images have reusable reports, so the system will fetch the necessary private registry credentials for each image.
I have tested this change in my environment and it seemed to fix the related issue.
Related issues
- Close #2809
Checklist
- [X] I've read the guidelines for contributing to this repository.
- [ ] I've added tests that prove my fix is effective or that my feature works.
- [X] I've updated the documentation with the relevant information (if needed).
- [X] I've added usage information (if the PR introduces new options)
- [X] I've included a "before" and "after" example to the description (if the PR is a user interface change).
@festeveira thanks for your efforts! can we combine this PR with #2813? it looks like a similar issues. also Could you pls add test cases for it? i realize there are no tests here, but it'd be better to have it
