feat: added Metadata into the k8s resource's scan report (#5322)

pkg/k8s/report/report.go

@@ -56,10 +56,9 @@ type Resource struct {
 	Namespace string `json:",omitempty"`
 	Kind      string
 	Name      string
-	// TODO(josedonizetti): should add metadata? per report? per Result?
-	// Metadata  Metadata `json:",omitempty"`
-	Results types.Results `json:",omitempty"`
-	Error   string        `json:",omitempty"`
+	Metadata  types.Metadata `json:",omitempty"`
+	Results   types.Results  `json:",omitempty"`
+	Error     string         `json:",omitempty"`
 
 	// original report
 	Report types.Report `json:"-"`
@@ -103,6 +102,7 @@ func (r Report) consolidate() ConsolidatedReport {
 				Namespace: res.Namespace,
 				Kind:      res.Kind,
 				Name:      res.Name,
+				Metadata:  res.Metadata,
 				Results:   append(res.Results, v.Results...),
 				Error:     res.Error,
 			}
@@ -237,6 +237,7 @@ func CreateResource(artifact *artifacts.Artifact, report types.Report, err error
 		Namespace: artifact.Namespace,
 		Kind:      artifact.Kind,
 		Name:      artifact.Name,
+		Metadata:  report.Metadata,
 		Results:   results,
 		Report:    report,
 	}
@@ -299,6 +300,7 @@ func copyResource(r Resource) Resource {
 		Namespace: r.Namespace,
 		Kind:      r.Kind,
 		Name:      r.Name,
+		Metadata:  r.Metadata,
 		Error:     r.Error,
 		Report:    r.Report,
 	}

pkg/k8s/report/report_test.go

@@ -15,6 +15,14 @@ var (
 		Namespace: "default",
 		Kind:      "Deploy",
 		Name:      "orion",
+		Metadata: types.Metadata{
+			RepoTags: []string{
+				"alpine:3.14",
+			},
+			RepoDigests: []string{
+				"alpine:3.14@sha256:8fe1727132b2506c17ba0e1f6a6ed8a016bb1f5735e43b2738cd3fd1979b6260",
+			},
+		},
 		Results: types.Results{
 			{
 				Misconfigurations: []types.DetectedMisconfiguration{
@@ -62,6 +70,14 @@ var (
 		Namespace: "default",
 		Kind:      "Deploy",
 		Name:      "orion",
+		Metadata: types.Metadata{
+			RepoTags: []string{
+				"alpine:3.14",
+			},
+			RepoDigests: []string{
+				"alpine:3.14@sha256:8fe1727132b2506c17ba0e1f6a6ed8a016bb1f5735e43b2738cd3fd1979b6260",
+			},
+		},
 		Results: types.Results{
 			{
 				Vulnerabilities: []types.DetectedVulnerability{
@@ -102,6 +118,14 @@ var (
 		Namespace: "default",
 		Kind:      "Deploy",
 		Name:      "orion",
+		Metadata: types.Metadata{
+			RepoTags: []string{
+				"alpine:3.14",
+			},
+			RepoDigests: []string{
+				"alpine:3.14@sha256:8fe1727132b2506c17ba0e1f6a6ed8a016bb1f5735e43b2738cd3fd1979b6260",
+			},
+		},
 		Results: types.Results{
 			{
 				Misconfigurations: []types.DetectedMisconfiguration{
@@ -181,6 +205,14 @@ var (
 		Namespace: "default",
 		Kind:      "Cronjob",
 		Name:      "hello",
+		Metadata: types.Metadata{
+			RepoTags: []string{
+				"alpine:3.14",
+			},
+			RepoDigests: []string{
+				"alpine:3.14@sha256:8fe1727132b2506c17ba0e1f6a6ed8a016bb1f5735e43b2738cd3fd1979b6260",
+			},
+		},
 		Results: types.Results{
 			{Vulnerabilities: []types.DetectedVulnerability{{VulnerabilityID: "CVE-2020-9999"}}},
 		},
@@ -190,6 +222,14 @@ var (
 		Namespace: "default",
 		Kind:      "Pod",
 		Name:      "prometheus",
+		Metadata: types.Metadata{
+			RepoTags: []string{
+				"alpine:3.14",
+			},
+			RepoDigests: []string{
+				"alpine:3.14@sha256:8fe1727132b2506c17ba0e1f6a6ed8a016bb1f5735e43b2738cd3fd1979b6260",
+			},
+		},
 		Results: types.Results{
 			{Misconfigurations: []types.DetectedMisconfiguration{{ID: "ID100"}}},
 		},

pkg/k8s/scanner/scanner.go

@@ -122,7 +122,10 @@ func (s *Scanner) Scan(ctx context.Context, artifactsData []*artifacts.Artifact)
 
 	onResult := func(result scanResult) error {
 		resources = append(resources, result.vulns...)
-		resources = append(resources, result.misconfig)
+		// don't add empty misconfig results to resources slice to avoid an empty resource
+		if result.misconfig.Results != nil {
+			resources = append(resources, result.misconfig)
+		}
 		return nil
 	}