🧹 apply runtime env labels for discovered assets (#794)

* apply runtimeenv labels for discovered assets Signed-off-by: Ivan Milchev <[email protected]> * address comments Signed-off-by: Ivan Milchev <[email protected]> --------- Signed-off-by: Ivan Milchev <[email protected]>
mondoohq · Oct 4, 2023 · 634de0b · 634de0b
1 parent a027278
commit 634de0b
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/policy/scan/local_scanner.go b/policy/scan/local_scanner.go
@@ -305,9 +305,25 @@ func (s *LocalScanner) distributeJob(job *Job, ctx context.Context, upstream *up
 		return nil, false, nil
 	}
 
+	runtimeEnv := execruntime.Detect()
+	var runtimeLabels map[string]string
+	// If the runtime is an automated environment and the root asset is CI/CD, then we are doing a
+	// CI/CD scan and we need to apply the runtime labels to the assets
+	if runtimeEnv != nil &&
+		runtimeEnv.IsAutomatedEnv() &&
+		job.Inventory.Spec.Assets[0].Category == inventory.AssetCategory_CATEGORY_CICD {
+		runtimeLabels = runtimeEnv.Labels()
+	}
+
 	justAssets := []*inventory.Asset{}
 	for _, asset := range assets {
 		asset.asset.KindString = asset.asset.GetPlatform().Kind
+		for k, v := range runtimeLabels {
+			if asset.asset.Labels == nil {
+				asset.asset.Labels = map[string]string{}
+			}
+			asset.asset.Labels[k] = v
+		}
 		justAssets = append(justAssets, asset.asset)
 	}