Issue
The switch component-filter is a comma delimited list which appears to be an explicit map to the image name of the container being scanned. This restricts configuring the scanner for use in CI environments in order to automate testing. For example, the cluster-logging-operator uses OpenShift CI to build images for every PR and run E2E tests. The images are tagged like 2026-05-07T15:15:38.513331598Z Successfully pushed image-registry.openshift-image-registry.svc:5000/ci-op-20mi4b8l/pipeline@sha256:617a8a3225bffaf8c108a03e58d3054738c20bd3a812729afd114b91208b55a9 where the name does not match the actual component which complicates writing an automated test. Additionally, this should speed up the scan as there should be no need to analyze every image in the cluster:
2026/05/08 14:39:16 Getting all pods from the cluster...
2026/05/08 14:39:16 Skipping pod openshift-logging/tls-scanner-zn6zz: no IP address assigned (phase: Pending)
2026/05/08 14:39:16 Found 80 pods in the cluster (with IP addresses)
2026/05/08 14:39:16 IP discovery summary: 80 total IPs across 80 pods (58 unique IPs).
2026/05/08 14:39:16 Filtering pods by component name(s): cluster-logging-operator,eventrouter,log-file-metric-exporter,vector
2026/05/08 14:39:16 Analyzing OpenShift image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:e654a79ed101e8027fe3237ffc3dfb59c33bd2ab533d7e0df4110d5fcea4bea8
2026/05/08 14:39:16 Successfully parsed component info from image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:e654a79ed101e8027fe3237ffc3dfb59c33bd2ab533d7e0df4110d5fcea4bea8 -> openshift-component
Issue
The switch
component-filteris a comma delimited list which appears to be an explicit map to the image name of the container being scanned. This restricts configuring the scanner for use in CI environments in order to automate testing. For example, the cluster-logging-operator uses OpenShift CI to build images for every PR and run E2E tests. The images are tagged like2026-05-07T15:15:38.513331598Z Successfully pushed image-registry.openshift-image-registry.svc:5000/ci-op-20mi4b8l/pipeline@sha256:617a8a3225bffaf8c108a03e58d3054738c20bd3a812729afd114b91208b55a9where the name does not match the actual component which complicates writing an automated test. Additionally, this should speed up the scan as there should be no need to analyze every image in the cluster: