From 9206af70e8b8b93302d0fad166de29d5e0b1c26c Mon Sep 17 00:00:00 2001
From: Vadim Aleksandrov <valeksandrov@me.com>
Date: Thu, 5 Oct 2023 13:14:13 +0300
Subject: [PATCH] Add option to force image check for disabled/suspended
 workloads

---
 main.go                          | 2 ++
 pkg/registry_checker/checker.go  | 3 +++
 pkg/registry_checker/indexers.go | 3 ++-
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/main.go b/main.go
index 3e7eee3..cd39050 100644
--- a/main.go
+++ b/main.go
@@ -35,6 +35,7 @@ func main() {
 	insecureSkipVerify := flag.Bool("skip-registry-cert-verification", false, "whether to skip registries' certificate verification")
 	defaultRegistry := flag.String("default-registry", "",
 		fmt.Sprintf("default registry to use in absence of a fully qualified image name, defaults to %q", name.DefaultRegistry))
+	checkDisabled := flag.Bool("check-disabled", false, "whether to force image check for disabled / suspended workloads")
 
 	flag.Parse()
 
@@ -77,6 +78,7 @@ func main() {
 		stopCh,
 		kubeClient,
 		*insecureSkipVerify,
+		*checkDisabled,
 		regexes,
 		*defaultRegistry,
 		*namespaceLabels,
diff --git a/pkg/registry_checker/checker.go b/pkg/registry_checker/checker.go
index b8088f0..507dbdc 100644
--- a/pkg/registry_checker/checker.go
+++ b/pkg/registry_checker/checker.go
@@ -64,6 +64,7 @@ func NewRegistryChecker(
 	stopCh <-chan struct{},
 	kubeClient *kubernetes.Clientset,
 	skipVerify bool,
+	checkDisabled bool,
 	ignoredImages []regexp.Regexp,
 	defaultRegistry string,
 	namespaceLabel string,
@@ -195,6 +196,8 @@ func NewRegistryChecker(
 
 	rc.controllerIndexers.secretIndexer = rc.secretsInformer.Informer().GetIndexer()
 
+	rc.controllerIndexers.checkDisabled = checkDisabled
+	
 	go informerFactory.Start(stopCh)
 	logrus.Info("Waiting for cache sync")
 	informerFactory.WaitForCacheSync(stopCh)
diff --git a/pkg/registry_checker/indexers.go b/pkg/registry_checker/indexers.go
index c56eb3f..d5b1c82 100644
--- a/pkg/registry_checker/indexers.go
+++ b/pkg/registry_checker/indexers.go
@@ -28,6 +28,7 @@ type ControllerIndexers struct {
 	daemonSetIndexer      cache.Indexer
 	cronJobIndexer        cache.Indexer
 	secretIndexer         cache.Indexer
+	checkDisabled         bool
 }
 
 type controllerWithContainerInfos struct {
@@ -233,7 +234,7 @@ func (ci ControllerIndexers) GetContainerInfosForImage(image string) (ret []stor
 
 	for _, obj := range objs {
 		controllerWithInfos := obj.(*controllerWithContainerInfos)
-		if !ci.validCi(controllerWithInfos) {
+		if !ci.validCi(controllerWithInfos) && !ci.checkDisabled {
 			continue
 		}