Image Pull Secrets
- Find references to image pull secrets (direct references and via service account).
- Create the temporary secret with basic credentials for each container of the scanned workload.
- Create the scan job that references the temporary secret. The secret has the ownerReference property set to point to the job.
- Watch the job until it's completed or failed.
- Parse logs and save vulnerability reports in etcd.
- Delete the job. The temporary secret will be deleted by the Kubernetes garbage collector.