secureCodeBox · J12934 · Feb 23, 2022 · Feb 9, 2022
diff --git a/operator/controllers/execution/scantype_controller_test.go b/operator/controllers/execution/scantype_controller_test.go
@@ -33,7 +33,7 @@ var _ = Describe("ScanType controller", func() {
 
 			createNamespace(ctx, namespace)
 			createScanType(ctx, namespace)
-			scheduledScan := createScheduledScan(ctx, namespace)
+			scheduledScan := createScheduledScan(ctx, namespace, true)
 
 			// ensure that the ScheduledScan has been triggered
 			waitForScheduledScanToBeTriggered(ctx, namespace)
@@ -74,7 +74,7 @@ var _ = Describe("ScanType controller", func() {
 
 			createNamespace(ctx, namespace)
 			createScanType(ctx, namespace)
-			scheduledScan := createScheduledScan(ctx, namespace)
+			scheduledScan := createScheduledScan(ctx, namespace, true)
 
 			// ensure that the ScheduledScan has been triggered
 			waitForScheduledScanToBeTriggered(ctx, namespace)
@@ -96,6 +96,47 @@ var _ = Describe("ScanType controller", func() {
 			}, timeout, interval).Should(BeTrue(), "Scan was restarted without need")
 		})
 	})
+
+	Context("Should not trigger rescan when RetriggerOnScanTypeChange is set to False", func() {
+		It("Should restart a scheduledScan when RetriggerOnScanTypeChange is set to True", func() {
+			ctx := context.Background()
+			namespace := "scantype-retrigger-on-scantype-false-test"
+
+			createNamespace(ctx, namespace)
+			createScanType(ctx, namespace)
+			scheduledScan := createScheduledScan(ctx, namespace, false)
+
+			// ensure that the ScheduledScan has been triggered
+			waitForScheduledScanToBeTriggered(ctx, namespace)
+			k8sClient.Get(ctx, types.NamespacedName{Name: "test-scan", Namespace: namespace}, &scheduledScan)
+			initialExecutionTime := *scheduledScan.Status.LastScheduleTime
+
+			// wait at least one second to ensure that the unix timestamps are at least one second apart.
+			time.Sleep(1 * time.Second)
+
+			By("Update ScanType to trigger rescan")
+			var scanType executionv1.ScanType
+			k8sClient.Get(ctx, types.NamespacedName{Name: "nmap", Namespace: namespace}, &scanType)
+			if scanType.ObjectMeta.Annotations == nil {
+				scanType.ObjectMeta.Annotations = map[string]string{}
+			}
+			scanType.ObjectMeta.Annotations["foobar.securecodebox.io/example"] = "barfoo"
+			err := k8sClient.Update(ctx, &scanType)
+			if err != nil {
+				panic(err)
+			}
+
+			By("Controller should set the lastScheduled Timestamp to the past to force a re-scan")
+			Eventually(func() bool {
+				err := k8sClient.Get(ctx, types.NamespacedName{Name: "test-scan", Namespace: namespace}, &scheduledScan)
+				if errors.IsNotFound(err) {
+					panic("ScheduledScan should be present for this check!")
+				}
+
+				return scheduledScan.Status.LastScheduleTime.Unix() == initialExecutionTime.Unix()
+			}, timeout, interval).Should(BeTrue())
+		})
+	})
 })
 
 func waitForScheduledScanToBeTriggered(ctx context.Context, namespace string) {

diff --git a/operator/controllers/execution/test_utils_test.go b/operator/controllers/execution/test_utils_test.go
@@ -63,15 +63,15 @@ func createScanType(ctx context.Context, namespace string) {
 	Expect(k8sClient.Create(ctx, scanType)).Should(Succeed())
 }
 
-func createScheduledScan(ctx context.Context, namespace string) executionv1.ScheduledScan {
+func createScheduledScan(ctx context.Context, namespace string, retriggerOnScanTypeChange bool) executionv1.ScheduledScan {
 	scheduledScan := executionv1.ScheduledScan{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      "test-scan",
 			Namespace: namespace,
 		},
 		Spec: executionv1.ScheduledScanSpec{
 			Interval:                  metav1.Duration{Duration: 42 * time.Hour},
-			RetriggerOnScanTypeChange: true,
+			RetriggerOnScanTypeChange: retriggerOnScanTypeChange,
 			ScanSpec: &executionv1.ScanSpec{
 				ScanType:   "nmap",
 				Parameters: []string{"scanme.nmap.org"},