🐞 Bug report

Describe the bug

When using S3 with auth type of AWS-IRSA, the S3 connection is initiated on Scan creation.
AWS-IRSA credentials are limited to 1 hour, and thus, when a scanner takes over 1 hour to complete, the lurker fails with ExpiredToken error (error code 400).

The S3 connection is only relevant once the scanner container finishes running, but it is initiated on setup.

Steps To Reproduce

1. Use S3 with authType: aws-irsa in operator values.yaml.
2. Run a scan that takes over an hour
3. See scanner container completing
4. Lurker container fails on ExpiredToken

Expected behavior

Scanner completes after an hour, lurker uploads file successfully, rest of the flow is executed.

System (please complete the following information):

secureCodeBox version: 4.0.1 (couldn't see anything related to it in newer versions' release notes, related code looks identical)

Kubernetes version:

Client Version: v1.27.4
Kustomize Version: v5.0.1
Server Version: v1.28.4-eks-8cb36c9

Docker version:

Docker version 20.10.18, build b40c2f6b5d

Screenshots / Logs

2024/02/01 06:10:12 File upload returned non 2xx status code (400)
2024/02/01 06:10:12 Failed Request:
2024/02/01 06:10:12 HTTP/1.1 400 Bad Request
Connection: close
Transfer-Encoding: chunked
Content-Type: application/xml
Date: Thu, 01 Feb 2024 06:10:11 GMT
Server: AmazonS3
X-Amz-Id-2: mt...
X-Amz-Request-Id: HV...

5c8


<?xml version="1.0" encoding="UTF-8"?>

<Error><Code>ExpiredToken</Code><Message>The provided token has expired.</Message><Token-0>IQ..=</Token-0><RequestId>HV...</RequestId><HostId>mtU5...</HostId></Error>
0

2024/02/01 06:10:12 Lurker failed to upload scan result file. File upload returned non 2xx status code (400)