[SAST] Unreachable code related to error checking

## What steps did you take and what happened:

I've been analyzing the source code using the `Svace` static analyzer and it has found some inconsistent error-checking issues that I believe are confirmed.

## What did you expect to happen:

Redundant error checks are removed and incorrect ones are adjusted

## Anything else you would like to add:

The `err` variable is double-checked:
(consider removing the second check)


1. https://github.com/aquasecurity/trivy-operator/blob/1caa4d4f6807815eda6f5c2997362964129bf4bb/pkg/plugins/trivy/filesystem.go#L214-L221
2. https://github.com/aquasecurity/trivy-operator/blob/1caa4d4f6807815eda6f5c2997362964129bf4bb/pkg/plugins/trivy/filesystem.go#L444-L451
3. https://github.com/aquasecurity/trivy-operator/blob/1caa4d4f6807815eda6f5c2997362964129bf4bb/pkg/plugins/trivy/plugin.go#L135-L142

---

Incorrect check of the `ok` variable:
(also I guess `trivyoperator.LabelResourceSpecHash` should be `trivyoperator.LabelReusedReport` in the error message)

4. https://github.com/aquasecurity/trivy-operator/blob/1caa4d4f6807815eda6f5c2997362964129bf4bb/pkg/vulnerabilityreport/controller/scanjob.go#L313-L316

which is obtained from:

https://github.com/aquasecurity/trivy-operator/blob/1caa4d4f6807815eda6f5c2997362964129bf4bb/pkg/vulnerabilityreport/controller/scanjob.go#L259-L262

So I believe the fix would be:

```go
 reused, ok := job.Labels[trivyoperator.LabelReusedReport] 
 if !ok { 
 	return VulnerabilityReports{}, nil, nil, fmt.Errorf("expected label %s not set", trivyoperator.LabelReusedReport) 
 } 
```

## Environment:

- Trivy-Operator version (use `trivy-operator version`): `v0.27.3` (also checked that problem persists in `main` branch)

---
Found by [Linux Verification Center](https://portal.linuxtesting.ru/) with SVACE


	config, err := getConfig(ctx)
	if err != nil {
	return corev1.PodSpec{}, nil, err
	}
	command := config.GetCommand()
	if err != nil {
	return corev1.PodSpec{}, nil, err
	}

	config, err := getConfig(ctx)
	if err != nil {
	return corev1.PodSpec{}, nil, err
	}
	command := config.GetCommand()
	if err != nil {
	return corev1.PodSpec{}, nil, err
	}

	config, err := getConfig(ctx)
	if err != nil {
	return vulnReport, secretReport, nil, err
	}
	cmd := config.GetCommand()
	if err != nil { // TODO: condition seems incorrect
	return vulnReport, secretReport, nil, err
	}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[SAST] Unreachable code related to error checking #2858

What steps did you take and what happened:

What did you expect to happen:

Anything else you would like to add:

Environment:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

	_, reused := job.Labels[trivyoperator.LabelReusedReport]
	if !ok {
	return VulnerabilityReports{}, nil, nil, fmt.Errorf("expected label %s not set", trivyoperator.LabelResourceSpecHash)
	}

	podSpecHash, ok := job.Labels[trivyoperator.LabelResourceSpecHash]
	if !ok {
	return VulnerabilityReports{}, nil, nil, fmt.Errorf("expected label %s not set", trivyoperator.LabelResourceSpecHash)
	}

[SAST] Unreachable code related to error checking #2858

Description

What steps did you take and what happened:

What did you expect to happen:

Anything else you would like to add:

Environment:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions