Issue with scanning mounted k8s secrets with version 1.1.0 #159
Description
When using version 1.0.3 there are no issues. When upgrading to version 1.1.0 it is failing with this error
level=error msg="Could not scan dir: plugin (Certificate File Plugin) failed to updated components of bom; read /vault/secrets/..data: is a directory"
These directories are k8s secret mounts. Sample:
apiVersion: apps/v1
kind: Deployment
...
spec:
...
template:
...
spec:
...
containers:
- name: ...
...
volumeMounts:
- name: ...
mountPath: "/vault/secrets"
readOnly: true
...
volumes:
- name: ...
secret:
secretName: ...
items:
- key: secret1
path: secret1
...
which results in this structure inside the pod:
/vault/secrets/
├── ..data → symlink to ..2026_02_17_17_32_00.123456789
├── ..2026_02_17_17_32_00.123456789/ ← timestamped directory with actual data
│ ├── secret1
│ ├── secret2
│ ├── secret3
│ └── ... (actual secret files)
├── secret1 → symlink to ..data/secret1
├── secret2 → symlink to ..data/secret2
├── secret3 → symlink to ..data/secret3
└── ...
Ultimately, the error happens, the process exits and the output is 0 bytes.