refactor: replace args usage with ScanConfig in sbomgen invocation

- Replace args.sbomgen_version with config.sbomgen_version in logging
- Replace args.timeout with str(config.timeout) for command line argument
- Replace string-based scanner logic with type-safe list operations:
  - args.scanners != "''" → config.scanners (truthy list check)
  - args.skip_scanners != "''" → config.skip_scanners (truthy list check)
  - args.skip_files != "''" → config.skip_files (truthy list check)
- Convert lists back to comma-separated strings for sbomgen command
- Add comprehensive test coverage for field access patterns

Benefits:
- Eliminates error-prone string comparisons with "''"
- Uses proper list operations instead of string parsing
- Type-safe field access with explicit data conversion
- Cleaner, more readable conditional logic

Continues strangler fig migration - old and new code coexist safely
while gradually improving code quality and maintainability.

Author: bluesentinelsec

entrypoint/entrypoint/orchestrator.py

@@ -19,7 +19,7 @@ def execute(args) -> int:
     logging.info(f"Created config: artifact_type={config.artifact_type.value}, artifact_path={config.artifact_path}")
 
     # OLD: Keep existing logic unchanged for now
-    logging.info(f"downloading and installing inspector-sbomgen version {args.sbomgen_version}")
+    logging.info(f"downloading and installing inspector-sbomgen version {config.sbomgen_version}")
     ret = install_sbomgen(args)
     require_true((ret == 0), "unable to download and install inspector-sbomgen")
 
@@ -186,23 +186,26 @@ def invoke_sbomgen(args) -> int:
                     path_arg, args.artifact_path,
                     "--outfile", args.out_sbom,
                     "--disable-progress-bar",
-                    "--timeout", args.timeout,
+                    "--timeout", str(config.timeout),
                     ]
-    if args.scanners != "''":
-        logging.info(f"setting --scanners: {args.scanners}")
+    if config.scanners:
+        scanners_str = ",".join(config.scanners)
+        logging.info(f"setting --scanners: {scanners_str}")
         sbomgen_args.append("--scanners")
-        sbomgen_args.append(args.scanners)
-    elif args.skip_scanners != "''":
-        logging.info(f"setting --skip-scanners: {args.skip_scanners}")
+        sbomgen_args.append(scanners_str)
+    elif config.skip_scanners:
+        skip_scanners_str = ",".join(config.skip_scanners)
+        logging.info(f"setting --skip-scanners: {skip_scanners_str}")
         sbomgen_args.append("--skip-scanners")
-        sbomgen_args.append(args.skip_scanners)
+        sbomgen_args.append(skip_scanners_str)
     else:
         pass
 
-    if args.skip_files != "''":
-        logging.info(f"setting --skip-files: {args.skip_files}")
+    if config.skip_files:
+        skip_files_str = ",".join(config.skip_files)
+        logging.info(f"setting --skip-files: {skip_files_str}")
         sbomgen_args.append("--skip-files")
-        sbomgen_args.append(args.skip_files)
+        sbomgen_args.append(skip_files_str)
 
     if config.artifact_type == ArtifactType.CONTAINER:
 

entrypoint/tests/test_data_model.py

@@ -158,3 +158,23 @@ def test_scan_config_from_args_converts_skip_scanners(self):
         mock_args = MockArgs()
         config = ScanConfig.from_args(mock_args)
         self.assertEqual(config.skip_scanners, ["binaries", "alpine-apk"])
+
+    def test_scan_config_sbomgen_version_access(self):
+        config = ScanConfig(sbomgen_version="1.8.0")
+        self.assertEqual(config.sbomgen_version, "1.8.0")
+
+    def test_scan_config_timeout_access(self):
+        config = ScanConfig(timeout=300)
+        self.assertEqual(config.timeout, 300)
+
+    def test_scan_config_scanners_list_access(self):
+        config = ScanConfig(scanners=["dpkg", "npm"])
+        self.assertEqual(config.scanners, ["dpkg", "npm"])
+
+    def test_scan_config_skip_scanners_list_access(self):
+        config = ScanConfig(skip_scanners=["binaries", "alpine-apk"])
+        self.assertEqual(config.skip_scanners, ["binaries", "alpine-apk"])
+
+    def test_scan_config_skip_files_list_access(self):
+        config = ScanConfig(skip_files=["./media", "/tmp/foo"])
+        self.assertEqual(config.skip_files, ["./media", "/tmp/foo"])