[Bug] After integration activate, k8sgpt analyze will never run the Core Analyzers.

[panpan0000]

Checklist

• I've searched for similar issues and couldn't find anything matching
• I've included steps to reproduce the behavior

Affected Components

• K8sGPT (CLI)
• K8sGPT Operator

K8sGPT Version

v0.3.2

Kubernetes Version

v1.25.4

Host OS and its Version

Ubuntu

Steps to reproduce

Detail reproduce steps with 0.3.2.

(1) before integration, everything is fine.

# k8sgpt filter list

Active:
> PersistentVolumeClaim
> Service
> StatefulSet
> CronJob
> Pod
> ReplicaSet
> Ingress
> Node
> Deployment
Unused:
> PodDisruptionBudget
> NetworkPolicy
> HorizontalPodAutoScaler

(2) activate trivy

# k8sgpt integration activate trivy

2023/05/17 08:48:54 creating 1 resource(s)
2023/05/17 08:48:54 CRD clustercompliancereports.aquasecurity.github.io is already present. Skipping.
2023/05/17 08:48:54 creating 1 resource(s)
.......
2023/05/17 08:48:56 release installed successfully: trivy-operator-k8sgpt/trivy-operator-0.13.2
Activated integration trivy

(3) Now, ALL others are REMOVED from Active filter list,

ONLY Trivy left !! (I believe it's unexpected and the root cause )

I think the expected behavior is adding VulnerabilityReport into the original Active List instead of exclude them all.

# k8sgpt filter list

Active:
> VulnerabilityReport (integration)
Unused:
> Pod
> ReplicaSet
> PersistentVolumeClaim
> Node
> Deployment
> Service
> Ingress
> StatefulSet
> CronJob
> HorizontalPodAutoScaler
> PodDisruptionBudget
> NetworkPolicy

(4) k8sgpt analyze ONLY shows Trivy reports !!

# k8sgpt analyze

AI Provider: openai

0 mspider-system/mspider-gsc-controller-7f99674b5f(Deployment/mspider-gsc-controller)
- Error: critical Vulnerability found ID: CVE-2022-31045 (learn more at: https://avd.aquasec.com/nvd/cve-2022-31045)

1 mspider-system/mspider-work-api-795bb68cb9(Deployment/mspider-work-api)
- Error: critical Vulnerability found ID: CVE-2022-31045 (learn more at: https://avd.aquasec.com/nvd/cve-2022-31045)

2 skoala-system/hive-d5bc5bb58(Deployment/hive)
- Error: critical Vulnerability found ID: CVE-2022-31045 (learn more at: https://avd.aquasec.com/nvd/cve-2022-31045)

3 skoala-system/sesame-686ffc4bc9(Deployment/sesame)
- Error: critical Vulnerability found ID: CVE-2022-31045 (learn more at: https://avd.aquasec.com/nvd/cve-2022-31045)

Expected behaviour

Even there's active integration ,
k8sgpt analyze should include all built-in analyzer instead of only activated trivy.

Actual behaviour

as above.

Additional Information

No response

[panpan0000]

Hi, @matthisholleville @AlexsJones , Let's discuss here ( previously our discuss thread was in the PR #413)?

I change the issue description and title, to be more accurate.

I was thingking this issue is relevant to #431 and can be fixed by #432 . But it's NOT. I think they are different issues.

people can try my steps, it's very easy to reproduce.

[matthisholleville]

Unless I'm mistaken, this behavior is actually intended.

The integration takes over the classical analyzers.

There is nothing to prevent it from evolving but I don't think it's a bug.

What do you think about it @AlexsJones ?

[panpan0000]

in my mind as a user, integration is like an additional plugin ? not aim to replace but replenish ?
:-)

[camigira]

Unless I'm mistaken, this behavior is actually intended.
The integration takes over the classical analyzers.

Should it be explicit and let the user know what will happen before proceeding? is it possible to easily revert?