From 550c4d3b5db4a19534b7481787a19e807bce98aa Mon Sep 17 00:00:00 2001
From: Matthias Bertschy <matthias.bertschy@gmail.com>
Date: Tue, 12 Nov 2024 17:05:22 +0100
Subject: [PATCH] use SQlite for metadata, add paging support to list

Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
---
 build/Dockerfile                              |   2 +-
 go.mod                                        |   8 +
 go.sum                                        |  29 +
 main.go                                       |  13 +-
 pkg/apiserver/apiserver.go                    |  32 +-
 pkg/cleanup/cleanup.go                        |  83 +-
 pkg/cleanup/cleanup_test.go                   | 181 +---
 .../testdata/expectedFilesToDelete.json       | 796 ++++++++++++++++++
 pkg/cleanup/utils.go                          |  93 +-
 pkg/cmd/server/start.go                       |  15 +-
 .../configurationscansummarystorage_test.go   |  26 +-
 .../file/generatednetworkpolicy_test.go       |  19 +-
 pkg/registry/file/sqlite.go                   | 133 +++
 pkg/registry/file/sqlite_test.go              |  65 ++
 pkg/registry/file/storage.go                  | 208 ++---
 pkg/registry/file/storage_test.go             | 123 ++-
 .../file/vulnerabilitysummarystorage_test.go  |  27 +-
 pkg/registry/file/watch_test.go               |  18 +-
 18 files changed, 1399 insertions(+), 472 deletions(-)
 create mode 100644 pkg/cleanup/testdata/expectedFilesToDelete.json
 create mode 100644 pkg/registry/file/sqlite.go
 create mode 100644 pkg/registry/file/sqlite_test.go

diff --git a/build/Dockerfile b/build/Dockerfile
index a1aeee3a2..0c802e3ad 100644
--- a/build/Dockerfile
+++ b/build/Dockerfile
@@ -9,7 +9,7 @@ RUN --mount=target=. \
     --mount=type=cache,target=/go/pkg \
     GOOS=$TARGETOS GOARCH=$TARGETARCH go build -o /out/storage .
 
-FROM gcr.io/distroless/static-debian12:nonroot
+FROM gcr.io/distroless/static-debian12:debug-nonroot
 
 COPY --from=builder /out/storage /usr/bin/storage
 
diff --git a/go.mod b/go.mod
index 3d1e5cd93..0ab02dbf4 100644
--- a/go.mod
+++ b/go.mod
@@ -34,6 +34,7 @@ require (
 	k8s.io/klog/v2 v2.130.1
 	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340
 	k8s.io/utils v0.0.0-20230726121419-3b25d923346b
+	zombiezen.com/go/sqlite v1.4.0
 )
 
 require (
@@ -71,6 +72,7 @@ require (
 	github.com/docker/docker v27.1.1+incompatible // indirect
 	github.com/docker/docker-credential-helpers v0.8.2 // indirect
 	github.com/docker/go-connections v0.5.0 // indirect
+	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
 	github.com/evanphx/json-patch v4.12.0+incompatible // indirect
 	github.com/facebookincubator/nvdtools v0.1.5 // indirect
@@ -116,6 +118,7 @@ require (
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/ncruces/go-strftime v0.1.9 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
 	github.com/opencontainers/image-spec v1.1.0 // indirect
 	github.com/opencontainers/runtime-spec v1.2.0 // indirect
@@ -126,6 +129,7 @@ require (
 	github.com/prometheus/client_model v0.4.0 // indirect
 	github.com/prometheus/common v0.44.0 // indirect
 	github.com/prometheus/procfs v0.10.1 // indirect
+	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
 	github.com/sagikazarmark/locafero v0.3.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
 	github.com/scylladb/go-set v1.0.3-0.20200225121959-cc7b2070d91e // indirect
@@ -186,6 +190,10 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70 // indirect
 	k8s.io/kms v0.26.2 // indirect
+	modernc.org/libc v1.55.3 // indirect
+	modernc.org/mathutil v1.6.0 // indirect
+	modernc.org/memory v1.8.0 // indirect
+	modernc.org/sqlite v1.33.1 // indirect
 	sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 // indirect
 	sigs.k8s.io/controller-runtime v0.15.0 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
diff --git a/go.sum b/go.sum
index c9542b461..79a9d7fc2 100644
--- a/go.sum
+++ b/go.sum
@@ -1129,6 +1129,8 @@ github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjY
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
+github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
+github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
 github.com/ncw/directio v1.0.5 h1:JSUBhdjEvVaJvOoyPAbcW0fnd0tvRXD76wEfZ1KcQz4=
 github.com/ncw/directio v1.0.5/go.mod h1:rX/pKEYkOXBGOggmcyJeJGloCkleSvphPx2eV3t6ROk=
 github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo=
@@ -1203,6 +1205,8 @@ github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPH
 github.com/puzpuzpuz/xsync/v2 v2.4.1 h1:aGdE1C/HaR/QC6YAFdtZXi60Df8/qBIrs8PKrzkItcM=
 github.com/puzpuzpuz/xsync/v2 v2.4.1/go.mod h1:gD2H2krq/w52MfPLE+Uy64TzJDVY7lP2znR9qmR35kU=
 github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
+github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
+github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
 github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
@@ -2129,13 +2133,21 @@ lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl
 modernc.org/cc/v3 v3.36.0/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI=
 modernc.org/cc/v3 v3.36.2/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI=
 modernc.org/cc/v3 v3.36.3/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI=
+modernc.org/cc/v4 v4.21.4 h1:3Be/Rdo1fpr8GrQ7IVw9OHtplU4gWbb+wNgeoBMmGLQ=
+modernc.org/cc/v4 v4.21.4/go.mod h1:HM7VJTZbUCR3rV8EYBi9wxnJ0ZBRiGE5OeGXNA0IsLQ=
 modernc.org/ccgo/v3 v3.0.0-20220428102840-41399a37e894/go.mod h1:eI31LL8EwEBKPpNpA4bU1/i+sKOwOrQy8D87zWUcRZc=
 modernc.org/ccgo/v3 v3.0.0-20220430103911-bc99d88307be/go.mod h1:bwdAnOoaIt8Ax9YdWGjxWsdkPcZyRPHqrOvJxaKAKGw=
 modernc.org/ccgo/v3 v3.16.4/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ=
 modernc.org/ccgo/v3 v3.16.6/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ=
 modernc.org/ccgo/v3 v3.16.8/go.mod h1:zNjwkizS+fIFDrDjIAgBSCLkWbJuHF+ar3QRn+Z9aws=
 modernc.org/ccgo/v3 v3.16.9/go.mod h1:zNMzC9A9xeNUepy6KuZBbugn3c0Mc9TeiJO4lgvkJDo=
+modernc.org/ccgo/v4 v4.19.2 h1:lwQZgvboKD0jBwdaeVCTouxhxAyN6iawF3STraAal8Y=
+modernc.org/ccgo/v4 v4.19.2/go.mod h1:ysS3mxiMV38XGRTTcgo0DQTeTmAO4oCmJl1nX9VFI3s=
 modernc.org/ccorpus v1.11.6/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ=
+modernc.org/fileutil v1.3.0 h1:gQ5SIzK3H9kdfai/5x41oQiKValumqNTDXMvKo62HvE=
+modernc.org/fileutil v1.3.0/go.mod h1:XatxS8fZi3pS8/hKG2GH/ArUogfxjpEKs3Ku3aK4JyQ=
+modernc.org/gc/v2 v2.4.1 h1:9cNzOqPyMJBvrUipmynX0ZohMhcxPtMccYgGOJdOiBw=
+modernc.org/gc/v2 v2.4.1/go.mod h1:wzN5dK1AzVGoH6XOzc3YZ+ey/jPgYHLuVckd62P0GYU=
 modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM=
 modernc.org/libc v0.0.0-20220428101251-2d5f3daf273b/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA=
 modernc.org/libc v1.16.0/go.mod h1:N4LD6DBE9cf+Dzf9buBlzVJndKr/iJHG97vGLHYnb5A=
@@ -2144,19 +2156,34 @@ modernc.org/libc v1.16.17/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU=
 modernc.org/libc v1.16.19/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA=
 modernc.org/libc v1.17.0/go.mod h1:XsgLldpP4aWlPlsjqKRdHPqCxCjISdHfM/yeWC5GyW0=
 modernc.org/libc v1.17.1/go.mod h1:FZ23b+8LjxZs7XtFMbSzL/EhPxNbfZbErxEHc7cbD9s=
+modernc.org/libc v1.55.3 h1:AzcW1mhlPNrRtjS5sS+eW2ISCgSOLLNyFzRh/V3Qj/U=
+modernc.org/libc v1.55.3/go.mod h1:qFXepLhz+JjFThQ4kzwzOjA/y/artDeg+pcYnY+Q83w=
 modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
 modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
 modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
+modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4=
+modernc.org/mathutil v1.6.0/go.mod h1:Ui5Q9q1TR2gFm0AQRqQUaBWFLAhQpCwNcuhBOSedWPo=
 modernc.org/memory v1.1.1/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw=
 modernc.org/memory v1.2.0/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw=
 modernc.org/memory v1.2.1/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU=
+modernc.org/memory v1.8.0 h1:IqGTL6eFMaDZZhEWwcREgeMXYwmW83LYW8cROZYkg+E=
+modernc.org/memory v1.8.0/go.mod h1:XPZ936zp5OMKGWPqbD3JShgd/ZoQ7899TUuQqxY+peU=
 modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
+modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
 modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
+modernc.org/sortutil v1.2.0 h1:jQiD3PfS2REGJNzNCMMaLSp/wdMNieTbKX920Cqdgqc=
+modernc.org/sortutil v1.2.0/go.mod h1:TKU2s7kJMf1AE84OoiGppNHJwvB753OYfNl2WRb++Ss=
 modernc.org/sqlite v1.18.1/go.mod h1:6ho+Gow7oX5V+OiOQ6Tr4xeqbx13UZ6t+Fw9IRUG4d4=
+modernc.org/sqlite v1.33.1 h1:trb6Z3YYoeM9eDL1O8do81kP+0ejv+YzgyFo+Gwy0nM=
+modernc.org/sqlite v1.33.1/go.mod h1:pXV2xHxhzXZsgT/RtTFAPY6JJDEvOTcTdwADQCCWD4k=
 modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw=
 modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw=
+modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA=
+modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0=
 modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw=
 modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
+modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
+modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
 modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
@@ -2174,3 +2201,5 @@ sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=
 sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=
 sourcegraph.com/sourcegraph/go-diff v0.5.0/go.mod h1:kuch7UrkMzY0X+p9CRK03kfuPQ2zzQcaEFbx8wA8rck=
 sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4/go.mod h1:ketZ/q3QxT9HOBeFhu6RdvsftgpsbFHBF5Cas6cDKZ0=
+zombiezen.com/go/sqlite v1.4.0 h1:N1s3RIljwtp4541Y8rM880qgGIgq3fTD2yks1xftnKU=
+zombiezen.com/go/sqlite v1.4.0/go.mod h1:0w9F1DN9IZj9AcLS9YDKMboubCACkwYCGkzoy3eG5ik=
diff --git a/main.go b/main.go
index b8f6fffeb..82f9071b9 100644
--- a/main.go
+++ b/main.go
@@ -21,6 +21,7 @@ import (
 	"flag"
 	"net/url"
 	"os"
+	"path/filepath"
 	"time"
 
 	utilsmetadata "github.com/armosec/utils-k8s-go/armometadata"
@@ -60,8 +61,12 @@ func main() {
 		defer logger.ShutdownOtel(ctx)
 	}
 
+	// setup storage components
+	osFs := afero.NewOsFs()
+	pool := file.NewPool(filepath.Join(file.DefaultStorageRoot, "metadata.sq3"), 0) // If less than 1, a reasonable default is used.
+
 	stopCh := genericapiserver.SetupSignalHandler()
-	options := server.NewWardleServerOptions(os.Stdout, os.Stderr)
+	options := server.NewWardleServerOptions(os.Stdout, os.Stderr, osFs, pool)
 	cmd := server.NewCommandStartWardleServer(options, stopCh)
 
 	// cleanup task
@@ -76,11 +81,7 @@ func main() {
 		intervalDuration = time.Hour * 24
 		logger.L().Info("failed to parse cleanup interval, falling back to default", helpers.Error(err), helpers.String("interval", intervalDuration.String()))
 	}
-	cleanupHandler := cleanup.NewResourcesCleanupHandler(
-		afero.NewOsFs(),
-		file.DefaultStorageRoot,
-		intervalDuration,
-		kubernetesAPI)
+	cleanupHandler := cleanup.NewResourcesCleanupHandler(osFs, file.DefaultStorageRoot, pool, intervalDuration, kubernetesAPI)
 	go cleanupHandler.StartCleanupTask(ctx)
 
 	logger.L().Info("APIServer started")
diff --git a/pkg/apiserver/apiserver.go b/pkg/apiserver/apiserver.go
index 52350b69d..05ded94e1 100644
--- a/pkg/apiserver/apiserver.go
+++ b/pkg/apiserver/apiserver.go
@@ -17,10 +17,14 @@ limitations under the License.
 package apiserver
 
 import (
+	"github.com/kubescape/storage/pkg/apis/softwarecomposition"
+	"github.com/kubescape/storage/pkg/apis/softwarecomposition/install"
 	"github.com/kubescape/storage/pkg/registry"
+	sbomregistry "github.com/kubescape/storage/pkg/registry"
 	"github.com/kubescape/storage/pkg/registry/file"
 	"github.com/kubescape/storage/pkg/registry/softwarecomposition/applicationactivity"
 	"github.com/kubescape/storage/pkg/registry/softwarecomposition/applicationprofile"
+	"github.com/kubescape/storage/pkg/registry/softwarecomposition/configurationscansummary"
 	"github.com/kubescape/storage/pkg/registry/softwarecomposition/generatednetworkpolicy"
 	knownserver "github.com/kubescape/storage/pkg/registry/softwarecomposition/knownservers"
 	"github.com/kubescape/storage/pkg/registry/softwarecomposition/networkneighborhood"
@@ -29,6 +33,12 @@ import (
 	"github.com/kubescape/storage/pkg/registry/softwarecomposition/sbomsyftfiltereds"
 	"github.com/kubescape/storage/pkg/registry/softwarecomposition/sbomsyfts"
 	"github.com/kubescape/storage/pkg/registry/softwarecomposition/seccompprofiles"
+	vmstorage "github.com/kubescape/storage/pkg/registry/softwarecomposition/vulnerabilitymanifest"
+	vmsumstorage "github.com/kubescape/storage/pkg/registry/softwarecomposition/vulnerabilitymanifestsummary"
+	vsumstorage "github.com/kubescape/storage/pkg/registry/softwarecomposition/vulnerabilitysummary"
+	wcsstorage "github.com/kubescape/storage/pkg/registry/softwarecomposition/workloadconfigurationscans"
+	wcssumstorage "github.com/kubescape/storage/pkg/registry/softwarecomposition/workloadconfigurationscansummary"
+	"github.com/spf13/afero"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -39,17 +49,7 @@ import (
 	genericapiserver "k8s.io/apiserver/pkg/server"
 	"k8s.io/apiserver/pkg/server/options"
 	"k8s.io/apiserver/pkg/storage"
-
-	"github.com/kubescape/storage/pkg/apis/softwarecomposition"
-	"github.com/kubescape/storage/pkg/apis/softwarecomposition/install"
-	sbomregistry "github.com/kubescape/storage/pkg/registry"
-	"github.com/kubescape/storage/pkg/registry/softwarecomposition/configurationscansummary"
-	vmstorage "github.com/kubescape/storage/pkg/registry/softwarecomposition/vulnerabilitymanifest"
-	vmsumstorage "github.com/kubescape/storage/pkg/registry/softwarecomposition/vulnerabilitymanifestsummary"
-	vsumstorage "github.com/kubescape/storage/pkg/registry/softwarecomposition/vulnerabilitysummary"
-	wcsstorage "github.com/kubescape/storage/pkg/registry/softwarecomposition/workloadconfigurationscans"
-	wcssumstorage "github.com/kubescape/storage/pkg/registry/softwarecomposition/workloadconfigurationscansummary"
-	"github.com/spf13/afero"
+	"zombiezen.com/go/sqlite/sqlitemigration"
 )
 
 const maxRequestBodyBytes = 1024 * 1024 * 1024
@@ -82,7 +82,8 @@ func init() {
 
 // ExtraConfig holds custom apiserver config
 type ExtraConfig struct {
-	// Place you custom config here.
+	OsFs afero.Fs
+	Pool *sqlitemigration.Pool
 }
 
 // Config defines the config for the apiserver
@@ -141,11 +142,10 @@ func (c completedConfig) New() (*WardleServer, error) {
 	apiGroupInfo := genericapiserver.NewDefaultAPIGroupInfo(softwarecomposition.GroupName, Scheme, metav1.ParameterCodec, Codecs)
 
 	var (
-		osFs        = afero.NewOsFs()
-		storageImpl = file.NewStorageImpl(osFs, file.DefaultStorageRoot)
+		storageImpl = file.NewStorageImpl(c.ExtraConfig.OsFs, file.DefaultStorageRoot, c.ExtraConfig.Pool)
 
-		applicationProfileStorageImpl  = file.NewStorageImplWithCollector(osFs, file.DefaultStorageRoot, file.NewApplicationProfileProcessor())
-		networkNeighborhoodStorageImpl = file.NewStorageImplWithCollector(osFs, file.DefaultStorageRoot, file.NewNetworkNeighborhoodProcessor())
+		applicationProfileStorageImpl  = file.NewStorageImplWithCollector(c.ExtraConfig.OsFs, file.DefaultStorageRoot, c.ExtraConfig.Pool, file.NewApplicationProfileProcessor())
+		networkNeighborhoodStorageImpl = file.NewStorageImplWithCollector(c.ExtraConfig.OsFs, file.DefaultStorageRoot, c.ExtraConfig.Pool, file.NewNetworkNeighborhoodProcessor())
 		configScanStorageImpl          = file.NewConfigurationScanSummaryStorage(storageImpl)
 		vulnerabilitySummaryStorage    = file.NewVulnerabilitySummaryStorage(storageImpl)
 		generatedNetworkPolicyStorage  = file.NewGeneratedNetworkPolicyStorage(storageImpl)
diff --git a/pkg/cleanup/cleanup.go b/pkg/cleanup/cleanup.go
index bd255baeb..4ba6ef79c 100644
--- a/pkg/cleanup/cleanup.go
+++ b/pkg/cleanup/cleanup.go
@@ -1,7 +1,6 @@
 package cleanup
 
 import (
-	"bytes"
 	"context"
 	"fmt"
 	"os"
@@ -15,9 +14,9 @@ import (
 	helpersv1 "github.com/kubescape/k8s-interface/instanceidhandler/v1/helpers"
 	"github.com/kubescape/storage/pkg/apis/softwarecomposition"
 	"github.com/kubescape/storage/pkg/registry/file"
-	"github.com/olvrng/ujson"
 	"github.com/spf13/afero"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"zombiezen.com/go/sqlite/sqlitemigration"
 )
 
 const (
@@ -53,6 +52,7 @@ type TypeDeleteFunc func(appFs afero.Fs, path string)
 
 type ResourcesCleanupHandler struct {
 	appFs      afero.Fs
+	pool       *sqlitemigration.Pool
 	root       string        // root directory to start the cleanup task
 	interval   time.Duration // runs the cleanup task every Interval
 	resources  ResourceMaps
@@ -60,11 +60,12 @@ type ResourcesCleanupHandler struct {
 	deleteFunc TypeDeleteFunc
 }
 
-func NewResourcesCleanupHandler(appFs afero.Fs, root string, interval time.Duration, fetcher ResourcesFetcher) *ResourcesCleanupHandler {
+func NewResourcesCleanupHandler(appFs afero.Fs, root string, pool *sqlitemigration.Pool, interval time.Duration, fetcher ResourcesFetcher) *ResourcesCleanupHandler {
 	return &ResourcesCleanupHandler{
 		appFs:      appFs,
-		interval:   interval,
+		pool:       pool,
 		root:       root,
+		interval:   interval,
 		fetcher:    fetcher,
 		deleteFunc: deleteFile,
 	}
@@ -89,7 +90,7 @@ func (h *ResourcesCleanupHandler) StartCleanupTask(ctx context.Context) {
 			}
 			err := afero.Walk(h.appFs, v1beta1ApiVersionPath, func(path string, info os.FileInfo, err error) error {
 				if err != nil {
-					return err
+					return nil
 				}
 
 				// skip directories
@@ -133,30 +134,25 @@ func (h *ResourcesCleanupHandler) StartCleanupTask(ctx context.Context) {
 						logger.L().Error("migration to gob error", helpers.Error(err))
 						return nil
 					}
+					path = path[:len(path)-len(file.JsonExt)] + file.GobExt
 				}
 
-				// skip files that are not metadata files
-				if !file.IsMetadataFile(path) {
+				// skip files that are not payload files
+				if !file.IsPayloadFile(path) {
 					return nil
 				}
 
-				metadata, err := loadMetadataFromPath(h.appFs, path)
+				// read metadata
+				metadata, err := h.readMetadata(path)
 				if err != nil {
 					logger.L().Error("load metadata error", helpers.Error(err))
 					return nil
 				}
-				if metadata == nil {
-					// no metadata found
-					return nil
-				}
 
 				toDelete := handler(resourceKind, path, metadata, h.resources)
 				if toDelete {
 					logger.L().Debug("deleting", helpers.String("kind", resourceKind), helpers.String("namespace", metadata.Namespace), helpers.String("name", metadata.Name))
 					h.deleteFunc(h.appFs, path)
-
-					payloadFilePath := path[:len(path)-len(file.MetadataExt)] + file.GobExt
-					h.deleteFunc(h.appFs, payloadFilePath)
 				}
 				return nil
 			})
@@ -180,63 +176,6 @@ func deleteFile(appFs afero.Fs, path string) {
 	}
 }
 
-func loadMetadataFromPath(appFs afero.Fs, rootPath string) (*metav1.ObjectMeta, error) {
-	input, err := afero.ReadFile(appFs, rootPath)
-	if err != nil {
-		return nil, fmt.Errorf("failed to read file %s: %w", rootPath, err)
-	}
-
-	data := metav1.ObjectMeta{
-		Annotations: map[string]string{},
-		Labels:      map[string]string{},
-	}
-
-	if len(input) == 0 {
-		// empty file
-		return nil, nil
-	}
-
-	// ujson parsing
-	var parent string
-	err = ujson.Walk(input, func(level int, key, value []byte) bool {
-		switch level {
-		case 1:
-			// read name
-			if bytes.EqualFold(key, []byte(`"name"`)) {
-				data.Name = unquote(value)
-			}
-			// read namespace
-			if bytes.EqualFold(key, []byte(`"namespace"`)) {
-				data.Namespace = unquote(value)
-			}
-			// record parent for level 3
-			parent = unquote(key)
-		case 2:
-			// read annotations
-			if parent == "annotations" {
-				data.Annotations[unquote(key)] = unquote(value)
-			}
-			// read labels
-			if parent == "labels" {
-				data.Labels[unquote(key)] = unquote(value)
-			}
-		}
-		return true
-	})
-	if err != nil {
-		return nil, fmt.Errorf("failed to parse file %s: %w", rootPath, err)
-	}
-	return &data, nil
-}
-
-func unquote(value []byte) string {
-	buf, err := ujson.Unquote(value)
-	if err != nil {
-		return string(value)
-	}
-	return string(buf)
-}
-
 // delete deprecated resources
 func deleteDeprecated(_, _ string, _ *metav1.ObjectMeta, _ ResourceMaps) bool {
 	return true
diff --git a/pkg/cleanup/cleanup_test.go b/pkg/cleanup/cleanup_test.go
index 36d0bcc5b..5430cb17c 100644
--- a/pkg/cleanup/cleanup_test.go
+++ b/pkg/cleanup/cleanup_test.go
@@ -19,8 +19,12 @@ import (
 	"github.com/kubescape/storage/pkg/registry/file"
 	"github.com/spf13/afero"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
+//go:embed testdata/expectedFilesToDelete.json
+var expectedFilesToDeleteBytes []byte
+
 //go:embed testdata/imageids.json
 var imageIds []byte
 
@@ -47,186 +51,15 @@ func TestCleanupTask(t *testing.T) {
 
 	handler := &ResourcesCleanupHandler{
 		appFs:      memFs,
+		pool:       file.NewTestPool(t.TempDir()),
 		root:       file.DefaultStorageRoot,
 		fetcher:    &ResourcesFetchMock{},
 		deleteFunc: deleteFunc,
 	}
 	handler.StartCleanupTask(context.TODO())
 
-	expectedFilesToDelete := []string{
-		"/data/spdx.softwarecomposition.kubescape.io/applicationactivities/gadget/gadget-daemonset-gadget-0d7c-fd3c.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationactivities/gadget/gadget-daemonset-gadget-0d7c-fd3c.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/gadget/gadget-daemonset-gadget-0d7c-fd3c.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/gadget/gadget-daemonset-gadget-0d7c-fd3c.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/default/default-replicaset-nginx-748c667d99-cf81-0278.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/default/default-replicaset-nginx-748c667d99-cf81-0278.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/gadget/gadget-daemonset-gadget-0d7c-fd3c.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/gadget/gadget-daemonset-gadget-0d7c-fd3c.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-gateway-798c4c5f44-b8b1-1308.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-gateway-798c4c5f44-b8b1-1308.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-kubescape-6cff94799d-8110-156a.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-kubescape-6cff94799d-8110-156a.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-operator-575cf58d76-4ad4-39ec.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-operator-575cf58d76-4ad4-39ec.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-otel-collector-54648b7dbb-a539-eb0b.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-otel-collector-54648b7dbb-a539-eb0b.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-storage-8f57967d7-d272-b1f5.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-storage-8f57967d7-d272-b1f5.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-synchronizer-79b57d5d67-6912-e9a6.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-synchronizer-79b57d5d67-6912-e9a6.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-statefulset-kollector-c1be-77d8.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-statefulset-kollector-c1be-77d8.m",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/local-path-storage/local-path-storage-replicaset-local-path-provisioner-75f5b54ffd-763c-36ba.g",
-		"/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/local-path-storage/local-path-storage-replicaset-local-path-provisioner-75f5b54ffd-763c-36ba.m",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/default/deployment-nginx.g",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/default/deployment-nginx.m",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/default/deployment-redis.g",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/default/deployment-redis.m",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/gadget/daemonset-gadget.g",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/gadget/daemonset-gadget.m",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-gateway.g",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-gateway.m",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-kubescape.g",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-kubescape.m",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-kubevuln.g",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-kubevuln.m",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-operator.g",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-operator.m",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-otel-collector.g",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-otel-collector.m",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-synchronizer.g",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-synchronizer.m",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/statefulset-kollector.g",
-		"/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/statefulset-kollector.m",
-		"/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-matthiasb-1-storage-debug-76f234.g",
-		"/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-matthiasb-1-storage-debug-76f234.m",
-		"/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-matthiasb-1-synchronizer-latest-63825b.g",
-		"/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-matthiasb-1-synchronizer-latest-63825b.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3filtereds/kubescape/kubescape-replicaset-operator-5b99d66db7-3195-f368.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3filtereds/kubescape/kubescape-replicaset-operator-5b99d66db7-3195-f368.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/docker.io-qorbani-golang-hello-world-sha256-a14f3fbf3d5d1c4a000ab2c0c6d5e4633bdb96286a0130fa5b2c5967b934c31f-34c31f.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/docker.io-qorbani-golang-hello-world-sha256-a14f3fbf3d5d1c4a000ab2c0c6d5e4633bdb96286a0130fa5b2c5967b934c31f-34c31f.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-addon-resizer-1.8.18-gke.0-sha256-73f83a267713c9ec9bdb5564be404567b8d446813d39c74a5eff2fdbcc91ebf2-91ebf2.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-addon-resizer-1.8.18-gke.0-sha256-73f83a267713c9ec9bdb5564be404567b8d446813d39c74a5eff2fdbcc91ebf2-91ebf2.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-a146bc.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-a146bc.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-sha256-0f232ba18b63363e33f205d0242ef98324fb388434f8598c2fc8e967dca146bc-a146bc.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-sha256-0f232ba18b63363e33f205d0242ef98324fb388434f8598c2fc8e967dca146bc-a146bc.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-csi-node-driver-registrar-v2.8.0-gke.4-sha256-715a1581ce158fbf95f7ca351e25c7d6a0a1599e46e270e72238cc8a0aef1c43-ef1c43.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-csi-node-driver-registrar-v2.8.0-gke.4-sha256-715a1581ce158fbf95f7ca351e25c7d6a0a1599e46e270e72238cc8a0aef1c43-ef1c43.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-event-exporter-sha256-457dda454e42c2a7ccad69fe0af9cc3f005d734b24ad14f17ba88f74ba8b972e-8b972e.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-event-exporter-sha256-457dda454e42c2a7ccad69fe0af9cc3f005d734b24ad14f17ba88f74ba8b972e-8b972e.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-fluent-bit-gke-exporter-sha256-93014f5d546376de76c21f48bf30a6d1df3db4a413a1c3009c59fe46fa83eee8-83eee8.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-fluent-bit-gke-exporter-sha256-93014f5d546376de76c21f48bf30a6d1df3db4a413a1c3009c59fe46fa83eee8-83eee8.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-fluent-bit-sha256-c03635e4c828b9c6847df9780d6684b45ff0a70b1ae8c7e7271283cce472085e-72085e.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-fluent-bit-sha256-c03635e4c828b9c6847df9780d6684b45ff0a70b1ae8c7e7271283cce472085e-72085e.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-gcp-compute-persistent-disk-csi-driver-v1.10.7-gke.0-sha256-a3e4af6b6f6999427dc7b02e813aa1ca5f26e73357c92a77b8fe774ddf431a26-431a26.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-gcp-compute-persistent-disk-csi-driver-v1.10.7-gke.0-sha256-a3e4af6b6f6999427dc7b02e813aa1ca5f26e73357c92a77b8fe774ddf431a26-431a26.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-gke-metrics-agent-1.10.0-gke.0-sha256-0e56abb7da3b2419f6ef300a402c29f9e2810ba135db04621518581ffa48aae9-48aae9.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-gke-metrics-agent-1.10.0-gke.0-sha256-0e56abb7da3b2419f6ef300a402c29f9e2810ba135db04621518581ffa48aae9-48aae9.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-ingress-gce-404-server-with-metrics-v1.23.1-sha256-cf75158c683853c01e3af86209582cc2eaf102f5c0bc767ed0226e0fbdacde57-acde57.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-ingress-gce-404-server-with-metrics-v1.23.1-sha256-cf75158c683853c01e3af86209582cc2eaf102f5c0bc767ed0226e0fbdacde57-acde57.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-dnsmasq-nanny-1.22.22-gke.0-sha256-d7c0300eee5fb4998d3b60d92e5c07c9c4be2f489e04bdfa1950f2e23eb59bcc-b59bcc.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-dnsmasq-nanny-1.22.22-gke.0-sha256-d7c0300eee5fb4998d3b60d92e5c07c9c4be2f489e04bdfa1950f2e23eb59bcc-b59bcc.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-kube-dns-1.22.22-gke.0-sha256-76dcedf9b475902042f9ee22609e475fca96e29880315e9530a694bdd924897e-24897e.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-kube-dns-1.22.22-gke.0-sha256-76dcedf9b475902042f9ee22609e475fca96e29880315e9530a694bdd924897e-24897e.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-sidecar-1.22.22-gke.0-sha256-fd7dc24c8331bbd9d0178f65cfcfe7ef42c003b7ee25b8df595d80d0f237486a-37486a.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-sidecar-1.22.22-gke.0-sha256-fd7dc24c8331bbd9d0178f65cfcfe7ef42c003b7ee25b8df595d80d0f237486a-37486a.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-metrics-server-v0.5.2-gke.3-sha256-1d20492ca374191e5b6ff4b7712b62b41ab75ce226424974356dc266e6e99e83-e99e83.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-metrics-server-v0.5.2-gke.3-sha256-1d20492ca374191e5b6ff4b7712b62b41ab75ce226424974356dc266e6e99e83-e99e83.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-alertmanager-v0.25.1-gmp.0-gke.1-sha256-927b106154a88f2c26fe68bd00fe96605564e4c654c71fa14b69b3d359fb8625-fb8625.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-alertmanager-v0.25.1-gmp.0-gke.1-sha256-927b106154a88f2c26fe68bd00fe96605564e4c654c71fa14b69b3d359fb8625-fb8625.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-config-reloader-v0.7.4-gke.0-sha256-7c290f7ac85228c341d79a05f1cbd75c309d6d0573c4ec32e113dc749e8076d9-8076d9.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-config-reloader-v0.7.4-gke.0-sha256-7c290f7ac85228c341d79a05f1cbd75c309d6d0573c4ec32e113dc749e8076d9-8076d9.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-operator-v0.7.4-gke.0-sha256-980b06655aca5de061fd422a6799ba9063861255851613ba612d668a86b92181-b92181.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-operator-v0.7.4-gke.0-sha256-980b06655aca5de061fd422a6799ba9063861255851613ba612d668a86b92181-b92181.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-prometheus-v2.41.0-gmp.4-gke.1-sha256-7d833aa877ee7e5fdc2df17005be8615af721ac3d01d7e257a3ae98d06516797-516797.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-prometheus-v2.41.0-gmp.4-gke.1-sha256-7d833aa877ee7e5fdc2df17005be8615af721ac3d01d7e257a3ae98d06516797-516797.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-rule-evaluator-v0.7.4-gke.0-sha256-6c7f0bb9d92ccdfa9a9f694c8f02ea200797c3c69d104a508e3faa62b70ad574-0ad574.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-rule-evaluator-v0.7.4-gke.0-sha256-6c7f0bb9d92ccdfa9a9f694c8f02ea200797c3c69d104a508e3faa62b70ad574-0ad574.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-to-sd-sha256-8cd7e6b460418e25f80a4a0e8aa865bd5b716ea8750bfea4f6fc163c9b1c5dbb-1c5dbb.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-to-sd-sha256-8cd7e6b460418e25f80a4a0e8aa865bd5b716ea8750bfea4f6fc163c9b1c5dbb-1c5dbb.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-to-sd-v0.11.5-gke.0-sha256-654791db0d4d17c5847221fd3ace5c23ea1bb20c5976db9fda0853fd6000ab65-00ab65.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-to-sd-v0.11.5-gke.0-sha256-654791db0d4d17c5847221fd3ace5c23ea1bb20c5976db9fda0853fd6000ab65-00ab65.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-proxy-agent-v0.1.3-gke.0-sha256-58325bb529432e3ea2ddfae7c35f9b86b2511d92ba5f8b1afa015ff904824f76-824f76.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-proxy-agent-v0.1.3-gke.0-sha256-58325bb529432e3ea2ddfae7c35f9b86b2511d92ba5f8b1afa015ff904824f76-824f76.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-kubescape-v3.0.2-prerelease-66a0ac.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-kubescape-v3.0.2-prerelease-66a0ac.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-kubevuln-v0.2.133-bc6d6c.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-kubevuln-v0.2.133-bc6d6c.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-node-agent-v0.1.121-8d291a.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-node-agent-v0.1.121-8d291a.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-operator-v0.1.67-dc38da.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-operator-v0.1.67-dc38da.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/docker.io-qorbani-golang-hello-world-sha256-a14f3fbf3d5d1c4a000ab2c0c6d5e4633bdb96286a0130fa5b2c5967b934c31f-34c31f.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/docker.io-qorbani-golang-hello-world-sha256-a14f3fbf3d5d1c4a000ab2c0c6d5e4633bdb96286a0130fa5b2c5967b934c31f-34c31f.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-addon-resizer-1.8.18-gke.0-sha256-73f83a267713c9ec9bdb5564be404567b8d446813d39c74a5eff2fdbcc91ebf2-91ebf2.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-addon-resizer-1.8.18-gke.0-sha256-73f83a267713c9ec9bdb5564be404567b8d446813d39c74a5eff2fdbcc91ebf2-91ebf2.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-a146bc.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-a146bc.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-sha256-0f232ba18b63363e33f205d0242ef98324fb388434f8598c2fc8e967dca146bc-a146bc.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-sha256-0f232ba18b63363e33f205d0242ef98324fb388434f8598c2fc8e967dca146bc-a146bc.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-csi-node-driver-registrar-v2.8.0-gke.4-sha256-715a1581ce158fbf95f7ca351e25c7d6a0a1599e46e270e72238cc8a0aef1c43-ef1c43.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-csi-node-driver-registrar-v2.8.0-gke.4-sha256-715a1581ce158fbf95f7ca351e25c7d6a0a1599e46e270e72238cc8a0aef1c43-ef1c43.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-event-exporter-sha256-457dda454e42c2a7ccad69fe0af9cc3f005d734b24ad14f17ba88f74ba8b972e-8b972e.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-event-exporter-sha256-457dda454e42c2a7ccad69fe0af9cc3f005d734b24ad14f17ba88f74ba8b972e-8b972e.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-fluent-bit-gke-exporter-sha256-93014f5d546376de76c21f48bf30a6d1df3db4a413a1c3009c59fe46fa83eee8-83eee8.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-fluent-bit-gke-exporter-sha256-93014f5d546376de76c21f48bf30a6d1df3db4a413a1c3009c59fe46fa83eee8-83eee8.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-fluent-bit-sha256-c03635e4c828b9c6847df9780d6684b45ff0a70b1ae8c7e7271283cce472085e-72085e.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-fluent-bit-sha256-c03635e4c828b9c6847df9780d6684b45ff0a70b1ae8c7e7271283cce472085e-72085e.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-gcp-compute-persistent-disk-csi-driver-v1.10.7-gke.0-sha256-a3e4af6b6f6999427dc7b02e813aa1ca5f26e73357c92a77b8fe774ddf431a26-431a26.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-gcp-compute-persistent-disk-csi-driver-v1.10.7-gke.0-sha256-a3e4af6b6f6999427dc7b02e813aa1ca5f26e73357c92a77b8fe774ddf431a26-431a26.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-gke-metrics-agent-1.10.0-gke.0-sha256-0e56abb7da3b2419f6ef300a402c29f9e2810ba135db04621518581ffa48aae9-48aae9.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-gke-metrics-agent-1.10.0-gke.0-sha256-0e56abb7da3b2419f6ef300a402c29f9e2810ba135db04621518581ffa48aae9-48aae9.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-ingress-gce-404-server-with-metrics-v1.23.1-sha256-cf75158c683853c01e3af86209582cc2eaf102f5c0bc767ed0226e0fbdacde57-acde57.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-ingress-gce-404-server-with-metrics-v1.23.1-sha256-cf75158c683853c01e3af86209582cc2eaf102f5c0bc767ed0226e0fbdacde57-acde57.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-dnsmasq-nanny-1.22.22-gke.0-sha256-d7c0300eee5fb4998d3b60d92e5c07c9c4be2f489e04bdfa1950f2e23eb59bcc-b59bcc.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-dnsmasq-nanny-1.22.22-gke.0-sha256-d7c0300eee5fb4998d3b60d92e5c07c9c4be2f489e04bdfa1950f2e23eb59bcc-b59bcc.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-kube-dns-1.22.22-gke.0-sha256-76dcedf9b475902042f9ee22609e475fca96e29880315e9530a694bdd924897e-24897e.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-kube-dns-1.22.22-gke.0-sha256-76dcedf9b475902042f9ee22609e475fca96e29880315e9530a694bdd924897e-24897e.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-sidecar-1.22.22-gke.0-sha256-fd7dc24c8331bbd9d0178f65cfcfe7ef42c003b7ee25b8df595d80d0f237486a-37486a.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-sidecar-1.22.22-gke.0-sha256-fd7dc24c8331bbd9d0178f65cfcfe7ef42c003b7ee25b8df595d80d0f237486a-37486a.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-metrics-server-v0.5.2-gke.3-sha256-1d20492ca374191e5b6ff4b7712b62b41ab75ce226424974356dc266e6e99e83-e99e83.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-metrics-server-v0.5.2-gke.3-sha256-1d20492ca374191e5b6ff4b7712b62b41ab75ce226424974356dc266e6e99e83-e99e83.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-alertmanager-v0.25.1-gmp.0-gke.1-sha256-927b106154a88f2c26fe68bd00fe96605564e4c654c71fa14b69b3d359fb8625-fb8625.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-alertmanager-v0.25.1-gmp.0-gke.1-sha256-927b106154a88f2c26fe68bd00fe96605564e4c654c71fa14b69b3d359fb8625-fb8625.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-config-reloader-v0.7.4-gke.0-sha256-7c290f7ac85228c341d79a05f1cbd75c309d6d0573c4ec32e113dc749e8076d9-8076d9.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-config-reloader-v0.7.4-gke.0-sha256-7c290f7ac85228c341d79a05f1cbd75c309d6d0573c4ec32e113dc749e8076d9-8076d9.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-operator-v0.7.4-gke.0-sha256-980b06655aca5de061fd422a6799ba9063861255851613ba612d668a86b92181-b92181.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-operator-v0.7.4-gke.0-sha256-980b06655aca5de061fd422a6799ba9063861255851613ba612d668a86b92181-b92181.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-prometheus-v2.41.0-gmp.4-gke.1-sha256-7d833aa877ee7e5fdc2df17005be8615af721ac3d01d7e257a3ae98d06516797-516797.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-prometheus-v2.41.0-gmp.4-gke.1-sha256-7d833aa877ee7e5fdc2df17005be8615af721ac3d01d7e257a3ae98d06516797-516797.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-rule-evaluator-v0.7.4-gke.0-sha256-6c7f0bb9d92ccdfa9a9f694c8f02ea200797c3c69d104a508e3faa62b70ad574-0ad574.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-rule-evaluator-v0.7.4-gke.0-sha256-6c7f0bb9d92ccdfa9a9f694c8f02ea200797c3c69d104a508e3faa62b70ad574-0ad574.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-to-sd-sha256-8cd7e6b460418e25f80a4a0e8aa865bd5b716ea8750bfea4f6fc163c9b1c5dbb-1c5dbb.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-to-sd-sha256-8cd7e6b460418e25f80a4a0e8aa865bd5b716ea8750bfea4f6fc163c9b1c5dbb-1c5dbb.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-to-sd-v0.11.5-gke.0-sha256-654791db0d4d17c5847221fd3ace5c23ea1bb20c5976db9fda0853fd6000ab65-00ab65.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-to-sd-v0.11.5-gke.0-sha256-654791db0d4d17c5847221fd3ace5c23ea1bb20c5976db9fda0853fd6000ab65-00ab65.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-proxy-agent-v0.1.3-gke.0-sha256-58325bb529432e3ea2ddfae7c35f9b86b2511d92ba5f8b1afa015ff904824f76-824f76.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-proxy-agent-v0.1.3-gke.0-sha256-58325bb529432e3ea2ddfae7c35f9b86b2511d92ba5f8b1afa015ff904824f76-824f76.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-kubescape-v3.0.2-prerelease-66a0ac.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-kubescape-v3.0.2-prerelease-66a0ac.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-kubevuln-v0.2.133-bc6d6c.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-kubevuln-v0.2.133-bc6d6c.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-node-agent-v0.1.121-8d291a.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-node-agent-v0.1.121-8d291a.m",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-operator-v0.1.67-dc38da.g",
-		"/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-operator-v0.1.67-dc38da.m",
-		"/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/kubescape-replicaset-operator-5b99d66db7-3195-f368.g",
-		"/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/kubescape-replicaset-operator-5b99d66db7-3195-f368.m",
-		"/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.g",
-		"/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.m",
-		"/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/gmp-system/statefulset-alertmanager-config-reloader.g",
-		"/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/gmp-system/statefulset-alertmanager-config-reloader.m",
-		"/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-daemonset-kubescape-host-scanner-c93b-a749.g",
-		"/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-daemonset-kubescape-host-scanner-c93b-a749.m",
-		"/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-daemonset-kubescape-host-scanner-c93b-a749.g",
-		"/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-daemonset-kubescape-host-scanner-c93b-a749.m",
-	}
+	var expectedFilesToDelete []string
+	require.NoError(t, json.Unmarshal(expectedFilesToDeleteBytes, &expectedFilesToDelete))
 
 	slices.Sort(filesDeleted)
 
diff --git a/pkg/cleanup/testdata/expectedFilesToDelete.json b/pkg/cleanup/testdata/expectedFilesToDelete.json
new file mode 100644
index 000000000..31f29f7de
--- /dev/null
+++ b/pkg/cleanup/testdata/expectedFilesToDelete.json
@@ -0,0 +1,796 @@
+[
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/default/default-replicaset-nginx-748c667d99-cf81-0278.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/gadget/gadget-daemonset-gadget-0d7c-fd3c.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/gadget/gadget-daemonset-gadget-0d7c-fd3c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/kubescape/kubescape-replicaset-gateway-798c4c5f44-b8b1-1308.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/kubescape/kubescape-replicaset-kubescape-6cff94799d-8110-156a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/kubescape/kubescape-replicaset-operator-575cf58d76-4ad4-39ec.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/kubescape/kubescape-replicaset-otel-collector-54648b7dbb-a539-eb0b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/kubescape/kubescape-replicaset-storage-8f57967d7-d272-b1f5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/kubescape/kubescape-replicaset-synchronizer-79b57d5d67-6912-e9a6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/kubescape/kubescape-statefulset-kollector-c1be-77d8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationactivities/local-path-storage/local-path-storage-replicaset-local-path-provisioner-75f5b54ffd-763c-36ba.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/default/default-replicaset-nginx-748c667d99-cf81-0278.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/gadget/gadget-daemonset-gadget-0d7c-fd3c.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/gadget/gadget-daemonset-gadget-0d7c-fd3c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/kubescape/kubescape-replicaset-gateway-798c4c5f44-b8b1-1308.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/kubescape/kubescape-replicaset-kubescape-6cff94799d-8110-156a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/kubescape/kubescape-replicaset-operator-575cf58d76-4ad4-39ec.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/kubescape/kubescape-replicaset-otel-collector-54648b7dbb-a539-eb0b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/kubescape/kubescape-replicaset-storage-8f57967d7-d272-b1f5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/kubescape/kubescape-replicaset-synchronizer-79b57d5d67-6912-e9a6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/kubescape/kubescape-statefulset-kollector-c1be-77d8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofiles/local-path-storage/local-path-storage-replicaset-local-path-provisioner-75f5b54ffd-763c-36ba.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/default/default-replicaset-nginx-748c667d99-cf81-0278.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/default/default-replicaset-nginx-748c667d99-cf81-0278.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/gadget/gadget-daemonset-gadget-0d7c-fd3c.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/gadget/gadget-daemonset-gadget-0d7c-fd3c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-gateway-798c4c5f44-b8b1-1308.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-gateway-798c4c5f44-b8b1-1308.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-kubescape-6cff94799d-8110-156a.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-kubescape-6cff94799d-8110-156a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-operator-575cf58d76-4ad4-39ec.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-operator-575cf58d76-4ad4-39ec.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-otel-collector-54648b7dbb-a539-eb0b.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-otel-collector-54648b7dbb-a539-eb0b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-storage-8f57967d7-d272-b1f5.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-storage-8f57967d7-d272-b1f5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-synchronizer-79b57d5d67-6912-e9a6.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-replicaset-synchronizer-79b57d5d67-6912-e9a6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-statefulset-kollector-c1be-77d8.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/kubescape/kubescape-statefulset-kollector-c1be-77d8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/local-path-storage/local-path-storage-replicaset-local-path-provisioner-75f5b54ffd-763c-36ba.g",
+  "/data/spdx.softwarecomposition.kubescape.io/applicationprofilesummaries/local-path-storage/local-path-storage-replicaset-local-path-provisioner-75f5b54ffd-763c-36ba.m",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/default/deployment-nginx.g",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/default/deployment-nginx.m",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/default/deployment-redis.g",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/default/deployment-redis.m",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/gadget/daemonset-gadget.g",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/gadget/daemonset-gadget.m",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-gateway.g",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-gateway.m",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-kubescape.g",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-kubescape.m",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-kubevuln.g",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-kubevuln.m",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-operator.g",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-operator.m",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-otel-collector.g",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-otel-collector.m",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-synchronizer.g",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/deployment-synchronizer.m",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/statefulset-kollector.g",
+  "/data/spdx.softwarecomposition.kubescape.io/networkneighborses/kubescape/statefulset-kollector.m",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/docker.io-otel-opentelemetry-collector-0.86.0-6be420.m",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/ghcr.io-inspektor-gadget-inspektor-gadget-v0.21.0-c7fd21.m",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/nginx-4d62ee.m",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-kubescape-gateway-v0.1.20-e35b1e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-kubescape-kollector-v0.1.33-a4e6c4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-kubescape-kubescape-v3.0.2-prerelease-66a0ac.m",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-kubescape-kubevuln-v0.2.133-bc6d6c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-kubescape-operator-v0.1.67-dc38da.m",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-matthiasb-1-storage-debug-76f234.g",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-matthiasb-1-storage-debug-76f234.m",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-matthiasb-1-synchronizer-latest-63825b.g",
+  "/data/spdx.softwarecomposition.kubescape.io/openvulnerabilityexchangecontainers/kubescape/quay.io-matthiasb-1-synchronizer-latest-63825b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3filtereds/kubescape/kubescape-replicaset-operator-5b99d66db7-3195-f368.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3filtereds/kubescape/kubescape-replicaset-operator-5b99d66db7-3195-f368.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/docker.io-qorbani-golang-hello-world-sha256-a14f3fbf3d5d1c4a000ab2c0c6d5e4633bdb96286a0130fa5b2c5967b934c31f-34c31f.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/docker.io-qorbani-golang-hello-world-sha256-a14f3fbf3d5d1c4a000ab2c0c6d5e4633bdb96286a0130fa5b2c5967b934c31f-34c31f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-addon-resizer-1.8.18-gke.0-sha256-73f83a267713c9ec9bdb5564be404567b8d446813d39c74a5eff2fdbcc91ebf2-91ebf2.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-addon-resizer-1.8.18-gke.0-sha256-73f83a267713c9ec9bdb5564be404567b8d446813d39c74a5eff2fdbcc91ebf2-91ebf2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-a146bc.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-a146bc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-sha256-0f232ba18b63363e33f205d0242ef98324fb388434f8598c2fc8e967dca146bc-a146bc.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-sha256-0f232ba18b63363e33f205d0242ef98324fb388434f8598c2fc8e967dca146bc-a146bc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-csi-node-driver-registrar-v2.8.0-gke.4-sha256-715a1581ce158fbf95f7ca351e25c7d6a0a1599e46e270e72238cc8a0aef1c43-ef1c43.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-csi-node-driver-registrar-v2.8.0-gke.4-sha256-715a1581ce158fbf95f7ca351e25c7d6a0a1599e46e270e72238cc8a0aef1c43-ef1c43.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-event-exporter-sha256-457dda454e42c2a7ccad69fe0af9cc3f005d734b24ad14f17ba88f74ba8b972e-8b972e.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-event-exporter-sha256-457dda454e42c2a7ccad69fe0af9cc3f005d734b24ad14f17ba88f74ba8b972e-8b972e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-fluent-bit-gke-exporter-sha256-93014f5d546376de76c21f48bf30a6d1df3db4a413a1c3009c59fe46fa83eee8-83eee8.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-fluent-bit-gke-exporter-sha256-93014f5d546376de76c21f48bf30a6d1df3db4a413a1c3009c59fe46fa83eee8-83eee8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-fluent-bit-sha256-c03635e4c828b9c6847df9780d6684b45ff0a70b1ae8c7e7271283cce472085e-72085e.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-fluent-bit-sha256-c03635e4c828b9c6847df9780d6684b45ff0a70b1ae8c7e7271283cce472085e-72085e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-gcp-compute-persistent-disk-csi-driver-v1.10.7-gke.0-sha256-a3e4af6b6f6999427dc7b02e813aa1ca5f26e73357c92a77b8fe774ddf431a26-431a26.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-gcp-compute-persistent-disk-csi-driver-v1.10.7-gke.0-sha256-a3e4af6b6f6999427dc7b02e813aa1ca5f26e73357c92a77b8fe774ddf431a26-431a26.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-gke-metrics-agent-1.10.0-gke.0-sha256-0e56abb7da3b2419f6ef300a402c29f9e2810ba135db04621518581ffa48aae9-48aae9.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-gke-metrics-agent-1.10.0-gke.0-sha256-0e56abb7da3b2419f6ef300a402c29f9e2810ba135db04621518581ffa48aae9-48aae9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-ingress-gce-404-server-with-metrics-v1.23.1-sha256-cf75158c683853c01e3af86209582cc2eaf102f5c0bc767ed0226e0fbdacde57-acde57.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-ingress-gce-404-server-with-metrics-v1.23.1-sha256-cf75158c683853c01e3af86209582cc2eaf102f5c0bc767ed0226e0fbdacde57-acde57.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-dnsmasq-nanny-1.22.22-gke.0-sha256-d7c0300eee5fb4998d3b60d92e5c07c9c4be2f489e04bdfa1950f2e23eb59bcc-b59bcc.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-dnsmasq-nanny-1.22.22-gke.0-sha256-d7c0300eee5fb4998d3b60d92e5c07c9c4be2f489e04bdfa1950f2e23eb59bcc-b59bcc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-kube-dns-1.22.22-gke.0-sha256-76dcedf9b475902042f9ee22609e475fca96e29880315e9530a694bdd924897e-24897e.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-kube-dns-1.22.22-gke.0-sha256-76dcedf9b475902042f9ee22609e475fca96e29880315e9530a694bdd924897e-24897e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-sidecar-1.22.22-gke.0-sha256-fd7dc24c8331bbd9d0178f65cfcfe7ef42c003b7ee25b8df595d80d0f237486a-37486a.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-k8s-dns-sidecar-1.22.22-gke.0-sha256-fd7dc24c8331bbd9d0178f65cfcfe7ef42c003b7ee25b8df595d80d0f237486a-37486a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-metrics-server-v0.5.2-gke.3-sha256-1d20492ca374191e5b6ff4b7712b62b41ab75ce226424974356dc266e6e99e83-e99e83.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-metrics-server-v0.5.2-gke.3-sha256-1d20492ca374191e5b6ff4b7712b62b41ab75ce226424974356dc266e6e99e83-e99e83.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-alertmanager-v0.25.1-gmp.0-gke.1-sha256-927b106154a88f2c26fe68bd00fe96605564e4c654c71fa14b69b3d359fb8625-fb8625.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-alertmanager-v0.25.1-gmp.0-gke.1-sha256-927b106154a88f2c26fe68bd00fe96605564e4c654c71fa14b69b3d359fb8625-fb8625.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-config-reloader-v0.7.4-gke.0-sha256-7c290f7ac85228c341d79a05f1cbd75c309d6d0573c4ec32e113dc749e8076d9-8076d9.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-config-reloader-v0.7.4-gke.0-sha256-7c290f7ac85228c341d79a05f1cbd75c309d6d0573c4ec32e113dc749e8076d9-8076d9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-operator-v0.7.4-gke.0-sha256-980b06655aca5de061fd422a6799ba9063861255851613ba612d668a86b92181-b92181.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-operator-v0.7.4-gke.0-sha256-980b06655aca5de061fd422a6799ba9063861255851613ba612d668a86b92181-b92181.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-prometheus-v2.41.0-gmp.4-gke.1-sha256-7d833aa877ee7e5fdc2df17005be8615af721ac3d01d7e257a3ae98d06516797-516797.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-prometheus-v2.41.0-gmp.4-gke.1-sha256-7d833aa877ee7e5fdc2df17005be8615af721ac3d01d7e257a3ae98d06516797-516797.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-rule-evaluator-v0.7.4-gke.0-sha256-6c7f0bb9d92ccdfa9a9f694c8f02ea200797c3c69d104a508e3faa62b70ad574-0ad574.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-engine-rule-evaluator-v0.7.4-gke.0-sha256-6c7f0bb9d92ccdfa9a9f694c8f02ea200797c3c69d104a508e3faa62b70ad574-0ad574.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-to-sd-sha256-8cd7e6b460418e25f80a4a0e8aa865bd5b716ea8750bfea4f6fc163c9b1c5dbb-1c5dbb.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-to-sd-sha256-8cd7e6b460418e25f80a4a0e8aa865bd5b716ea8750bfea4f6fc163c9b1c5dbb-1c5dbb.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-to-sd-v0.11.5-gke.0-sha256-654791db0d4d17c5847221fd3ace5c23ea1bb20c5976db9fda0853fd6000ab65-00ab65.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-prometheus-to-sd-v0.11.5-gke.0-sha256-654791db0d4d17c5847221fd3ace5c23ea1bb20c5976db9fda0853fd6000ab65-00ab65.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-proxy-agent-v0.1.3-gke.0-sha256-58325bb529432e3ea2ddfae7c35f9b86b2511d92ba5f8b1afa015ff904824f76-824f76.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/gke.gcr.io-proxy-agent-v0.1.3-gke.0-sha256-58325bb529432e3ea2ddfae7c35f9b86b2511d92ba5f8b1afa015ff904824f76-824f76.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-kubescape-v3.0.2-prerelease-66a0ac.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-kubescape-v3.0.2-prerelease-66a0ac.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-kubevuln-v0.2.133-bc6d6c.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-kubevuln-v0.2.133-bc6d6c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-node-agent-v0.1.121-8d291a.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-node-agent-v0.1.121-8d291a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-operator-v0.1.67-dc38da.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomspdxv2p3s/kubescape/quay.io-kubescape-operator-v0.1.67-dc38da.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/docker.io-qorbani-golang-hello-world-sha256-a14f3fbf3d5d1c4a000ab2c0c6d5e4633bdb96286a0130fa5b2c5967b934c31f-34c31f.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/docker.io-qorbani-golang-hello-world-sha256-a14f3fbf3d5d1c4a000ab2c0c6d5e4633bdb96286a0130fa5b2c5967b934c31f-34c31f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-addon-resizer-1.8.18-gke.0-sha256-73f83a267713c9ec9bdb5564be404567b8d446813d39c74a5eff2fdbcc91ebf2-91ebf2.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-addon-resizer-1.8.18-gke.0-sha256-73f83a267713c9ec9bdb5564be404567b8d446813d39c74a5eff2fdbcc91ebf2-91ebf2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-a146bc.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-a146bc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-sha256-0f232ba18b63363e33f205d0242ef98324fb388434f8598c2fc8e967dca146bc-a146bc.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-sha256-0f232ba18b63363e33f205d0242ef98324fb388434f8598c2fc8e967dca146bc-a146bc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-csi-node-driver-registrar-v2.8.0-gke.4-sha256-715a1581ce158fbf95f7ca351e25c7d6a0a1599e46e270e72238cc8a0aef1c43-ef1c43.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-csi-node-driver-registrar-v2.8.0-gke.4-sha256-715a1581ce158fbf95f7ca351e25c7d6a0a1599e46e270e72238cc8a0aef1c43-ef1c43.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-event-exporter-sha256-457dda454e42c2a7ccad69fe0af9cc3f005d734b24ad14f17ba88f74ba8b972e-8b972e.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-event-exporter-sha256-457dda454e42c2a7ccad69fe0af9cc3f005d734b24ad14f17ba88f74ba8b972e-8b972e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-fluent-bit-gke-exporter-sha256-93014f5d546376de76c21f48bf30a6d1df3db4a413a1c3009c59fe46fa83eee8-83eee8.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-fluent-bit-gke-exporter-sha256-93014f5d546376de76c21f48bf30a6d1df3db4a413a1c3009c59fe46fa83eee8-83eee8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-fluent-bit-sha256-c03635e4c828b9c6847df9780d6684b45ff0a70b1ae8c7e7271283cce472085e-72085e.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-fluent-bit-sha256-c03635e4c828b9c6847df9780d6684b45ff0a70b1ae8c7e7271283cce472085e-72085e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-gcp-compute-persistent-disk-csi-driver-v1.10.7-gke.0-sha256-a3e4af6b6f6999427dc7b02e813aa1ca5f26e73357c92a77b8fe774ddf431a26-431a26.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-gcp-compute-persistent-disk-csi-driver-v1.10.7-gke.0-sha256-a3e4af6b6f6999427dc7b02e813aa1ca5f26e73357c92a77b8fe774ddf431a26-431a26.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-gke-metrics-agent-1.10.0-gke.0-sha256-0e56abb7da3b2419f6ef300a402c29f9e2810ba135db04621518581ffa48aae9-48aae9.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-gke-metrics-agent-1.10.0-gke.0-sha256-0e56abb7da3b2419f6ef300a402c29f9e2810ba135db04621518581ffa48aae9-48aae9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-ingress-gce-404-server-with-metrics-v1.23.1-sha256-cf75158c683853c01e3af86209582cc2eaf102f5c0bc767ed0226e0fbdacde57-acde57.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-ingress-gce-404-server-with-metrics-v1.23.1-sha256-cf75158c683853c01e3af86209582cc2eaf102f5c0bc767ed0226e0fbdacde57-acde57.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-dnsmasq-nanny-1.22.22-gke.0-sha256-d7c0300eee5fb4998d3b60d92e5c07c9c4be2f489e04bdfa1950f2e23eb59bcc-b59bcc.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-dnsmasq-nanny-1.22.22-gke.0-sha256-d7c0300eee5fb4998d3b60d92e5c07c9c4be2f489e04bdfa1950f2e23eb59bcc-b59bcc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-kube-dns-1.22.22-gke.0-sha256-76dcedf9b475902042f9ee22609e475fca96e29880315e9530a694bdd924897e-24897e.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-kube-dns-1.22.22-gke.0-sha256-76dcedf9b475902042f9ee22609e475fca96e29880315e9530a694bdd924897e-24897e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-sidecar-1.22.22-gke.0-sha256-fd7dc24c8331bbd9d0178f65cfcfe7ef42c003b7ee25b8df595d80d0f237486a-37486a.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-k8s-dns-sidecar-1.22.22-gke.0-sha256-fd7dc24c8331bbd9d0178f65cfcfe7ef42c003b7ee25b8df595d80d0f237486a-37486a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-metrics-server-v0.5.2-gke.3-sha256-1d20492ca374191e5b6ff4b7712b62b41ab75ce226424974356dc266e6e99e83-e99e83.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-metrics-server-v0.5.2-gke.3-sha256-1d20492ca374191e5b6ff4b7712b62b41ab75ce226424974356dc266e6e99e83-e99e83.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-alertmanager-v0.25.1-gmp.0-gke.1-sha256-927b106154a88f2c26fe68bd00fe96605564e4c654c71fa14b69b3d359fb8625-fb8625.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-alertmanager-v0.25.1-gmp.0-gke.1-sha256-927b106154a88f2c26fe68bd00fe96605564e4c654c71fa14b69b3d359fb8625-fb8625.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-config-reloader-v0.7.4-gke.0-sha256-7c290f7ac85228c341d79a05f1cbd75c309d6d0573c4ec32e113dc749e8076d9-8076d9.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-config-reloader-v0.7.4-gke.0-sha256-7c290f7ac85228c341d79a05f1cbd75c309d6d0573c4ec32e113dc749e8076d9-8076d9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-operator-v0.7.4-gke.0-sha256-980b06655aca5de061fd422a6799ba9063861255851613ba612d668a86b92181-b92181.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-operator-v0.7.4-gke.0-sha256-980b06655aca5de061fd422a6799ba9063861255851613ba612d668a86b92181-b92181.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-prometheus-v2.41.0-gmp.4-gke.1-sha256-7d833aa877ee7e5fdc2df17005be8615af721ac3d01d7e257a3ae98d06516797-516797.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-prometheus-v2.41.0-gmp.4-gke.1-sha256-7d833aa877ee7e5fdc2df17005be8615af721ac3d01d7e257a3ae98d06516797-516797.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-rule-evaluator-v0.7.4-gke.0-sha256-6c7f0bb9d92ccdfa9a9f694c8f02ea200797c3c69d104a508e3faa62b70ad574-0ad574.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-engine-rule-evaluator-v0.7.4-gke.0-sha256-6c7f0bb9d92ccdfa9a9f694c8f02ea200797c3c69d104a508e3faa62b70ad574-0ad574.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-to-sd-sha256-8cd7e6b460418e25f80a4a0e8aa865bd5b716ea8750bfea4f6fc163c9b1c5dbb-1c5dbb.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-to-sd-sha256-8cd7e6b460418e25f80a4a0e8aa865bd5b716ea8750bfea4f6fc163c9b1c5dbb-1c5dbb.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-to-sd-v0.11.5-gke.0-sha256-654791db0d4d17c5847221fd3ace5c23ea1bb20c5976db9fda0853fd6000ab65-00ab65.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-prometheus-to-sd-v0.11.5-gke.0-sha256-654791db0d4d17c5847221fd3ace5c23ea1bb20c5976db9fda0853fd6000ab65-00ab65.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-proxy-agent-v0.1.3-gke.0-sha256-58325bb529432e3ea2ddfae7c35f9b86b2511d92ba5f8b1afa015ff904824f76-824f76.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/gke.gcr.io-proxy-agent-v0.1.3-gke.0-sha256-58325bb529432e3ea2ddfae7c35f9b86b2511d92ba5f8b1afa015ff904824f76-824f76.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-kubescape-v3.0.2-prerelease-66a0ac.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-kubescape-v3.0.2-prerelease-66a0ac.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-kubevuln-v0.2.133-bc6d6c.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-kubevuln-v0.2.133-bc6d6c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-node-agent-v0.1.121-8d291a.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-node-agent-v0.1.121-8d291a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-operator-v0.1.67-dc38da.g",
+  "/data/spdx.softwarecomposition.kubescape.io/sbomsummaries/kubescape/quay.io-kubescape-operator-v0.1.67-dc38da.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/docker.io-qorbani-golang-hello-world-sha256-a14f3fbf3d5d1c4a000ab2c0c6d5e4633bdb96286a0130fa5b2c5967b934c31f-34c31f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-addon-resizer-1.8.18-gke.0-sha256-73f83a267713c9ec9bdb5564be404567b8d446813d39c74a5eff2fdbcc91ebf2-91ebf2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-a146bc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-cluster-proportional-autoscaler-1.8.4-gke.1-sha256-0f232ba18b63363e33f205d0242ef98324fb388434f8598c2fc8e967dca146bc-a146bc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-csi-node-driver-registrar-v2.8.0-gke.4-sha256-715a1581ce158fbf95f7ca351e25c7d6a0a1599e46e270e72238cc8a0aef1c43-ef1c43.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-event-exporter-sha256-457dda454e42c2a7ccad69fe0af9cc3f005d734b24ad14f17ba88f74ba8b972e-8b972e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-fluent-bit-gke-exporter-sha256-93014f5d546376de76c21f48bf30a6d1df3db4a413a1c3009c59fe46fa83eee8-83eee8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-fluent-bit-sha256-c03635e4c828b9c6847df9780d6684b45ff0a70b1ae8c7e7271283cce472085e-72085e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-gcp-compute-persistent-disk-csi-driver-v1.10.7-gke.0-sha256-a3e4af6b6f6999427dc7b02e813aa1ca5f26e73357c92a77b8fe774ddf431a26-431a26.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-gke-metrics-agent-1.10.0-gke.0-sha256-0e56abb7da3b2419f6ef300a402c29f9e2810ba135db04621518581ffa48aae9-48aae9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-ingress-gce-404-server-with-metrics-v1.23.1-sha256-cf75158c683853c01e3af86209582cc2eaf102f5c0bc767ed0226e0fbdacde57-acde57.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-k8s-dns-dnsmasq-nanny-1.22.22-gke.0-sha256-d7c0300eee5fb4998d3b60d92e5c07c9c4be2f489e04bdfa1950f2e23eb59bcc-b59bcc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-k8s-dns-kube-dns-1.22.22-gke.0-sha256-76dcedf9b475902042f9ee22609e475fca96e29880315e9530a694bdd924897e-24897e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-k8s-dns-sidecar-1.22.22-gke.0-sha256-fd7dc24c8331bbd9d0178f65cfcfe7ef42c003b7ee25b8df595d80d0f237486a-37486a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-metrics-server-v0.5.2-gke.3-sha256-1d20492ca374191e5b6ff4b7712b62b41ab75ce226424974356dc266e6e99e83-e99e83.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-prometheus-engine-alertmanager-v0.25.1-gmp.0-gke.1-sha256-927b106154a88f2c26fe68bd00fe96605564e4c654c71fa14b69b3d359fb8625-fb8625.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-prometheus-engine-config-reloader-v0.7.4-gke.0-sha256-7c290f7ac85228c341d79a05f1cbd75c309d6d0573c4ec32e113dc749e8076d9-8076d9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-prometheus-engine-operator-v0.7.4-gke.0-sha256-980b06655aca5de061fd422a6799ba9063861255851613ba612d668a86b92181-b92181.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-prometheus-engine-prometheus-v2.41.0-gmp.4-gke.1-sha256-7d833aa877ee7e5fdc2df17005be8615af721ac3d01d7e257a3ae98d06516797-516797.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-prometheus-engine-rule-evaluator-v0.7.4-gke.0-sha256-6c7f0bb9d92ccdfa9a9f694c8f02ea200797c3c69d104a508e3faa62b70ad574-0ad574.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-prometheus-to-sd-sha256-8cd7e6b460418e25f80a4a0e8aa865bd5b716ea8750bfea4f6fc163c9b1c5dbb-1c5dbb.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-prometheus-to-sd-v0.11.5-gke.0-sha256-654791db0d4d17c5847221fd3ace5c23ea1bb20c5976db9fda0853fd6000ab65-00ab65.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/gke.gcr.io-proxy-agent-v0.1.3-gke.0-sha256-58325bb529432e3ea2ddfae7c35f9b86b2511d92ba5f8b1afa015ff904824f76-824f76.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/kubescape-replicaset-operator-5b99d66db7-3195-f368.g",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/kubescape-replicaset-operator-5b99d66db7-3195-f368.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.g",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/quay.io-amirm-armo-storage-v0.0.1-98086e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/quay.io-kubescape-kubescape-v3.0.2-prerelease-66a0ac.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/quay.io-kubescape-kubevuln-v0.2.133-bc6d6c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/quay.io-kubescape-node-agent-v0.1.121-8d291a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifests/kubescape/quay.io-kubescape-operator-v0.1.67-dc38da.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/gmp-system/daemonset-collector-prometheus.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/gmp-system/deployment-gmp-operator-operator.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/gmp-system/deployment-rule-evaluator-evaluator.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/gmp-system/statefulset-alertmanager-alertmanager.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/gmp-system/statefulset-alertmanager-config-reloader.g",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/gmp-system/statefulset-alertmanager-config-reloader.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/daemonset-fluentbit-gke-fluentbit-gke.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/daemonset-fluentbit-gke-fluentbit.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/daemonset-gke-metrics-agent-gke-metrics-agent.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/daemonset-pdcsi-node-csi-driver-registrar.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/daemonset-pdcsi-node-gce-pd-driver.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-event-exporter-gke-event-exporter.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-event-exporter-gke-prometheus-to-sd-exporter.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-konnectivity-agent-autoscaler-autoscaler.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-konnectivity-agent-konnectivity-agent.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-kube-dns-autoscaler-autoscaler.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-kube-dns-dnsmasq.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-kube-dns-kubedns.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-kube-dns-prometheus-to-sd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-kube-dns-sidecar.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-l7-default-backend-default-http-backend.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-metrics-server-v0.5.2-metrics-server-nanny.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kube-system/deployment-metrics-server-v0.5.2-metrics-server.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kubescape/daemonset-node-agent-node-agent.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kubescape/deployment-kubescape-kubescape.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kubescape/deployment-kubevuln-kubevuln.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kubescape/deployment-operator-operator.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/kubescape/deployment-storage-apiserver.m",
+  "/data/spdx.softwarecomposition.kubescape.io/vulnerabilitymanifestsummaries/systest-ns-foso/deployment-golang-golang.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/default/discovery.k8s.io-v1-endpointslice-default-kubernetes-ff80-7666.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/default/v1-configmap-default-kube-root-ca.crt-7ca1-9f8c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/default/v1-endpoints-default-kubernetes-afbe-9288.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/default/v1-service-default-kubernetes-3530-3de2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/default/v1-serviceaccount-default-default-faf0-c226.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-node-lease/coordination.k8s.io-v1-lease-kube-node-lease-kind-control-plane-957c-212c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-node-lease/v1-configmap-kube-node-lease-kube-root-ca.crt-c41b-57f3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-node-lease/v1-serviceaccount-kube-node-lease-default-9952-9192.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-public/rbac.authorization.k8s.io-v1-role-kube-public-kubeadm-bootstrap-signer-clusterinfo-6b5d-ef76.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-public/rbac.authorization.k8s.io-v1-role-kube-public-system-controller-bootstrap-signer-bd11-781f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-public/rbac.authorization.k8s.io-v1-rolebinding-kube-public-kubeadm-bootstrap-signer-clusterinfo-2652-bdba.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-public/rbac.authorization.k8s.io-v1-rolebinding-kube-public-system-controller-bootstrap-signer-9386-f34d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-public/v1-configmap-kube-public-kube-root-ca.crt-80c1-ab11.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/apps-v1-daemonset-kube-system-kindnet-2266-1ce2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/apps-v1-daemonset-kube-system-kube-proxy-9712-533a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/apps-v1-deployment-kube-system-coredns-52d6-8e4f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/coordination.k8s.io-v1-lease-kube-system-apiserver-c7uylvfxlbqccnk6myfkwetzze-a466-a537.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/coordination.k8s.io-v1-lease-kube-system-kube-controller-manager-feff-bb3a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/coordination.k8s.io-v1-lease-kube-system-kube-scheduler-8cc1-f786.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/deployment-kube-system-coredns-b33a-321f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/discovery.k8s.io-v1-endpointslice-kube-system-kube-dns-jgjc6-ee1e-e24f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-extension-apiserver-authentication-reader-3349-0c0d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-kube-proxy-9580-efd0.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-kubeadm-nodes-kubeadm-config-f1f7-61d2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-controller-manager-c04f-d03e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-scheduler-caaa-9017.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-system-controller-bootstrap-signer-c4d8-4e0a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-system-controller-cloud-provider-b070-cb47.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-system-controller-token-cleaner-fa16-d64b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-kube-proxy-6096-6bb0.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--extension-apiserver-authentication-reader-5fe9-ee21.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-controller-manager-8e84-d890.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-scheduler-0f7c-1dec.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-bootstrap-signer-aec0-e37e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-cloud-provider-7751-46f6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-token-cleaner-406c-139d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-configmap-kube-system-coredns-bed8-d551.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-configmap-kube-system-extension-apiserver-authentication-d867-8231.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-configmap-kube-system-kube-apiserver-legacy-service-account-token-tracking-7a36-cdb6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-configmap-kube-system-kube-proxy-6c8a-2c93.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-configmap-kube-system-kube-root-ca.crt-0799-d05a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-configmap-kube-system-kubeadm-config-c33c-0af3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-configmap-kube-system-kubelet-config-8225-f730.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-endpoints-kube-system-kube-dns-18b9-04e1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-pod-kube-system-etcd-kind-control-plane-d02e-684e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-pod-kube-system-kube-apiserver-kind-control-plane-4e39-06d3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-pod-kube-system-kube-scheduler-kind-control-plane-48e8-20de.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-secret-kube-system-bootstrap-token-abcdef-8548-1e76.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-service-kube-system-kube-dns-9640-6d5f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-attachdetach-controller-34df-6ab8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-bootstrap-signer-425a-b29c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-certificate-controller-6dd5-ecb7.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-clusterrole-aggregation-controller-5fcd-b673.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-coredns-2be6-83fa.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-cronjob-controller-0cce-6983.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-daemon-set-controller-54e5-019c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-default-9822-6946.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-deployment-controller-bb92-43ec.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-disruption-controller-66d3-7a08.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-endpoint-controller-d530-6055.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-endpointslice-controller-83c1-31fe.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-endpointslicemirroring-controller-cff5-3af4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-ephemeral-volume-controller-bdd2-e25e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-expand-controller-4aab-5d3a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-generic-garbage-collector-ab4e-6241.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-horizontal-pod-autoscaler-c780-7e8d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-job-controller-a1c6-f204.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-kindnet-0b4e-73bf.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-kube-proxy-02cb-ce1c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-namespace-controller-b8c9-614b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-node-controller-1544-b01d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-persistent-volume-binder-054c-7f06.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-pod-garbage-collector-1153-e673.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-pv-protection-controller-6bdd-c2a3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-pvc-protection-controller-c15e-9840.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-replicaset-controller-7ac8-3ef1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-replication-controller-7a89-0132.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-resourcequota-controller-f744-b812.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-root-ca-cert-publisher-4171-a7ca.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-service-account-controller-33e5-7d43.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-service-controller-1101-f5b7.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-statefulset-controller-a290-0675.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-token-cleaner-5c30-9410.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-ttl-after-finished-controller-8bdb-566d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kube-system/v1-serviceaccount-kube-system-ttl-controller-f6a0-99c7.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apiregistration.k8s.io-v1-apiservice--v1beta1.spdx.softwarecomposition.kubescape.io-d714-7242.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-daemonset-kubescape-host-scanner-c93b-a749.g",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-daemonset-kubescape-host-scanner-c93b-a749.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-daemonset-kubescape-node-agent-1358-b429.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-deployment-kubescape-gateway-8e0e-df22.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-deployment-kubescape-kubescape-f937-e6dd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-deployment-kubescape-kubevuln-0c4f-e39a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-deployment-kubescape-operator-1e3d-e288.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-deployment-kubescape-otel-collector-4054-485c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-deployment-kubescape-storage-a2c6-7402.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-deployment-kubescape-synchronizer-7146-ecf3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/apps-v1-statefulset-kubescape-kollector-4a56-6fc2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/batch-v1-cronjob-kubescape-kubescape-scheduler-4db5-9dc4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/batch-v1-cronjob-kubescape-kubevuln-scheduler-a31b-3216.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-gateway-49n52-666c-4572.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-kubescape-77x49-48cc-1ad1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-kubevuln-k4p8f-d862-b49a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-operator-rl9d7-a901-fe41.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-otel-collector-h8zp5-4543-5310.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-storage-bnqlv-13fd-018c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/hostdata.kubescape.cloud-v1beta0-cniinfo--kind-control-plane-9b96-0fcc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/hostdata.kubescape.cloud-v1beta0-controlplaneinfo--kind-control-plane-4c1e-58a1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/hostdata.kubescape.cloud-v1beta0-kubeletinfo--kind-control-plane-5d3f-7145.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/hostdata.kubescape.cloud-v1beta0-kubeproxyinfo--kind-control-plane-a132-118c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-authenticated-rbac.authorization.k8s.io-v1-clusterrole--system-basic-user-rbac.authorization.k8s.io-v1-clusterrolebinding--system-basic-user-f3be-6b64.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-authenticated-rbac.authorization.k8s.io-v1-clusterrole--system-discovery-rbac.authorization.k8s.io-v1-clusterrolebinding--system-discovery-54bf-a674.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-authenticated-rbac.authorization.k8s.io-v1-clusterrole--system-public-info-viewer-rbac.authorization.k8s.io-v1-clusterrolebinding--system-public-info-viewer-112b-5bce.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-bootstrappers-kubeadm-default-node-token-rbac.authorization.k8s.io-v1-clusterrole--kubeadm-get-nodes-rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-get-nodes-9324-17c9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-bootstrappers-kubeadm-default-node-token-rbac.authorization.k8s.io-v1-clusterrole--system-certificates.k8s.io-certificatesigningrequests-nodeclient-rbac.authorization.k8s.io-v1-clusterrolebinding--kubead-60b2-822c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-bootstrappers-kubeadm-default-node-token-rbac.authorization.k8s.io-v1-role-kube-system-kube-proxy-rbac.authorization.k8s.io-v1-rolebinding-kube-system-kube-proxy-b253-cfd6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-masters-rbac.authorization.k8s.io-v1-clusterrole--cluster-admin-rbac.authorization.k8s.io-v1-clusterrolebinding--cluster-admin-da7e-cc4f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-monitoring-rbac.authorization.k8s.io-v1-clusterrole--system-monitoring-rbac.authorization.k8s.io-v1-clusterrolebinding--system-monitoring-03cf-4239.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-nodes-rbac.authorization.k8s.io-v1-clusterrole--system-certificates.k8s.io-certificatesigningrequests-selfnodeclient-rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-node-autoapprove-certificate--58b1-7df1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-nodes-rbac.authorization.k8s.io-v1-role-kube-system-kubeadm-kubelet-config-rbac.authorization.k8s.io-v1-rolebinding-kube-system-kubeadm-kubelet-config-a6b0-d6ba.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-nodes-rbac.authorization.k8s.io-v1-role-kube-system-kubeadm-nodes-kubeadm-config-rbac.authorization.k8s.io-v1-rolebinding-kube-system-kubeadm-nodes-kubeadm-config-d2ea-2ff3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-serviceaccounts-rbac.authorization.k8s.io-v1-clusterrole--system-service-account-issuer-discovery-rbac.authorization.k8s.io-v1-clusterrolebinding--system-service-account-issuer-discovery-b4a3-66fa.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-group--system-unauthenticated-rbac.authorization.k8s.io-v1-clusterrole--system-public-info-viewer-rbac.authorization.k8s.io-v1-clusterrolebinding--system-public-info-viewer-5517-ef87.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-user--system-anonymous-rbac.authorization.k8s.io-v1-role-kube-public-kubeadm-bootstrap-signer-clusterinfo-rbac.authorization.k8s.io-v1-rolebinding-kube-public-kubeadm-bootstrap-signer-clusterinfo-670f-1a8f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-user--system-kube-controller-manager-rbac.authorization.k8s.io-v1-role-kube-system-extension-apiserver-authentication-reader-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--extension-apiserver-authenticat-5ce3-67d8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-user--system-kube-controller-manager-rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-controller-manager-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-contro-dc78-b0c5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-user--system-kube-proxy-rbac.authorization.k8s.io-v1-clusterrole--system-node-proxier-rbac.authorization.k8s.io-v1-clusterrolebinding--system-node-proxier-a23b-456f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-user--system-kube-scheduler-rbac.authorization.k8s.io-v1-clusterrole--system-kube-scheduler-rbac.authorization.k8s.io-v1-clusterrolebinding--system-kube-scheduler-1d53-aa7c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-user--system-kube-scheduler-rbac.authorization.k8s.io-v1-clusterrole--system-volume-scheduler-rbac.authorization.k8s.io-v1-clusterrolebinding--system-volume-scheduler-4d2b-09f1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-user--system-kube-scheduler-rbac.authorization.k8s.io-v1-role-kube-system-extension-apiserver-authentication-reader-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--extension-apiserver-authentication-reade-5e06-8c80.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-user--system-kube-scheduler-rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-scheduler-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-scheduler-169f-c8e9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--cluster-admin-927d-cdab.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kindnet-d10b-abf5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-get-nodes-d075-ff28.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-kubelet-bootstrap-68a6-3053.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-node-autoapprove-bootstrap-78ea-5412.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-node-autoapprove-certificate-rotation-12f3-cefa.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-node-proxier-faeb-888f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubescape-a91b-9ae4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--local-path-provisioner-bind-ed1c-7f2a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--node-agent-6a29-a56d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--operator-c180-303a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--storage-413b-49c9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--synchronizer-2bbb-a1cc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-attachdetach-controller-8293-b4af.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-certificate-controller-8634-cacd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-clusterrole-aggregation-controller-58a2-cc17.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-cronjob-controller-d0f7-2a42.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-daemon-set-controller-164d-a19d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-deployment-controller-a2e0-8976.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-disruption-controller-a279-6817.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-endpoint-controller-5d81-ab04.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-endpointslice-controller-7810-e06c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ephemeral-volume-controller-6242-40ce.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-expand-controller-2277-9a10.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-generic-garbage-collector-c181-b19b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-horizontal-pod-autoscaler-312c-b9c7.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-job-controller-3b02-d32c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-namespace-controller-3a49-2f82.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-persistent-volume-binder-f86a-a64a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-pod-garbage-collector-4e1d-b07b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-pvc-protection-controller-b690-cca2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-replicaset-controller-2895-3cfa.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-replication-controller-8b41-d7a0.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-resourcequota-controller-2135-1cc5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-root-ca-cert-publisher-6cfb-15a3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-service-controller-b3b0-29f4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-statefulset-controller-db8e-666f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ttl-after-finished-controller-be73-070e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ttl-controller-5995-1f87.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-coredns-6a60-a527.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-discovery-5113-ac38.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-kube-controller-manager-43ea-71b3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-monitoring-e879-81ff.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-public-info-viewer-8ec1-4f40.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-volume-scheduler-195e-13b8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-role-kubescape-kubescape-577d-7984.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-role-kubescape-operator-260c-b1cd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/rbac.authorization.k8s.io-v1-rolebinding-kubescape-operator-1f63-37ac.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-attachdetach-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-attachdetach-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-attachdetach-controller-462c-b476.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-bootstrap-signer-rbac.authorization.k8s.io-v1-role-kube-public-system-controller-bootstrap-signer-rbac.authorization.k8s.io-v1-rolebinding-kube-public-system-controller-bootstrap-signer-0324-dd48.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-bootstrap-signer-rbac.authorization.k8s.io-v1-role-kube-public-system-controller-bootstrap-signer-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-bootstrap-signer-48cf-2128.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-bootstrap-signer-rbac.authorization.k8s.io-v1-role-kube-system-system-controller-bootstrap-signer-rbac.authorization.k8s.io-v1-rolebinding-kube-public-system-controller-bootstrap-signer-a4a2-c65d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-bootstrap-signer-rbac.authorization.k8s.io-v1-role-kube-system-system-controller-bootstrap-signer-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-bootstrap-signer-cb85-324f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-cloud-provider-rbac.authorization.k8s.io-v1-role-kube-system-system-controller-cloud-provider-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-cloud-provider-a7d8-e8d0.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-clusterrole-aggregation-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-clusterrole-aggregation-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-clusterrole-aggrega-9852-cb30.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-coredns-rbac.authorization.k8s.io-v1-clusterrole--system-coredns-rbac.authorization.k8s.io-v1-clusterrolebinding--system-coredns-2dae-e10f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-cronjob-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-cronjob-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-cronjob-controller-991d-9420.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-daemon-set-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-daemon-set-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-daemon-set-controller-82a3-1fa5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-deployment-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-deployment-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-deployment-controller-51ca-d715.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-disruption-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-disruption-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-disruption-controller-f9da-7174.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-endpoint-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-endpoint-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-endpoint-controller-c120-5855.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-endpointslice-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-endpointslice-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-endpointslice-controller-91bb-d9f4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-endpointslicemirroring-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-endpointslicemirroring-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-endpointslicemirrorin-5f06-6525.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-ephemeral-volume-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-ephemeral-volume-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ephemeral-volume-controller-7d32-7675.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-expand-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-expand-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-expand-controller-e022-82b2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-generic-garbage-collector-rbac.authorization.k8s.io-v1-clusterrole--system-controller-generic-garbage-collector-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-generic-garbage-collector-b5ac-ce7d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-horizontal-pod-autoscaler-rbac.authorization.k8s.io-v1-clusterrole--system-controller-horizontal-pod-autoscaler-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-horizontal-pod-autoscaler-e4f2-db3b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-kindnet-rbac.authorization.k8s.io-v1-clusterrole--kindnet-rbac.authorization.k8s.io-v1-clusterrolebinding--kindnet-f994-d394.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-kube-controller-manager-rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-controller-manager-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-controller-manager-1446-ce55.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-kube-dns-rbac.authorization.k8s.io-v1-clusterrole--system-kube-dns-rbac.authorization.k8s.io-v1-clusterrolebinding--system-kube-dns-d960-0b14.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-kube-scheduler-rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-scheduler-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-scheduler-ff4b-6277.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-namespace-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-namespace-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-namespace-controller-53f7-6e5e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-persistent-volume-binder-rbac.authorization.k8s.io-v1-clusterrole--system-controller-persistent-volume-binder-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-persistent-volume-binder-177e-eaff.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-pod-garbage-collector-rbac.authorization.k8s.io-v1-clusterrole--system-controller-pod-garbage-collector-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-pod-garbage-collector-3e56-9b24.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-pv-protection-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-pv-protection-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-pv-protection-controller-4fb9-9cfd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-pvc-protection-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-pvc-protection-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-pvc-protection-controller-58c9-9d98.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-replicaset-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-replicaset-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-replicaset-controller-ca70-b5a6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-replication-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-replication-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-replication-controller-b5e6-6267.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-resourcequota-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-resourcequota-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-resourcequota-controller-0fb1-900f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-root-ca-cert-publisher-rbac.authorization.k8s.io-v1-clusterrole--system-controller-root-ca-cert-publisher-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-root-ca-cert-publisher-c82a-200f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-route-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-route-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-route-controller-ad8e-dfc6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-service-account-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-service-account-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-service-account-controller-f096-95ef.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-service-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-service-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-service-controller-44af-1766.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-statefulset-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-statefulset-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-statefulset-controller-de47-8c5e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-token-cleaner-rbac.authorization.k8s.io-v1-role-kube-system-system-controller-token-cleaner-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-token-cleaner-a62c-9f94.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-ttl-after-finished-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-ttl-after-finished-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ttl-after-finished-controller-a5ec-22fd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kube-system-ttl-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-ttl-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ttl-controller-9111-e2d2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kubescape-kollector-rbac.authorization.k8s.io-v1-clusterrole--kollector-rbac.authorization.k8s.io-v1-clusterrolebinding--kollector-e72c-8df2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kubescape-kubescape-rbac.authorization.k8s.io-v1-clusterrole--kubescape-rbac.authorization.k8s.io-v1-clusterrolebinding--kubescape-aa83-1890.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kubescape-kubescape-rbac.authorization.k8s.io-v1-role-kubescape-kubescape-rbac.authorization.k8s.io-v1-rolebinding-kubescape-kubescape-838a-d1d5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kubescape-kubevuln-rbac.authorization.k8s.io-v1-clusterrole--kubevuln-rbac.authorization.k8s.io-v1-clusterrolebinding--kubevuln-e43b-4fe3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kubescape-operator-rbac.authorization.k8s.io-v1-clusterrole--operator-rbac.authorization.k8s.io-v1-clusterrolebinding--operator-caa1-7f47.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kubescape-operator-rbac.authorization.k8s.io-v1-role-kubescape-operator-rbac.authorization.k8s.io-v1-rolebinding-kubescape-operator-6d20-d01b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kubescape-storage-rbac.authorization.k8s.io-v1-clusterrole--system-auth-delegator-rbac.authorization.k8s.io-v1-clusterrolebinding--storage-system-auth-delegator-b7c5-3109.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/serviceaccount-kubescape-storage-rbac.authorization.k8s.io-v1-role-kube-system-extension-apiserver-authentication-reader-rbac.authorization.k8s.io-v1-rolebinding-kube-system-storage-auth-reader-f139-ecd4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-cs-matching-rules-c969-b506.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-host-scanner-definition-9d50-1027.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-ks-capabilities-5844-e9b6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-ks-cloud-config-9085-3be8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-kube-root-ca.crt-bdde-ff9f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-kubescape-cronjob-template-0750-34d7.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-kubescape-scheduler-c5b6-8a76.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-kubevuln-cronjob-template-222e-0fb9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-kubevuln-scheduler-a935-3990.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-node-agent-6eb9-04c6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-operator-ebe9-220f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-otel-collector-config-33fc-3397.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-registry-scan-cronjob-template-c2ca-48d3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-configmap-kubescape-synchronizer-71e1-98e2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-endpoints-kubescape-gateway-f1c4-9760.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-endpoints-kubescape-kubescape-c299-bca3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-endpoints-kubescape-kubevuln-eb33-f757.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-endpoints-kubescape-operator-d237-22dd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-endpoints-kubescape-storage-d7c0-e47f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-namespace--default-3dfc-c855.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-namespace--kube-public-0e5b-249b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-namespace--kube-system-96db-ec72.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-namespace--kubescape-bbd4-d0fc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-namespace--local-path-storage-070c-5c90.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-node--kind-control-plane-1b76-118c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-persistentvolume--pvc-7843aae9-7eaf-407a-8e7e-ea8760e76e6e-18fb-98c1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-persistentvolumeclaim-kubescape-storage-535e-bce5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-secret-kubescape-cloud-secret-24b7-22bc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-secret-kubescape-sh.helm.release.v1.kubescape.v1-5486-de9e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-service-kubescape-gateway-02f7-941a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-service-kubescape-kubescape-5bbd-0cd1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-service-kubescape-kubevuln-2c6d-af06.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-service-kubescape-operator-768a-8272.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-service-kubescape-otel-collector-1c6b-e19d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-service-kubescape-storage-aac3-3752.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-serviceaccount-kubescape-default-6bba-956e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-serviceaccount-kubescape-kollector-e622-e033.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-serviceaccount-kubescape-kubescape-0647-414f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-serviceaccount-kubescape-kubevuln-a8fa-1a4f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-serviceaccount-kubescape-node-agent-c41a-2645.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-serviceaccount-kubescape-operator-9193-7cf2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-serviceaccount-kubescape-storage-623f-8bc3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/kubescape/v1-serviceaccount-kubescape-synchronizer-b366-d9b6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/local-path-storage/apps-v1-deployment-local-path-storage-local-path-provisioner-9358-b354.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/local-path-storage/v1-configmap-local-path-storage-kube-root-ca.crt-4621-4869.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/local-path-storage/v1-configmap-local-path-storage-local-path-config-9210-2367.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/local-path-storage/v1-serviceaccount-local-path-storage-default-21d1-428c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscans/local-path-storage/v1-serviceaccount-local-path-storage-local-path-provisioner-service-account-79fd-9197.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/default/discovery.k8s.io-v1-endpointslice-default-kubernetes-ff80-7666.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/default/v1-configmap-default-kube-root-ca.crt-7ca1-9f8c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/default/v1-endpoints-default-kubernetes-afbe-9288.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/default/v1-service-default-kubernetes-3530-3de2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/default/v1-serviceaccount-default-default-faf0-c226.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-node-lease/coordination.k8s.io-v1-lease-kube-node-lease-kind-control-plane-957c-212c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-node-lease/v1-configmap-kube-node-lease-kube-root-ca.crt-c41b-57f3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-node-lease/v1-serviceaccount-kube-node-lease-default-9952-9192.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-public/rbac.authorization.k8s.io-v1-role-kube-public-kubeadm-bootstrap-signer-clusterinfo-6b5d-ef76.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-public/rbac.authorization.k8s.io-v1-role-kube-public-system-controller-bootstrap-signer-bd11-781f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-public/rbac.authorization.k8s.io-v1-rolebinding-kube-public-kubeadm-bootstrap-signer-clusterinfo-2652-bdba.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-public/rbac.authorization.k8s.io-v1-rolebinding-kube-public-system-controller-bootstrap-signer-9386-f34d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-public/v1-configmap-kube-public-kube-root-ca.crt-80c1-ab11.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/apps-v1-daemonset-kube-system-kindnet-2266-1ce2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/apps-v1-daemonset-kube-system-kube-proxy-9712-533a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/apps-v1-deployment-kube-system-coredns-52d6-8e4f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/coordination.k8s.io-v1-lease-kube-system-apiserver-c7uylvfxlbqccnk6myfkwetzze-a466-a537.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/coordination.k8s.io-v1-lease-kube-system-kube-controller-manager-feff-bb3a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/coordination.k8s.io-v1-lease-kube-system-kube-scheduler-8cc1-f786.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/deployment-kube-system-coredns-b33a-321f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/discovery.k8s.io-v1-endpointslice-kube-system-kube-dns-jgjc6-ee1e-e24f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-extension-apiserver-authentication-reader-3349-0c0d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-kube-proxy-9580-efd0.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-kubeadm-nodes-kubeadm-config-f1f7-61d2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-controller-manager-c04f-d03e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-scheduler-caaa-9017.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-system-controller-bootstrap-signer-c4d8-4e0a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-system-controller-cloud-provider-b070-cb47.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-role-kube-system-system-controller-token-cleaner-fa16-d64b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-kube-proxy-6096-6bb0.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--extension-apiserver-authentication-reader-5fe9-ee21.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-controller-manager-8e84-d890.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-scheduler-0f7c-1dec.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-bootstrap-signer-aec0-e37e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-cloud-provider-7751-46f6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-token-cleaner-406c-139d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-configmap-kube-system-coredns-bed8-d551.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-configmap-kube-system-extension-apiserver-authentication-d867-8231.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-configmap-kube-system-kube-apiserver-legacy-service-account-token-tracking-7a36-cdb6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-configmap-kube-system-kube-proxy-6c8a-2c93.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-configmap-kube-system-kube-root-ca.crt-0799-d05a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-configmap-kube-system-kubeadm-config-c33c-0af3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-configmap-kube-system-kubelet-config-8225-f730.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-endpoints-kube-system-kube-dns-18b9-04e1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-pod-kube-system-etcd-kind-control-plane-d02e-684e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-pod-kube-system-kube-apiserver-kind-control-plane-4e39-06d3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-pod-kube-system-kube-scheduler-kind-control-plane-48e8-20de.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-secret-kube-system-bootstrap-token-abcdef-8548-1e76.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-service-kube-system-kube-dns-9640-6d5f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-attachdetach-controller-34df-6ab8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-bootstrap-signer-425a-b29c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-certificate-controller-6dd5-ecb7.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-clusterrole-aggregation-controller-5fcd-b673.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-coredns-2be6-83fa.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-cronjob-controller-0cce-6983.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-daemon-set-controller-54e5-019c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-default-9822-6946.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-deployment-controller-bb92-43ec.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-disruption-controller-66d3-7a08.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-endpoint-controller-d530-6055.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-endpointslice-controller-83c1-31fe.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-endpointslicemirroring-controller-cff5-3af4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-ephemeral-volume-controller-bdd2-e25e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-expand-controller-4aab-5d3a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-generic-garbage-collector-ab4e-6241.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-horizontal-pod-autoscaler-c780-7e8d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-job-controller-a1c6-f204.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-kindnet-0b4e-73bf.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-kube-proxy-02cb-ce1c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-namespace-controller-b8c9-614b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-node-controller-1544-b01d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-persistent-volume-binder-054c-7f06.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-pod-garbage-collector-1153-e673.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-pv-protection-controller-6bdd-c2a3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-pvc-protection-controller-c15e-9840.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-replicaset-controller-7ac8-3ef1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-replication-controller-7a89-0132.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-resourcequota-controller-f744-b812.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-root-ca-cert-publisher-4171-a7ca.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-service-account-controller-33e5-7d43.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-service-controller-1101-f5b7.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-statefulset-controller-a290-0675.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-token-cleaner-5c30-9410.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-ttl-after-finished-controller-8bdb-566d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kube-system/v1-serviceaccount-kube-system-ttl-controller-f6a0-99c7.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apiregistration.k8s.io-v1-apiservice--v1beta1.spdx.softwarecomposition.kubescape.io-d714-7242.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-daemonset-kubescape-host-scanner-c93b-a749.g",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-daemonset-kubescape-host-scanner-c93b-a749.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-daemonset-kubescape-node-agent-1358-b429.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-deployment-kubescape-gateway-8e0e-df22.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-deployment-kubescape-kubescape-f937-e6dd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-deployment-kubescape-kubevuln-0c4f-e39a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-deployment-kubescape-operator-1e3d-e288.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-deployment-kubescape-otel-collector-4054-485c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-deployment-kubescape-storage-a2c6-7402.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-deployment-kubescape-synchronizer-7146-ecf3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/apps-v1-statefulset-kubescape-kollector-4a56-6fc2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/batch-v1-cronjob-kubescape-kubescape-scheduler-4db5-9dc4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/batch-v1-cronjob-kubescape-kubevuln-scheduler-a31b-3216.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-gateway-49n52-666c-4572.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-kubescape-77x49-48cc-1ad1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-kubevuln-k4p8f-d862-b49a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-operator-rl9d7-a901-fe41.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-otel-collector-h8zp5-4543-5310.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/discovery.k8s.io-v1-endpointslice-kubescape-storage-bnqlv-13fd-018c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/hostdata.kubescape.cloud-v1beta0-cniinfo--kind-control-plane-9b96-0fcc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/hostdata.kubescape.cloud-v1beta0-controlplaneinfo--kind-control-plane-4c1e-58a1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/hostdata.kubescape.cloud-v1beta0-kubeletinfo--kind-control-plane-5d3f-7145.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/hostdata.kubescape.cloud-v1beta0-kubeproxyinfo--kind-control-plane-a132-118c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-authenticated-rbac.authorization.k8s.io-v1-clusterrole--system-basic-user-rbac.authorization.k8s.io-v1-clusterrolebinding--system-basic-user-f3be-6b64.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-authenticated-rbac.authorization.k8s.io-v1-clusterrole--system-discovery-rbac.authorization.k8s.io-v1-clusterrolebinding--system-discovery-54bf-a674.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-authenticated-rbac.authorization.k8s.io-v1-clusterrole--system-public-info-viewer-rbac.authorization.k8s.io-v1-clusterrolebinding--system-public-info-viewer-112b-5bce.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-bootstrappers-kubeadm-default-node-token-rbac.authorization.k8s.io-v1-clusterrole--kubeadm-get-nodes-rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-get-nodes-9324-17c9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-bootstrappers-kubeadm-default-node-token-rbac.authorization.k8s.io-v1-clusterrole--system-certificates.k8s.io-certificatesigningrequests-nodeclient-rbac.authorization.k8s.io-v1-clusterrolebinding--kubead-60b2-822c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-bootstrappers-kubeadm-default-node-token-rbac.authorization.k8s.io-v1-role-kube-system-kube-proxy-rbac.authorization.k8s.io-v1-rolebinding-kube-system-kube-proxy-b253-cfd6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-masters-rbac.authorization.k8s.io-v1-clusterrole--cluster-admin-rbac.authorization.k8s.io-v1-clusterrolebinding--cluster-admin-da7e-cc4f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-monitoring-rbac.authorization.k8s.io-v1-clusterrole--system-monitoring-rbac.authorization.k8s.io-v1-clusterrolebinding--system-monitoring-03cf-4239.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-nodes-rbac.authorization.k8s.io-v1-clusterrole--system-certificates.k8s.io-certificatesigningrequests-selfnodeclient-rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-node-autoapprove-certificate--58b1-7df1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-nodes-rbac.authorization.k8s.io-v1-role-kube-system-kubeadm-kubelet-config-rbac.authorization.k8s.io-v1-rolebinding-kube-system-kubeadm-kubelet-config-a6b0-d6ba.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-nodes-rbac.authorization.k8s.io-v1-role-kube-system-kubeadm-nodes-kubeadm-config-rbac.authorization.k8s.io-v1-rolebinding-kube-system-kubeadm-nodes-kubeadm-config-d2ea-2ff3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-serviceaccounts-rbac.authorization.k8s.io-v1-clusterrole--system-service-account-issuer-discovery-rbac.authorization.k8s.io-v1-clusterrolebinding--system-service-account-issuer-discovery-b4a3-66fa.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-group--system-unauthenticated-rbac.authorization.k8s.io-v1-clusterrole--system-public-info-viewer-rbac.authorization.k8s.io-v1-clusterrolebinding--system-public-info-viewer-5517-ef87.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-user--system-anonymous-rbac.authorization.k8s.io-v1-role-kube-public-kubeadm-bootstrap-signer-clusterinfo-rbac.authorization.k8s.io-v1-rolebinding-kube-public-kubeadm-bootstrap-signer-clusterinfo-670f-1a8f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-user--system-kube-controller-manager-rbac.authorization.k8s.io-v1-role-kube-system-extension-apiserver-authentication-reader-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--extension-apiserver-authenticat-5ce3-67d8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-user--system-kube-controller-manager-rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-controller-manager-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-contro-dc78-b0c5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-user--system-kube-proxy-rbac.authorization.k8s.io-v1-clusterrole--system-node-proxier-rbac.authorization.k8s.io-v1-clusterrolebinding--system-node-proxier-a23b-456f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-user--system-kube-scheduler-rbac.authorization.k8s.io-v1-clusterrole--system-kube-scheduler-rbac.authorization.k8s.io-v1-clusterrolebinding--system-kube-scheduler-1d53-aa7c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-user--system-kube-scheduler-rbac.authorization.k8s.io-v1-clusterrole--system-volume-scheduler-rbac.authorization.k8s.io-v1-clusterrolebinding--system-volume-scheduler-4d2b-09f1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-user--system-kube-scheduler-rbac.authorization.k8s.io-v1-role-kube-system-extension-apiserver-authentication-reader-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--extension-apiserver-authentication-reade-5e06-8c80.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-user--system-kube-scheduler-rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-scheduler-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-scheduler-169f-c8e9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--cluster-admin-927d-cdab.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kindnet-d10b-abf5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-get-nodes-d075-ff28.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-kubelet-bootstrap-68a6-3053.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-node-autoapprove-bootstrap-78ea-5412.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-node-autoapprove-certificate-rotation-12f3-cefa.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubeadm-node-proxier-faeb-888f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--kubescape-a91b-9ae4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--local-path-provisioner-bind-ed1c-7f2a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--node-agent-6a29-a56d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--operator-c180-303a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--storage-413b-49c9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--synchronizer-2bbb-a1cc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-attachdetach-controller-8293-b4af.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-certificate-controller-8634-cacd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-clusterrole-aggregation-controller-58a2-cc17.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-cronjob-controller-d0f7-2a42.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-daemon-set-controller-164d-a19d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-deployment-controller-a2e0-8976.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-disruption-controller-a279-6817.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-endpoint-controller-5d81-ab04.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-endpointslice-controller-7810-e06c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ephemeral-volume-controller-6242-40ce.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-expand-controller-2277-9a10.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-generic-garbage-collector-c181-b19b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-horizontal-pod-autoscaler-312c-b9c7.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-job-controller-3b02-d32c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-namespace-controller-3a49-2f82.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-persistent-volume-binder-f86a-a64a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-pod-garbage-collector-4e1d-b07b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-pvc-protection-controller-b690-cca2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-replicaset-controller-2895-3cfa.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-replication-controller-8b41-d7a0.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-resourcequota-controller-2135-1cc5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-root-ca-cert-publisher-6cfb-15a3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-service-controller-b3b0-29f4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-statefulset-controller-db8e-666f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ttl-after-finished-controller-be73-070e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ttl-controller-5995-1f87.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-coredns-6a60-a527.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-discovery-5113-ac38.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-kube-controller-manager-43ea-71b3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-monitoring-e879-81ff.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-public-info-viewer-8ec1-4f40.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-clusterrolebinding--system-volume-scheduler-195e-13b8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-role-kubescape-kubescape-577d-7984.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-role-kubescape-operator-260c-b1cd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/rbac.authorization.k8s.io-v1-rolebinding-kubescape-operator-1f63-37ac.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-attachdetach-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-attachdetach-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-attachdetach-controller-462c-b476.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-bootstrap-signer-rbac.authorization.k8s.io-v1-role-kube-public-system-controller-bootstrap-signer-rbac.authorization.k8s.io-v1-rolebinding-kube-public-system-controller-bootstrap-signer-0324-dd48.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-bootstrap-signer-rbac.authorization.k8s.io-v1-role-kube-public-system-controller-bootstrap-signer-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-bootstrap-signer-48cf-2128.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-bootstrap-signer-rbac.authorization.k8s.io-v1-role-kube-system-system-controller-bootstrap-signer-rbac.authorization.k8s.io-v1-rolebinding-kube-public-system-controller-bootstrap-signer-a4a2-c65d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-bootstrap-signer-rbac.authorization.k8s.io-v1-role-kube-system-system-controller-bootstrap-signer-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-bootstrap-signer-cb85-324f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-cloud-provider-rbac.authorization.k8s.io-v1-role-kube-system-system-controller-cloud-provider-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-cloud-provider-a7d8-e8d0.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-clusterrole-aggregation-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-clusterrole-aggregation-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-clusterrole-aggrega-9852-cb30.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-coredns-rbac.authorization.k8s.io-v1-clusterrole--system-coredns-rbac.authorization.k8s.io-v1-clusterrolebinding--system-coredns-2dae-e10f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-cronjob-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-cronjob-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-cronjob-controller-991d-9420.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-daemon-set-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-daemon-set-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-daemon-set-controller-82a3-1fa5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-deployment-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-deployment-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-deployment-controller-51ca-d715.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-disruption-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-disruption-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-disruption-controller-f9da-7174.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-endpoint-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-endpoint-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-endpoint-controller-c120-5855.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-endpointslice-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-endpointslice-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-endpointslice-controller-91bb-d9f4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-endpointslicemirroring-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-endpointslicemirroring-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-endpointslicemirrorin-5f06-6525.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-ephemeral-volume-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-ephemeral-volume-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ephemeral-volume-controller-7d32-7675.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-expand-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-expand-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-expand-controller-e022-82b2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-generic-garbage-collector-rbac.authorization.k8s.io-v1-clusterrole--system-controller-generic-garbage-collector-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-generic-garbage-collector-b5ac-ce7d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-horizontal-pod-autoscaler-rbac.authorization.k8s.io-v1-clusterrole--system-controller-horizontal-pod-autoscaler-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-horizontal-pod-autoscaler-e4f2-db3b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-kindnet-rbac.authorization.k8s.io-v1-clusterrole--kindnet-rbac.authorization.k8s.io-v1-clusterrolebinding--kindnet-f994-d394.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-kube-controller-manager-rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-controller-manager-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-controller-manager-1446-ce55.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-kube-dns-rbac.authorization.k8s.io-v1-clusterrole--system-kube-dns-rbac.authorization.k8s.io-v1-clusterrolebinding--system-kube-dns-d960-0b14.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-kube-scheduler-rbac.authorization.k8s.io-v1-role-kube-system-system--leader-locking-kube-scheduler-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system--leader-locking-kube-scheduler-ff4b-6277.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-namespace-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-namespace-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-namespace-controller-53f7-6e5e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-persistent-volume-binder-rbac.authorization.k8s.io-v1-clusterrole--system-controller-persistent-volume-binder-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-persistent-volume-binder-177e-eaff.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-pod-garbage-collector-rbac.authorization.k8s.io-v1-clusterrole--system-controller-pod-garbage-collector-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-pod-garbage-collector-3e56-9b24.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-pv-protection-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-pv-protection-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-pv-protection-controller-4fb9-9cfd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-pvc-protection-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-pvc-protection-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-pvc-protection-controller-58c9-9d98.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-replicaset-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-replicaset-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-replicaset-controller-ca70-b5a6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-replication-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-replication-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-replication-controller-b5e6-6267.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-resourcequota-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-resourcequota-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-resourcequota-controller-0fb1-900f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-root-ca-cert-publisher-rbac.authorization.k8s.io-v1-clusterrole--system-controller-root-ca-cert-publisher-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-root-ca-cert-publisher-c82a-200f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-route-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-route-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-route-controller-ad8e-dfc6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-service-account-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-service-account-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-service-account-controller-f096-95ef.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-service-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-service-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-service-controller-44af-1766.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-statefulset-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-statefulset-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-statefulset-controller-de47-8c5e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-token-cleaner-rbac.authorization.k8s.io-v1-role-kube-system-system-controller-token-cleaner-rbac.authorization.k8s.io-v1-rolebinding-kube-system-system-controller-token-cleaner-a62c-9f94.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-ttl-after-finished-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-ttl-after-finished-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ttl-after-finished-controller-a5ec-22fd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kube-system-ttl-controller-rbac.authorization.k8s.io-v1-clusterrole--system-controller-ttl-controller-rbac.authorization.k8s.io-v1-clusterrolebinding--system-controller-ttl-controller-9111-e2d2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kubescape-kollector-rbac.authorization.k8s.io-v1-clusterrole--kollector-rbac.authorization.k8s.io-v1-clusterrolebinding--kollector-e72c-8df2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kubescape-kubescape-rbac.authorization.k8s.io-v1-clusterrole--kubescape-rbac.authorization.k8s.io-v1-clusterrolebinding--kubescape-aa83-1890.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kubescape-kubescape-rbac.authorization.k8s.io-v1-role-kubescape-kubescape-rbac.authorization.k8s.io-v1-rolebinding-kubescape-kubescape-838a-d1d5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kubescape-kubevuln-rbac.authorization.k8s.io-v1-clusterrole--kubevuln-rbac.authorization.k8s.io-v1-clusterrolebinding--kubevuln-e43b-4fe3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kubescape-operator-rbac.authorization.k8s.io-v1-clusterrole--operator-rbac.authorization.k8s.io-v1-clusterrolebinding--operator-caa1-7f47.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kubescape-operator-rbac.authorization.k8s.io-v1-role-kubescape-operator-rbac.authorization.k8s.io-v1-rolebinding-kubescape-operator-6d20-d01b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kubescape-storage-rbac.authorization.k8s.io-v1-clusterrole--system-auth-delegator-rbac.authorization.k8s.io-v1-clusterrolebinding--storage-system-auth-delegator-b7c5-3109.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/serviceaccount-kubescape-storage-rbac.authorization.k8s.io-v1-role-kube-system-extension-apiserver-authentication-reader-rbac.authorization.k8s.io-v1-rolebinding-kube-system-storage-auth-reader-f139-ecd4.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-cs-matching-rules-c969-b506.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-host-scanner-definition-9d50-1027.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-ks-capabilities-5844-e9b6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-ks-cloud-config-9085-3be8.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-kube-root-ca.crt-bdde-ff9f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-kubescape-cronjob-template-0750-34d7.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-kubescape-scheduler-c5b6-8a76.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-kubevuln-cronjob-template-222e-0fb9.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-kubevuln-scheduler-a935-3990.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-node-agent-6eb9-04c6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-operator-ebe9-220f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-otel-collector-config-33fc-3397.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-registry-scan-cronjob-template-c2ca-48d3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-configmap-kubescape-synchronizer-71e1-98e2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-endpoints-kubescape-gateway-f1c4-9760.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-endpoints-kubescape-kubescape-c299-bca3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-endpoints-kubescape-kubevuln-eb33-f757.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-endpoints-kubescape-operator-d237-22dd.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-endpoints-kubescape-storage-d7c0-e47f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-namespace--default-3dfc-c855.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-namespace--kube-public-0e5b-249b.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-namespace--kube-system-96db-ec72.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-namespace--kubescape-bbd4-d0fc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-namespace--local-path-storage-070c-5c90.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-node--kind-control-plane-1b76-118c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-persistentvolume--pvc-7843aae9-7eaf-407a-8e7e-ea8760e76e6e-18fb-98c1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-persistentvolumeclaim-kubescape-storage-535e-bce5.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-secret-kubescape-cloud-secret-24b7-22bc.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-secret-kubescape-sh.helm.release.v1.kubescape.v1-5486-de9e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-service-kubescape-gateway-02f7-941a.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-service-kubescape-kubescape-5bbd-0cd1.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-service-kubescape-kubevuln-2c6d-af06.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-service-kubescape-operator-768a-8272.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-service-kubescape-otel-collector-1c6b-e19d.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-service-kubescape-storage-aac3-3752.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-serviceaccount-kubescape-default-6bba-956e.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-serviceaccount-kubescape-kollector-e622-e033.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-serviceaccount-kubescape-kubescape-0647-414f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-serviceaccount-kubescape-kubevuln-a8fa-1a4f.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-serviceaccount-kubescape-node-agent-c41a-2645.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-serviceaccount-kubescape-operator-9193-7cf2.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-serviceaccount-kubescape-storage-623f-8bc3.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/kubescape/v1-serviceaccount-kubescape-synchronizer-b366-d9b6.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/local-path-storage/apps-v1-deployment-local-path-storage-local-path-provisioner-9358-b354.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/local-path-storage/v1-configmap-local-path-storage-kube-root-ca.crt-4621-4869.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/local-path-storage/v1-configmap-local-path-storage-local-path-config-9210-2367.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/local-path-storage/v1-serviceaccount-local-path-storage-default-21d1-428c.m",
+  "/data/spdx.softwarecomposition.kubescape.io/workloadconfigurationscansummaries/local-path-storage/v1-serviceaccount-local-path-storage-local-path-provisioner-service-account-79fd-9197.m"
+]
diff --git a/pkg/cleanup/utils.go b/pkg/cleanup/utils.go
index ce895caba..a309bb5a6 100644
--- a/pkg/cleanup/utils.go
+++ b/pkg/cleanup/utils.go
@@ -2,6 +2,7 @@ package cleanup
 
 import (
 	"bytes"
+	"context"
 	"encoding/gob"
 	"encoding/json"
 	"errors"
@@ -9,10 +10,13 @@ import (
 	"path/filepath"
 	"strings"
 
+	"github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
 	"github.com/kubescape/storage/pkg/registry/file"
+	"github.com/olvrng/ujson"
 	"github.com/spf13/afero"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/discovery"
-
 	"k8s.io/client-go/dynamic"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
@@ -56,6 +60,50 @@ func getConfig() (*rest.Config, error) {
 	return nil, errors.New("unable to find config")
 }
 
+func loadMetadata(metadataJSON []byte) (*metav1.ObjectMeta, error) {
+	data := metav1.ObjectMeta{
+		Annotations: map[string]string{},
+		Labels:      map[string]string{},
+	}
+
+	if len(metadataJSON) == 0 {
+		// empty string
+		return nil, nil
+	}
+
+	// ujson parsing
+	var parent string
+	err := ujson.Walk(metadataJSON, func(level int, key, value []byte) bool {
+		switch level {
+		case 1:
+			// read name
+			if bytes.EqualFold(key, []byte(`"name"`)) {
+				data.Name = unquote(value)
+			}
+			// read namespace
+			if bytes.EqualFold(key, []byte(`"namespace"`)) {
+				data.Namespace = unquote(value)
+			}
+			// record parent for level 3
+			parent = unquote(key)
+		case 2:
+			// read annotations
+			if parent == "annotations" {
+				data.Annotations[unquote(key)] = unquote(value)
+			}
+			// read labels
+			if parent == "labels" {
+				data.Labels[unquote(key)] = unquote(value)
+			}
+		}
+		return true
+	})
+	if err != nil {
+		return nil, errors.New("failed to parse metadata")
+	}
+	return &data, nil
+}
+
 func migrateToGob[T any](appFs afero.Fs, path string) error {
 	// open json file
 	jsonFile, err := appFs.Open(path)
@@ -93,6 +141,41 @@ func moveToGobBeforeDeletion(appFs afero.Fs, path string) error {
 	return appFs.Rename(path, path[:len(path)-len(file.JsonExt)]+file.GobExt)
 }
 
+func (h *ResourcesCleanupHandler) readMetadata(payloadFilePath string) (*metav1.ObjectMeta, error) {
+	conn, err := h.pool.Take(context.Background())
+	if err != nil {
+		logger.L().Error("failed to take connection", helpers.Error(err))
+		return nil, fmt.Errorf("failed to take connection: %w", err)
+	}
+	defer h.pool.Put(conn)
+	key := payloadFilePath[len(file.DefaultStorageRoot) : len(payloadFilePath)-len(file.GobExt)]
+	metadataJSON, err := file.ReadMetadata(conn, key)
+	if err == nil {
+		metadata, err := loadMetadata(metadataJSON)
+		if err == nil {
+			return metadata, nil
+		}
+	}
+	// end of happy path - migration starts here
+	// try to find old metadata file
+	metadataFilePath := payloadFilePath[:len(payloadFilePath)-len(file.GobExt)] + file.MetadataExt
+	metadataJSON, err = afero.ReadFile(h.appFs, metadataFilePath)
+	if err != nil {
+		// no metadata in SQLite nor on disk, delete payload file
+		h.deleteFunc(h.appFs, payloadFilePath)
+		return nil, fmt.Errorf("failed to read metadata file: %w", err)
+	}
+	// write to SQLite
+	err = file.WriteJSON(conn, key, metadataJSON)
+	if err != nil {
+		return nil, fmt.Errorf("failed to migrate metadata to SQLite: %w", err)
+	}
+	// delete old metadata file
+	h.deleteFunc(h.appFs, metadataFilePath)
+	// load metadata
+	return loadMetadata(metadataJSON)
+}
+
 func wlidWithoutClusterName(wlid string) string {
 	parts := strings.Split(wlid, "://")
 	if len(parts) != 2 {
@@ -107,3 +190,11 @@ func wlidWithoutClusterName(wlid string) string {
 	}
 	return parts[1]
 }
+
+func unquote(value []byte) string {
+	buf, err := ujson.Unquote(value)
+	if err != nil {
+		return string(value)
+	}
+	return string(buf)
+}
diff --git a/pkg/cmd/server/start.go b/pkg/cmd/server/start.go
index 31f57caff..b8144e4b7 100644
--- a/pkg/cmd/server/start.go
+++ b/pkg/cmd/server/start.go
@@ -34,6 +34,7 @@ import (
 	clientset "github.com/kubescape/storage/pkg/generated/clientset/versioned"
 	informers "github.com/kubescape/storage/pkg/generated/informers/externalversions"
 	sampleopenapi "github.com/kubescape/storage/pkg/generated/openapi"
+	"github.com/spf13/afero"
 	"github.com/spf13/cobra"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	"k8s.io/apiserver/pkg/admission"
@@ -42,6 +43,7 @@ import (
 	genericoptions "k8s.io/apiserver/pkg/server/options"
 	utilfeature "k8s.io/apiserver/pkg/util/feature"
 	netutils "k8s.io/utils/net"
+	"zombiezen.com/go/sqlite/sqlitemigration"
 )
 
 const (
@@ -58,10 +60,13 @@ type WardleServerOptions struct {
 	StdErr                io.Writer
 
 	AlternateDNS []string
+
+	OsFs afero.Fs
+	Pool *sqlitemigration.Pool
 }
 
 // NewWardleServerOptions returns a new WardleServerOptions
-func NewWardleServerOptions(out, errOut io.Writer) *WardleServerOptions {
+func NewWardleServerOptions(out, errOut io.Writer, osFs afero.Fs, pool *sqlitemigration.Pool) *WardleServerOptions {
 	o := &WardleServerOptions{
 		RecommendedOptions: genericoptions.NewRecommendedOptions(
 			defaultEtcdPathPrefix,
@@ -70,6 +75,9 @@ func NewWardleServerOptions(out, errOut io.Writer) *WardleServerOptions {
 
 		StdOut: out,
 		StdErr: errOut,
+
+		OsFs: osFs,
+		Pool: pool,
 	}
 	o.RecommendedOptions.Etcd = nil
 
@@ -209,7 +217,10 @@ func (o *WardleServerOptions) Config() (*apiserver.Config, error) {
 
 	config := &apiserver.Config{
 		GenericConfig: serverConfig,
-		ExtraConfig:   apiserver.ExtraConfig{},
+		ExtraConfig: apiserver.ExtraConfig{
+			OsFs: o.OsFs,
+			Pool: o.Pool,
+		},
 	}
 	return config, nil
 }
diff --git a/pkg/registry/file/configurationscansummarystorage_test.go b/pkg/registry/file/configurationscansummarystorage_test.go
index 1ea18cc1a..4f0a0d370 100644
--- a/pkg/registry/file/configurationscansummarystorage_test.go
+++ b/pkg/registry/file/configurationscansummarystorage_test.go
@@ -8,13 +8,15 @@ import (
 	"github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1"
 	"github.com/spf13/afero"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apiserver/pkg/storage"
+	"zombiezen.com/go/sqlite/sqlitemigration"
 )
 
 func TestConfigurationScanSummaryStorage_Count(t *testing.T) {
-	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "")
+	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "", nil)
 	configScanSummaryStorage := NewConfigurationScanSummaryStorage(storageImpl)
 
 	count, err := configScanSummaryStorage.Count("random")
@@ -27,7 +29,7 @@ func TestConfigurationScanSummaryStorage_Count(t *testing.T) {
 }
 
 func TestConfigurationScanSummaryStorage_Create(t *testing.T) {
-	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "")
+	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "", nil)
 	configScanSummaryStorage := NewConfigurationScanSummaryStorage(storageImpl)
 
 	err := configScanSummaryStorage.Create(context.TODO(), "", nil, nil, 0)
@@ -38,7 +40,7 @@ func TestConfigurationScanSummaryStorage_Create(t *testing.T) {
 }
 
 func TestConfigurationScanSummaryStorage_Delete(t *testing.T) {
-	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "")
+	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "", nil)
 	configScanSummaryStorage := NewConfigurationScanSummaryStorage(storageImpl)
 
 	err := configScanSummaryStorage.Delete(context.TODO(), "", nil, nil, nil, nil)
@@ -49,7 +51,7 @@ func TestConfigurationScanSummaryStorage_Delete(t *testing.T) {
 }
 
 func TestConfigurationScanSummaryStorage_Watch(t *testing.T) {
-	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "")
+	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "", nil)
 	configScanSummaryStorage := NewConfigurationScanSummaryStorage(storageImpl)
 
 	_, err := configScanSummaryStorage.Watch(context.TODO(), "", storage.ListOptions{})
@@ -60,7 +62,7 @@ func TestConfigurationScanSummaryStorage_Watch(t *testing.T) {
 }
 
 func TestConfigurationScanSummaryStorage_GuaranteedUpdate(t *testing.T) {
-	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "")
+	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "", nil)
 	configScanSummaryStorage := NewConfigurationScanSummaryStorage(storageImpl)
 
 	err := configScanSummaryStorage.GuaranteedUpdate(context.TODO(), "", nil, false, nil, nil, nil)
@@ -107,7 +109,12 @@ func TestConfigurationScanSummaryStorage_Get(t *testing.T) {
 		},
 	}
 
-	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/")
+	pool := NewTestPool(t.TempDir())
+	require.NotNil(t, pool)
+	defer func(pool *sqlitemigration.Pool) {
+		_ = pool.Close()
+	}(pool)
+	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/", pool)
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -173,7 +180,12 @@ func TestConfigurationScanSummaryStorage_GetList(t *testing.T) {
 		},
 	}
 
-	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/")
+	pool := NewTestPool(t.TempDir())
+	require.NotNil(t, pool)
+	defer func(pool *sqlitemigration.Pool) {
+		_ = pool.Close()
+	}(pool)
+	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/", pool)
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
diff --git a/pkg/registry/file/generatednetworkpolicy_test.go b/pkg/registry/file/generatednetworkpolicy_test.go
index 6e88abad2..97cfaf049 100644
--- a/pkg/registry/file/generatednetworkpolicy_test.go
+++ b/pkg/registry/file/generatednetworkpolicy_test.go
@@ -5,6 +5,8 @@ import (
 	"testing"
 
 	helpersv1 "github.com/kubescape/k8s-interface/instanceidhandler/v1/helpers"
+	"github.com/stretchr/testify/require"
+	"zombiezen.com/go/sqlite/sqlitemigration"
 
 	"github.com/kubescape/storage/pkg/apis/softwarecomposition"
 	"github.com/spf13/afero"
@@ -134,7 +136,12 @@ func TestGeneratedNetworkPolicyStorage_Get(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			realStorage := NewStorageImpl(afero.NewMemMapFs(), "/")
+			pool := NewTestPool(t.TempDir())
+			require.NotNil(t, pool)
+			defer func(pool *sqlitemigration.Pool) {
+				_ = pool.Close()
+			}(pool)
+			realStorage := NewStorageImpl(afero.NewMemMapFs(), "/", pool)
 			generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(realStorage)
 
 			if tt.create {
@@ -177,7 +184,7 @@ func TestGeneratedNetworkPolicyStorage_Get(t *testing.T) {
 }
 
 func TestGeneratedNetworkPolicyStorage_Count(t *testing.T) {
-	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "")
+	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "", nil)
 	generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(storageImpl)
 
 	count, err := generatedNetworkPolicyStorage.Count("random")
@@ -190,7 +197,7 @@ func TestGeneratedNetworkPolicyStorage_Count(t *testing.T) {
 }
 
 func TestGeneratedNetworkPolicyStorage_Create(t *testing.T) {
-	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "")
+	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "", nil)
 	generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(storageImpl)
 
 	err := generatedNetworkPolicyStorage.Create(context.TODO(), "", nil, nil, 0)
@@ -201,7 +208,7 @@ func TestGeneratedNetworkPolicyStorage_Create(t *testing.T) {
 }
 
 func TestGeneratedNetworkPolicyStorage_Delete(t *testing.T) {
-	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "")
+	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "", nil)
 	generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(storageImpl)
 
 	err := generatedNetworkPolicyStorage.Delete(context.TODO(), "", nil, nil, nil, nil)
@@ -212,7 +219,7 @@ func TestGeneratedNetworkPolicyStorage_Delete(t *testing.T) {
 }
 
 func TestGeneratedNetworkPolicyStorage_Watch(t *testing.T) {
-	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "")
+	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "", nil)
 	generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(storageImpl)
 
 	_, err := generatedNetworkPolicyStorage.Watch(context.TODO(), "", storage.ListOptions{})
@@ -223,7 +230,7 @@ func TestGeneratedNetworkPolicyStorage_Watch(t *testing.T) {
 }
 
 func TestGeneratedNetworkPolicyStorage_GuaranteedUpdate(t *testing.T) {
-	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "")
+	storageImpl := NewStorageImpl(afero.NewMemMapFs(), "", nil)
 	generatedNetworkPolicyStorage := NewGeneratedNetworkPolicyStorage(storageImpl)
 
 	err := generatedNetworkPolicyStorage.GuaranteedUpdate(context.TODO(), "", nil, false, nil, nil, nil)
diff --git a/pkg/registry/file/sqlite.go b/pkg/registry/file/sqlite.go
new file mode 100644
index 000000000..8676b904d
--- /dev/null
+++ b/pkg/registry/file/sqlite.go
@@ -0,0 +1,133 @@
+package file
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"path/filepath"
+
+	"k8s.io/apimachinery/pkg/runtime"
+	"zombiezen.com/go/sqlite"
+	"zombiezen.com/go/sqlite/sqlitemigration"
+	"zombiezen.com/go/sqlite/sqlitex"
+)
+
+// NewPool creates a new SQLite connection pool at the given path.
+// It returns an error if the connection cannot be opened or the database cannot be initialized.
+// It is your responsibility to call conn.Close() when you no longer need conn.
+func NewPool(path string, size int) *sqlitemigration.Pool {
+	return sqlitemigration.NewPool(path,
+		sqlitemigration.Schema{
+			Migrations: []string{
+				"CREATE TABLE IF NOT EXISTS metadata (key TEXT PRIMARY KEY, metadata JSON);",
+			},
+		},
+		sqlitemigration.Options{
+			PoolSize: size,
+		})
+}
+
+// NewTestPool creates a new temporary SQLite connection (for testing only).
+func NewTestPool(dir string) *sqlitemigration.Pool {
+	return NewPool(filepath.Join(dir, "test.sq3"), 0)
+}
+
+func countMetadata(conn *sqlite.Conn, key string) (int64, error) {
+	var count int64
+	err := sqlitex.Execute(conn,
+		"SELECT COUNT(*) FROM metadata WHERE key LIKE ?",
+		&sqlitex.ExecOptions{
+			Args: []any{key + "/%"},
+			ResultFunc: func(stmt *sqlite.Stmt) error {
+				count = stmt.ColumnInt64(0)
+				return nil
+			},
+		})
+	if err != nil {
+		return 0, fmt.Errorf("count metadata: %w", err)
+	}
+	return count, nil
+}
+
+func deleteMetadata(conn *sqlite.Conn, key string, metadata runtime.Object) error {
+	err := sqlitex.ExecuteTransient(conn,
+		"DELETE FROM metadata WHERE key = ? RETURNING metadata",
+		&sqlitex.ExecOptions{
+			Args: []any{key + "/"},
+			ResultFunc: func(stmt *sqlite.Stmt) error {
+				metadataJSON := stmt.ColumnText(0)
+				if metadata == nil {
+					return nil
+				}
+				return json.Unmarshal([]byte(metadataJSON), metadata)
+			},
+		})
+	if err != nil {
+		return fmt.Errorf("delete metadata: %w", err)
+	}
+	return nil
+}
+
+func listMetadata(conn *sqlite.Conn, key, cont string, limit int64) ([]string, string, error) {
+	var last string
+	var metadataJSONs []string
+	err := sqlitex.Execute(conn,
+		`SELECT key, metadata FROM metadata
+                WHERE key LIKE ?
+                 AND key > ?
+                ORDER BY key
+                LIMIT ?`,
+		&sqlitex.ExecOptions{
+			Args: []any{key + "/%", cont, limit},
+			ResultFunc: func(stmt *sqlite.Stmt) error {
+				last = stmt.ColumnText(0)
+				metadataJSON := stmt.ColumnText(1)
+				metadataJSONs = append(metadataJSONs, metadataJSON)
+				return nil
+			},
+		})
+	if err != nil {
+		return nil, "", fmt.Errorf("list metadata: %w", err)
+	}
+	return metadataJSONs, last, nil
+}
+
+func ReadMetadata(conn *sqlite.Conn, key string) ([]byte, error) {
+	var metadataJSON string
+	err := sqlitex.Execute(conn,
+		"SELECT metadata FROM metadata WHERE key = ?",
+		&sqlitex.ExecOptions{
+			Args: []any{key + "/"},
+			ResultFunc: func(stmt *sqlite.Stmt) error {
+				metadataJSON = stmt.ColumnText(0)
+				return nil
+			},
+		})
+	if err != nil {
+		return nil, fmt.Errorf("read metadata: %w", err)
+	}
+	if len(metadataJSON) == 0 {
+		return nil, errors.New("metadata not found")
+	}
+	return []byte(metadataJSON), nil
+}
+
+func writeMetadata(conn *sqlite.Conn, key string, metadata runtime.Object) error {
+	metadataJSON, err := json.Marshal(metadata)
+	if err != nil {
+		return fmt.Errorf("failed to marshal metadata: %w", err)
+	}
+	return WriteJSON(conn, key, metadataJSON)
+}
+
+func WriteJSON(conn *sqlite.Conn, key string, metadataJSON []byte) error {
+	err := sqlitex.ExecuteTransient(conn,
+		"INSERT OR REPLACE INTO metadata (key, metadata) VALUES (?, ?)",
+		&sqlitex.ExecOptions{
+			Args: []any{key + "/", metadataJSON},
+		})
+	if err != nil {
+		return fmt.Errorf("insert metadata: %w", err)
+	}
+	return nil
+}
diff --git a/pkg/registry/file/sqlite_test.go b/pkg/registry/file/sqlite_test.go
new file mode 100644
index 000000000..d426af458
--- /dev/null
+++ b/pkg/registry/file/sqlite_test.go
@@ -0,0 +1,65 @@
+package file
+
+import (
+	"context"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+	v1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"zombiezen.com/go/sqlite/sqlitemigration"
+)
+
+func TestMemoryConn(t *testing.T) {
+	pod := v1.Pod{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: "name",
+		},
+	}
+	// Prepare pool and connection
+	pool := NewTestPool(t.TempDir())
+	require.NotNil(t, pool)
+	defer func(pool *sqlitemigration.Pool) {
+		_ = pool.Close()
+	}(pool)
+	conn, err := pool.Take(context.TODO())
+	require.NoError(t, err)
+	// Test write
+	assert.NoError(t, writeMetadata(conn, "pods/default/pod1", &pod))
+	assert.NoError(t, writeMetadata(conn, "pods/default/pod2", &pod))
+	assert.NoError(t, writeMetadata(conn, "pods/default/pod3", &pod))
+	// Test count
+	count, err := countMetadata(conn, "pods/default")
+	assert.NoError(t, err)
+	assert.Equal(t, int64(3), count)
+	// Test list
+	list, last, err := listMetadata(conn, "pods/default", "", int64(500))
+	assert.NoError(t, err)
+	assert.Len(t, list, 3)
+	expected := []string{
+		"{\"metadata\":{\"name\":\"name\",\"creationTimestamp\":null},\"spec\":{\"containers\":null},\"status\":{}}",
+		"{\"metadata\":{\"name\":\"name\",\"creationTimestamp\":null},\"spec\":{\"containers\":null},\"status\":{}}",
+		"{\"metadata\":{\"name\":\"name\",\"creationTimestamp\":null},\"spec\":{\"containers\":null},\"status\":{}}",
+	}
+	assert.Equal(t, expected, list)
+	assert.Equal(t, "pods/default/pod3/", last)
+	// Test list with limit
+	list, last, err = listMetadata(conn, "pods/default", "", int64(2))
+	assert.NoError(t, err)
+	assert.Len(t, list, 2)
+	assert.Equal(t, "pods/default/pod2/", last)
+	// Test list with last
+	list, last, err = listMetadata(conn, "pods/default", last, int64(500))
+	assert.NoError(t, err)
+	assert.Len(t, list, 1)
+	assert.Equal(t, "pods/default/pod3/", last)
+	// Test delete returning value
+	p := &v1.Pod{}
+	assert.NoError(t, deleteMetadata(conn, "pods/default/pod1", p))
+	assert.NotNil(t, p)
+	assert.Equal(t, "name", pod.Name)
+	// Tear down
+	pool.Put(conn)
+	assert.NoError(t, pool.Close())
+}
diff --git a/pkg/registry/file/storage.go b/pkg/registry/file/storage.go
index e6d55db40..b1c924c1f 100644
--- a/pkg/registry/file/storage.go
+++ b/pkg/registry/file/storage.go
@@ -27,6 +27,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/apiserver/pkg/storage"
+	"zombiezen.com/go/sqlite/sqlitemigration"
 )
 
 const (
@@ -53,6 +54,7 @@ type objState struct {
 // hides all the storage-related operations behind it.
 type StorageImpl struct {
 	appFs           afero.Fs
+	pool            *sqlitemigration.Pool
 	locks           utils.MapMutex[string]
 	processor       Processor
 	root            string
@@ -71,13 +73,14 @@ var _ storage.Interface = &StorageImpl{}
 
 var _ StorageQuerier = &StorageImpl{}
 
-func NewStorageImpl(appFs afero.Fs, root string) StorageQuerier {
-	return NewStorageImplWithCollector(appFs, root, DefaultProcessor{})
+func NewStorageImpl(appFs afero.Fs, root string, pool *sqlitemigration.Pool) StorageQuerier {
+	return NewStorageImplWithCollector(appFs, root, pool, DefaultProcessor{})
 }
 
-func NewStorageImplWithCollector(appFs afero.Fs, root string, processor Processor) StorageQuerier {
+func NewStorageImplWithCollector(appFs afero.Fs, root string, conn *sqlitemigration.Pool, processor Processor) StorageQuerier {
 	return &StorageImpl{
 		appFs:           appFs,
+		pool:            conn,
 		locks:           utils.NewMapMutex[string](),
 		processor:       processor,
 		root:            root,
@@ -107,19 +110,9 @@ func makePayloadPath(path string) string {
 	return path + GobExt
 }
 
-// makeMetadataPath returns a path for the metadata file
-func makeMetadataPath(path string) string {
-	return path + MetadataExt
-}
-
-// IsMetadataFile returns true if a given file at `path` is an object metadata file, else false
-func IsMetadataFile(path string) bool {
-	return strings.HasSuffix(path, MetadataExt)
-}
-
-// isPayloadFile returns true if a given file at `path` is an object payload file, else false
-func isPayloadFile(path string) bool {
-	return !IsMetadataFile(path)
+// IsPayloadFile returns true if a given file at `path` is an object payload file, else false
+func IsPayloadFile(path string) bool {
+	return strings.HasSuffix(path, GobExt)
 }
 
 func (s *StorageImpl) keyFromPath(path string) string {
@@ -154,14 +147,6 @@ func (s *StorageImpl) writeFiles(key string, obj runtime.Object, metaOut runtime
 		_ = directIOWriter.Close()
 		_ = payloadFile.Close()
 	}()
-	// prepare metadata file
-	metadataFile, err := s.appFs.OpenFile(makeMetadataPath(p), os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0644)
-	if err != nil {
-		return fmt.Errorf("open metadata file: %w", err)
-	}
-	defer func() {
-		_ = metadataFile.Close()
-	}()
 	// write payload
 	payloadEncoder := gob.NewEncoder(directIOWriter)
 	if err := payloadEncoder.Encode(obj); err != nil {
@@ -169,10 +154,14 @@ func (s *StorageImpl) writeFiles(key string, obj runtime.Object, metaOut runtime
 	}
 	// extract metadata
 	metadata := extractMetadata(obj)
-	// write metadata
-	metadataEncoder := json.NewEncoder(metadataFile)
-	if err := metadataEncoder.Encode(metadata); err != nil {
-		return fmt.Errorf("encode metadata: %w", err)
+	// store metadata in SQLite
+	conn, err := s.pool.Take(context.Background())
+	if err != nil {
+		return fmt.Errorf("take connection: %w", err)
+	}
+	defer s.pool.Put(conn)
+	if err := writeMetadata(conn, key, metadata); err != nil {
+		return fmt.Errorf("write metadata: %w", err)
 	}
 	// eventually fill metaOut
 	if metaOut != nil {
@@ -232,34 +221,19 @@ func (s *StorageImpl) Delete(ctx context.Context, key string, metaOut runtime.Ob
 	defer s.locks.Unlock(key)
 	spanLock.End()
 	p := filepath.Join(s.root, key)
-	// read metadata file
-	metadataFile, err := s.appFs.Open(makeMetadataPath(p))
+	// delete metadata in SQLite
+	conn, err := s.pool.Take(context.Background())
 	if err != nil {
-		if errors.Is(err, afero.ErrFileNotFound) {
-			return storage.NewKeyNotFoundError(key, 0)
-		}
-		logger.L().Ctx(ctx).Error("Delete - read file failed", helpers.Error(err), helpers.String("key", key))
-		return err
+		return fmt.Errorf("take connection: %w", err)
 	}
-	defer func() {
-		_ = metadataFile.Close()
-	}()
-	// try to fill metaOut
-	decoder := json.NewDecoder(metadataFile)
-	err = decoder.Decode(metaOut)
-	if err != nil {
-		logger.L().Ctx(ctx).Error("Delete - json unmarshal failed", helpers.Error(err), helpers.String("key", key))
-		return err
+	defer s.pool.Put(conn)
+	if err := deleteMetadata(conn, key, metaOut); err != nil {
+		logger.L().Ctx(ctx).Error("Delete - delete metadata failed", helpers.Error(err), helpers.String("key", key))
 	}
-	// delete payload and metadata files
-	err = s.appFs.Remove(makePayloadPath(p))
-	if err != nil {
+	// delete payload file
+	if err := s.appFs.Remove(makePayloadPath(p)); err != nil {
 		logger.L().Ctx(ctx).Error("Delete - remove json file failed", helpers.Error(err), helpers.String("key", key))
 	}
-	err = s.appFs.Remove(makeMetadataPath(p))
-	if err != nil {
-		logger.L().Ctx(ctx).Error("Delete - remove metadata file failed", helpers.Error(err), helpers.String("key", key))
-	}
 	// publish event to watchers
 	s.watchDispatcher.Deleted(key, metaOut)
 	return nil
@@ -320,8 +294,13 @@ func (s *StorageImpl) get(ctx context.Context, key string, opts storage.GetOptio
 	err = decoder.Decode(objPtr)
 	if err != nil {
 		if errors.Is(err, io.ErrUnexpectedEOF) || errors.Is(err, io.EOF) {
-			// irrecoverable error, delete both files
-			_ = s.appFs.Remove(makeMetadataPath(p))
+			// irrecoverable error, delete corresponding data
+			conn, err := s.pool.Take(context.Background())
+			if err != nil {
+				return fmt.Errorf("take connection: %w", err)
+			}
+			defer s.pool.Put(conn)
+			_ = deleteMetadata(conn, key, nil)
 			_ = s.appFs.Remove(makePayloadPath(p))
 			logger.L().Debug("Get - gob unexpected EOF, removed files", helpers.String("key", key))
 			if opts.IgnoreNotFound {
@@ -343,7 +322,7 @@ func (s *StorageImpl) get(ctx context.Context, key string, opts storage.GetOptio
 // The returned contents may be delayed, but it is guaranteed that they will
 // match 'opts.ResourceVersion' according 'opts.ResourceVersionMatch'.
 // GetList only returns metadata for the objects, not the objects themselves.
-func (s *StorageImpl) GetList(ctx context.Context, key string, _ storage.ListOptions, listObj runtime.Object) error {
+func (s *StorageImpl) GetList(ctx context.Context, key string, opts storage.ListOptions, listObj runtime.Object) error {
 	ctx, span := otel.Tracer("").Start(ctx, "StorageImpl.GetList")
 	span.SetAttributes(attribute.String("key", key))
 	defer span.End()
@@ -357,46 +336,55 @@ func (s *StorageImpl) GetList(ctx context.Context, key string, _ storage.ListOpt
 		logger.L().Ctx(ctx).Error("GetList - need ptr to slice", helpers.Error(err), helpers.String("key", key))
 		return fmt.Errorf("need ptr to slice: %v", err)
 	}
-
-	p := filepath.Join(s.root, key)
-	var metadataFiles []string
-
-	metadataPath := makeMetadataPath(p)
-	if exists, _ := afero.Exists(s.appFs, metadataPath); exists {
-		// key refers to one object
-		metadataFiles = append(metadataFiles, metadataPath)
-	} else {
-		_ = afero.Walk(s.appFs, p, func(path string, info os.FileInfo, err error) error {
-			if err != nil {
-				return err
-			}
-			if !info.IsDir() && IsMetadataFile(path) {
-				metadataFiles = append(metadataFiles, path)
-			}
-			return nil
-		})
+	// get metadata from SQLite
+	conn, err := s.pool.Take(context.Background())
+	if err != nil {
+		return fmt.Errorf("take connection: %w", err)
 	}
-	for _, metadataFile := range metadataFiles {
-		if err := s.appendJsonObjectFromFile(metadataFile, v); err != nil {
-			logger.L().Ctx(ctx).Error("GetList - appending JSON object from file failed", helpers.Error(err), helpers.String("path", metadataFile))
+	defer s.pool.Put(conn)
+	metadataJSONs, last, err := listMetadata(conn, key, opts.Predicate.Continue, opts.Predicate.Limit)
+	if err != nil {
+		logger.L().Ctx(ctx).Error("GetList - list metadata failed", helpers.Error(err), helpers.String("key", key))
+	}
+	// populate list object
+	for _, metadataJSON := range metadataJSONs {
+		elem := v.Type().Elem()
+		obj := reflect.New(elem).Interface().(runtime.Object)
+		if err := json.Unmarshal([]byte(metadataJSON), obj); err != nil {
+			logger.L().Ctx(ctx).Error("GetList - unmarshal metadata failed", helpers.Error(err), helpers.String("key", key))
 		}
+		v.Set(reflect.Append(v, reflect.ValueOf(obj).Elem()))
+	}
+	// eventually set list accessor fields
+	if len(metadataJSONs) == int(opts.Predicate.Limit) {
+		listAccessor, err := meta.ListAccessor(listObj)
+		if err != nil {
+			return fmt.Errorf("list accessor: %w", err)
+		}
+		listAccessor.SetContinue(last)
+		//if rsp.RemainingItemCount > 0 {
+		//listAccessor.SetRemainingItemCount(&rsp.RemainingItemCount)
+		//}
+		//if rsp.ResourceVersion > 0 {
+		//listAccessor.SetResourceVersion(strconv.FormatInt(rsp.ResourceVersion, 10))
+		//}
 	}
 	return nil
 }
 
-// GetListWithSpec is the same as GetList, but it returns the full objects instead of just the metadata.
-func (s *StorageImpl) GetListWithSpec(ctx context.Context, key string, _ storage.ListOptions, listObj runtime.Object) error {
-	ctx, span := otel.Tracer("").Start(ctx, "StorageImpl.GetListWithSpec")
+// getListWithSpec is the same as GetList, but it returns the full objects instead of just the metadata.
+func (s *StorageImpl) getListWithSpec(ctx context.Context, key string, _ storage.ListOptions, listObj runtime.Object) error {
+	ctx, span := otel.Tracer("").Start(ctx, "StorageImpl.getListWithSpec")
 	span.SetAttributes(attribute.String("key", key))
 	defer span.End()
 	listPtr, err := meta.GetItemsPtr(listObj)
 	if err != nil {
-		logger.L().Ctx(ctx).Error("GetListWithSpec - get items ptr failed", helpers.Error(err), helpers.String("key", key))
+		logger.L().Ctx(ctx).Error("getListWithSpec - get items ptr failed", helpers.Error(err), helpers.String("key", key))
 		return err
 	}
 	v, err := conversion.EnforcePtr(listPtr)
 	if err != nil || v.Kind() != reflect.Slice {
-		logger.L().Ctx(ctx).Error("GetListWithSpec - need ptr to slice", helpers.Error(err), helpers.String("key", key))
+		logger.L().Ctx(ctx).Error("getListWithSpec - need ptr to slice", helpers.Error(err), helpers.String("key", key))
 		return fmt.Errorf("need ptr to slice: %v", err)
 	}
 
@@ -412,7 +400,7 @@ func (s *StorageImpl) GetListWithSpec(ctx context.Context, key string, _ storage
 			if err != nil {
 				return err
 			}
-			if !info.IsDir() && isPayloadFile(path) {
+			if !info.IsDir() && IsPayloadFile(path) {
 				payloadFiles = append(payloadFiles, path)
 			}
 			return nil
@@ -420,7 +408,7 @@ func (s *StorageImpl) GetListWithSpec(ctx context.Context, key string, _ storage
 	}
 	for _, payloadFile := range payloadFiles {
 		if err := s.appendGobObjectFromFile(payloadFile, v); err != nil {
-			logger.L().Ctx(ctx).Error("GetListWithSpec - appending Gob object from file failed", helpers.Error(err), helpers.String("path", payloadFile))
+			logger.L().Ctx(ctx).Error("getListWithSpec - appending Gob object from file failed", helpers.Error(err), helpers.String("path", payloadFile))
 		}
 	}
 	return nil
@@ -626,27 +614,12 @@ func (s *StorageImpl) GuaranteedUpdate(
 // Count returns number of different entries under the key (generally being path prefix).
 func (s *StorageImpl) Count(key string) (int64, error) {
 	logger.L().Debug("Custom storage count", helpers.String("key", key))
-	p := filepath.Join(s.root, key)
-	metadataPath := makeMetadataPath(p)
-
-	pathExists, _ := afero.Exists(s.appFs, metadataPath)
-	pathIsDir, _ := afero.IsDir(s.appFs, metadataPath)
-	if pathExists && !pathIsDir {
-		return 1, nil
+	conn, err := s.pool.Take(context.Background())
+	if err != nil {
+		return 0, fmt.Errorf("take connection: %w", err)
 	}
-
-	n := 0
-	err := afero.Walk(s.appFs, p, func(path string, info os.FileInfo, err error) error {
-		if err != nil {
-			return err
-		}
-		// Only payload files should count towards found objects
-		if !info.IsDir() && isPayloadFile(path) {
-			n++
-		}
-		return nil
-	})
-	return int64(n), err
+	defer s.pool.Put(conn)
+	return countMetadata(conn, key)
 }
 
 // RequestWatchProgress fulfills the storage.Interface
@@ -664,7 +637,7 @@ func (s *StorageImpl) GetByNamespace(ctx context.Context, apiVersion, kind, name
 
 	p := filepath.Join(apiVersion, kind, namespace)
 
-	return s.GetListWithSpec(ctx, p, storage.ListOptions{}, listObj)
+	return s.getListWithSpec(ctx, p, storage.ListOptions{}, listObj)
 }
 
 // GetByCluster returns all objects in a given cluster, given their api version and kind.
@@ -674,7 +647,7 @@ func (s *StorageImpl) GetByCluster(ctx context.Context, apiVersion, kind string,
 
 	p := filepath.Join(apiVersion, kind)
 
-	return s.GetListWithSpec(ctx, p, storage.ListOptions{}, listObj)
+	return s.getListWithSpec(ctx, p, storage.ListOptions{}, listObj)
 }
 
 // appendGobObjectFromFile unmarshalls a Gob file into a runtime.Object and appends it to the underlying list object.
@@ -704,33 +677,6 @@ func (s *StorageImpl) appendGobObjectFromFile(path string, v reflect.Value) erro
 	return nil
 }
 
-// appendJsonObjectFromFile unmarshalls a JSON file into a runtime.Object and appends it to the underlying list object.
-func (s *StorageImpl) appendJsonObjectFromFile(path string, v reflect.Value) error {
-	key := s.keyFromPath(path)
-	s.locks.RLock(key)
-	defer s.locks.RUnlock(key)
-	metadataFile, err := s.appFs.Open(path)
-	if err != nil {
-		// skip if file is not readable, maybe it was deleted
-		return nil
-	}
-	defer func() {
-		_ = metadataFile.Close()
-	}()
-
-	elem := v.Type().Elem()
-	obj := reflect.New(elem).Interface().(runtime.Object)
-
-	decoder := json.NewDecoder(metadataFile)
-	if err := decoder.Decode(obj); err != nil {
-		return err
-	}
-
-	v.Set(reflect.Append(v, reflect.ValueOf(obj).Elem()))
-
-	return nil
-}
-
 func getNamespaceFromKey(key string) string {
 	keySplit := strings.Split(key, "/")
 	if len(keySplit) != 4 {
diff --git a/pkg/registry/file/storage_test.go b/pkg/registry/file/storage_test.go
index c748d1326..6ce6a20e8 100644
--- a/pkg/registry/file/storage_test.go
+++ b/pkg/registry/file/storage_test.go
@@ -4,29 +4,26 @@ import (
 	"bytes"
 	"context"
 	"encoding/gob"
-	"encoding/json"
 	"fmt"
 	"testing"
 
 	"github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1"
 	"github.com/spf13/afero"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apiserver/pkg/storage"
 	"k8s.io/utils/ptr"
+	"zombiezen.com/go/sqlite/sqlitemigration"
 )
 
 func getStoredPayloadFilepath(root, key string) string {
 	return root + key + GobExt
 }
 
-func getStoredMetadataFilepath(root, key string) string {
-	return root + key + MetadataExt
-}
-
 func TestStorageImpl_Count(t *testing.T) {
-	files := []string{
+	keys := []string{
 		"/other/type/ns/titi",
 		"/spdx.softwarecomposition.kubescape.io/sbomsyftfiltereds/kubescape/titi",
 		"/spdx.softwarecomposition.kubescape.io/sbomsyftfiltereds/other/toto",
@@ -61,20 +58,26 @@ func TestStorageImpl_Count(t *testing.T) {
 		},
 		{
 			name: "from top",
-			key:  "/",
+			key:  "",
 			want: 5,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			fs := afero.NewMemMapFs()
-			_ = fs.Mkdir(DefaultStorageRoot, 0755)
+			pool := NewTestPool(t.TempDir())
+			require.NotNil(t, pool)
+			defer func(pool *sqlitemigration.Pool) {
+				_ = pool.Close()
+			}(pool)
 
-			for _, f := range files {
-				fpath := DefaultStorageRoot + f
-				_ = afero.WriteFile(fs, fpath, []byte(""), 0644)
+			conn, err := pool.Take(context.TODO())
+			require.NoError(t, err)
+			for _, k := range keys {
+				_ = writeMetadata(conn, k, &v1beta1.SBOMSyft{})
 			}
-			s := NewStorageImpl(fs, DefaultStorageRoot)
+			pool.Put(conn)
+
+			s := NewStorageImpl(nil, DefaultStorageRoot, pool)
 			got, err := s.Count(tt.key)
 			if (err != nil) != tt.wantErr {
 				t.Errorf("Count() error = %v, wantErr %v", err, tt.wantErr)
@@ -149,7 +152,12 @@ func TestStorageImpl_Create(t *testing.T) {
 			} else {
 				fs = afero.NewMemMapFs()
 			}
-			s := NewStorageImpl(fs, DefaultStorageRoot)
+			pool := NewTestPool(t.TempDir())
+			require.NotNil(t, pool)
+			defer func(pool *sqlitemigration.Pool) {
+				_ = pool.Close()
+			}(pool)
+			s := NewStorageImpl(fs, DefaultStorageRoot, pool)
 			err := s.Create(context.TODO(), tt.args.key, tt.args.obj, tt.args.out, tt.args.in4)
 			if tt.wantErr {
 				assert.Error(t, err)
@@ -162,19 +170,23 @@ func TestStorageImpl_Create(t *testing.T) {
 				assert.Equal(t, tt.want, tt.args.out)
 			}
 
-			metadataExpectedPath := getStoredMetadataFilepath(DefaultStorageRoot, tt.args.key)
-			mExists, _ := afero.Exists(fs, metadataExpectedPath)
-			assert.Truef(t, mExists, "file %s should exist", metadataExpectedPath)
+			conn, err := pool.Take(context.TODO())
+			require.NoError(t, err)
+			l, _, err := listMetadata(conn, tt.args.key, "", int64(500))
+			assert.NoError(t, err)
+			assert.Len(t, l, 1)
+			pool.Put(conn)
 		})
 	}
 }
 
 func TestStorageImpl_Delete(t *testing.T) {
-	toto, _ := json.Marshal(v1beta1.SBOMSyft{
+	empty := v1beta1.SBOMSyft{}
+	toto := v1beta1.SBOMSyft{
 		ObjectMeta: v1.ObjectMeta{
 			Name: "toto",
 		},
-	})
+	}
 	type args struct {
 		key string
 		out runtime.Object
@@ -185,7 +197,7 @@ func TestStorageImpl_Delete(t *testing.T) {
 	tests := []struct {
 		name    string
 		args    args
-		content string
+		content runtime.Object
 		create  bool
 		wantErr bool
 		want    runtime.Object
@@ -195,16 +207,6 @@ func TestStorageImpl_Delete(t *testing.T) {
 			args: args{
 				key: "/spdx.softwarecomposition.kubescape.io/sbomsyfts/kubescape/toto",
 			},
-			wantErr: true,
-		},
-		{
-			name: "empty string",
-			args: args{
-				key: "/spdx.softwarecomposition.kubescape.io/sbomsyfts/kubescape/toto",
-				out: &v1beta1.SBOMSyft{},
-			},
-			create:  true,
-			wantErr: true,
 		},
 		{
 			name: "empty object",
@@ -212,7 +214,7 @@ func TestStorageImpl_Delete(t *testing.T) {
 				key: "/spdx.softwarecomposition.kubescape.io/sbomsyfts/kubescape/toto",
 				out: &v1beta1.SBOMSyft{},
 			},
-			content: "{}",
+			content: &empty,
 			create:  true,
 			want:    &v1beta1.SBOMSyft{},
 		},
@@ -222,7 +224,7 @@ func TestStorageImpl_Delete(t *testing.T) {
 				key: "/spdx.softwarecomposition.kubescape.io/sbomsyfts/kubescape/toto",
 				out: &v1beta1.SBOMSyft{},
 			},
-			content: string(toto),
+			content: &toto,
 			create:  true,
 			want: &v1beta1.SBOMSyft{
 				ObjectMeta: v1.ObjectMeta{
@@ -234,11 +236,20 @@ func TestStorageImpl_Delete(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			fs := afero.NewMemMapFs()
+			pool := NewTestPool(t.TempDir())
+			require.NotNil(t, pool)
+			defer func(pool *sqlitemigration.Pool) {
+				_ = pool.Close()
+			}(pool)
+
+			conn, err := pool.Take(context.TODO())
+			require.NoError(t, err)
 			if tt.create {
-				fpath := getStoredMetadataFilepath(DefaultStorageRoot, tt.args.key)
-				_ = afero.WriteFile(fs, fpath, []byte(tt.content), 0644)
+				_ = writeMetadata(conn, tt.args.key, tt.content)
 			}
-			s := NewStorageImpl(fs, DefaultStorageRoot)
+			pool.Put(conn)
+
+			s := NewStorageImpl(fs, DefaultStorageRoot, pool)
 			if err := s.Delete(context.TODO(), tt.args.key, tt.args.out, tt.args.in3, tt.args.in4, tt.args.in5); (err != nil) != tt.wantErr {
 				t.Errorf("Delete() error = %v, wantErr %v", err, tt.wantErr)
 			}
@@ -335,7 +346,12 @@ func TestStorageImpl_Get(t *testing.T) {
 				path := getStoredPayloadFilepath(DefaultStorageRoot, tt.args.key)
 				_ = afero.WriteFile(fs, path, []byte(tt.content), 0644)
 			}
-			s := NewStorageImpl(fs, DefaultStorageRoot)
+			pool := NewTestPool(t.TempDir())
+			require.NotNil(t, pool)
+			defer func(pool *sqlitemigration.Pool) {
+				_ = pool.Close()
+			}(pool)
+			s := NewStorageImpl(fs, DefaultStorageRoot, pool)
 			if err := s.Get(context.TODO(), tt.args.key, tt.args.opts, tt.args.objPtr); !tt.wantErr(t, err) {
 				t.Errorf("Get() error = %v, wantErr %v", err, tt.wantErr)
 			}
@@ -369,7 +385,6 @@ func TestStorageImpl_GetList(t *testing.T) {
 	}
 	type args struct {
 		key     string
-		in2     storage.ListOptions
 		listObj runtime.Object
 	}
 	tests := []struct {
@@ -403,14 +418,20 @@ func TestStorageImpl_GetList(t *testing.T) {
 			want: 3,
 		},
 	}
+	pool := NewTestPool(t.TempDir())
+	require.NotNil(t, pool)
+	defer func(pool *sqlitemigration.Pool) {
+		_ = pool.Close()
+	}(pool)
+	s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot, pool)
+	for k, v := range objs {
+		err := s.Create(context.Background(), k, v.DeepCopyObject(), nil, 0)
+		assert.NoError(t, err)
+	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot)
-			for k, v := range objs {
-				err := s.Create(context.Background(), k, v.DeepCopyObject(), nil, 0)
-				assert.NoError(t, err)
-			}
-			if err := s.GetList(context.TODO(), tt.args.key, tt.args.in2, tt.args.listObj); (err != nil) != tt.wantErr {
+			opts := storage.ListOptions{Predicate: storage.SelectionPredicate{Limit: 500}} // this is the limit
+			if err := s.GetList(context.TODO(), tt.args.key, opts, tt.args.listObj); (err != nil) != tt.wantErr {
 				t.Errorf("GetList() error = %v, wantErr %v", err, tt.wantErr)
 			}
 			assert.Equal(t, tt.want, len(tt.args.listObj.(*v1beta1.SBOMSyftList).Items))
@@ -555,7 +576,12 @@ func TestStorageImpl_GuaranteedUpdate(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot)
+			pool := NewTestPool(t.TempDir())
+			require.NotNil(t, pool)
+			defer func(pool *sqlitemigration.Pool) {
+				_ = pool.Close()
+			}(pool)
+			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot, pool)
 			if tt.create {
 				err := s.Create(context.Background(), tt.args.key, toto.DeepCopyObject(), nil, 0)
 				assert.NoError(t, err)
@@ -593,14 +619,19 @@ func TestStorageImpl_Versioner(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot)
+			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot, nil)
 			assert.Equal(t, tt.want, s.Versioner())
 		})
 	}
 }
 
 func BenchmarkWriteFiles(b *testing.B) {
-	s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot).(*StorageImpl)
+	pool := NewTestPool(b.TempDir())
+	require.NotNil(b, pool)
+	defer func(pool *sqlitemigration.Pool) {
+		_ = pool.Close()
+	}(pool)
+	s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot, pool).(*StorageImpl)
 	key := "/spdx.softwarecomposition.kubescape.io/sbomsyfts/kubescape/toto"
 	obj := &v1beta1.SBOMSyft{
 		ObjectMeta: v1.ObjectMeta{
diff --git a/pkg/registry/file/vulnerabilitysummarystorage_test.go b/pkg/registry/file/vulnerabilitysummarystorage_test.go
index 41f568234..d7c4c12d6 100644
--- a/pkg/registry/file/vulnerabilitysummarystorage_test.go
+++ b/pkg/registry/file/vulnerabilitysummarystorage_test.go
@@ -8,9 +8,11 @@ import (
 	"github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1"
 	"github.com/spf13/afero"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apiserver/pkg/storage"
+	"zombiezen.com/go/sqlite/sqlitemigration"
 )
 
 func TestVulnSummaryStorageImpl_Create(t *testing.T) {
@@ -37,7 +39,7 @@ func TestVulnSummaryStorageImpl_Create(t *testing.T) {
 			wantErr: true,
 		},
 	}
-	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/")
+	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/", nil)
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -73,7 +75,7 @@ func TestVulnSummaryStorageImpl_Delete(t *testing.T) {
 			wantErr: true,
 		},
 	}
-	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/")
+	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/", nil)
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -105,7 +107,7 @@ func TestVulnSummaryStorageImpl_Watch(t *testing.T) {
 			wantErr: true,
 		},
 	}
-	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/")
+	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/", nil)
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -263,7 +265,12 @@ func TestVulnSummaryStorageImpl_GetList(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			t.Logf("expected scope on entry: %v", tt.args.expectedObj.Items)
-			realStorage := NewStorageImpl(afero.NewMemMapFs(), "/")
+			pool := NewTestPool(t.TempDir())
+			require.NotNil(t, pool)
+			defer func(pool *sqlitemigration.Pool) {
+				_ = pool.Close()
+			}(pool)
+			realStorage := NewStorageImpl(afero.NewMemMapFs(), "/", pool)
 			if tt.createObj {
 				for i, obj := range tt.args.createdObj {
 					err := realStorage.Create(context.TODO(), tt.args.keyCreatedObj[i], obj, nil, 0)
@@ -311,7 +318,8 @@ func TestVulnSummaryStorageImpl_GuaranteedUpdate(t *testing.T) {
 			wantErr: true,
 		},
 	}
-	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/")
+
+	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/", nil)
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -343,7 +351,7 @@ func TestVulnSummaryStorageImpl_Count(t *testing.T) {
 			wantErr: true,
 		},
 	}
-	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/")
+	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/", nil)
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -425,7 +433,12 @@ func TestVulnSummaryStorageImpl_Get(t *testing.T) {
 			createObj: true, wantErr: false,
 		},
 	}
-	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/")
+	pool := NewTestPool(t.TempDir())
+	require.NotNil(t, pool)
+	defer func(pool *sqlitemigration.Pool) {
+		_ = pool.Close()
+	}(pool)
+	realStorage := NewStorageImpl(afero.NewMemMapFs(), "/", pool)
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
diff --git a/pkg/registry/file/watch_test.go b/pkg/registry/file/watch_test.go
index 4386931d7..406363746 100644
--- a/pkg/registry/file/watch_test.go
+++ b/pkg/registry/file/watch_test.go
@@ -8,10 +8,12 @@ import (
 	"github.com/kubescape/storage/pkg/apis/softwarecomposition/v1beta1"
 	"github.com/spf13/afero"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/apiserver/pkg/storage"
+	"zombiezen.com/go/sqlite/sqlitemigration"
 )
 
 const (
@@ -79,7 +81,7 @@ func TestFileSystemStorageWatchReturnsDistinctWatchers(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot)
+			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot, nil)
 
 			got1, _ := s.Watch(context.TODO(), tt.args.key, tt.args.opts)
 			got1chan := got1.ResultChan()
@@ -178,7 +180,12 @@ func TestFilesystemStorageWatchPublishing(t *testing.T) {
 
 	for _, tc := range tt {
 		t.Run(tc.name, func(t *testing.T) {
-			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot)
+			pool := NewTestPool(t.TempDir())
+			require.NotNil(t, pool)
+			defer func(pool *sqlitemigration.Pool) {
+				_ = pool.Close()
+			}(pool)
+			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot, pool)
 			ctx := context.Background()
 			opts := storage.ListOptions{}
 
@@ -290,7 +297,12 @@ func TestWatchGuaranteedUpdateProducesMatchingEvents(t *testing.T) {
 	}
 	for _, tc := range tt {
 		t.Run(tc.name, func(t *testing.T) {
-			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot)
+			pool := NewTestPool(t.TempDir())
+			require.NotNil(t, pool)
+			defer func(pool *sqlitemigration.Pool) {
+				_ = pool.Close()
+			}(pool)
+			s := NewStorageImpl(afero.NewMemMapFs(), DefaultStorageRoot, pool)
 			opts := storage.ListOptions{}
 
 			watchers := map[string][]watch.Interface{}