kubescape · matthyx · Apr 3, 2026 · coderabbitai · Apr 3, 2026 · coderabbitai
diff --git a/cmd/main.go b/cmd/main.go
@@ -395,7 +395,11 @@ func main() {
 
 	// Create scan failure reporter (sends SBOM failures to careportreceiver for user notifications)
 	var failureReporter sbommanager.SbomFailureReporter
-	if services, svcErr := config.LoadServiceURLs("/etc/config/services.json"); svcErr == nil && services.GetReportReceiverHttpUrl() != "" {
+	apiURL := os.Getenv("API_URL")
+	if apiURL == "" {
+		apiURL = "api.armosec.io"
+	}
+	if services, svcErr := config.LoadServiceURLs(apiURL); svcErr == nil && services.GetReportReceiverHttpUrl() != "" {
 		failureReporter = sbommanagerv1.NewHTTPSbomFailureReporter(services.GetReportReceiverHttpUrl(), accessKey, clusterData.AccountID, clusterData.ClusterName)
 		logger.L().Info("scan failure reporting enabled", helpers.String("eventReceiverURL", services.GetReportReceiverHttpUrl()))
 	}
-	if services, svcErr := config.LoadServiceURLs(apiURL); svcErr == nil && services.GetReportReceiverHttpUrl() != "" {
-		failureReporter = sbommanagerv1.NewHTTPSbomFailureReporter(services.GetReportReceiverHttpUrl(), accessKey, clusterData.AccountID, clusterData.ClusterName)
-		logger.L().Info("scan failure reporting enabled", helpers.String("eventReceiverURL", services.GetReportReceiverHttpUrl()))
-	}
+	if services, svcErr := config.LoadServiceURLs(apiURL); svcErr == nil && services.GetReportReceiverHttpUrl() != "" {
+		failureReporter = sbommanagerv1.NewHTTPSbomFailureReporter(services.GetReportReceiverHttpUrl(), accessKey, clusterData.AccountID, clusterData.ClusterName)
+		logger.L().Info("scan failure reporting enabled", helpers.String("eventReceiverURL", services.GetReportReceiverHttpUrl()))
+	} else if svcErr != nil {
+		logger.L().Warning("scan failure reporting disabled: unable to load backend services", helpers.Error(svcErr), helpers.String("apiURL", apiURL))
+	}
-	if services, svcErr := config.LoadServiceURLs(apiURL); svcErr == nil && services.GetReportReceiverHttpUrl() != "" {
-		failureReporter = sbommanagerv1.NewHTTPSbomFailureReporter(services.GetReportReceiverHttpUrl(), accessKey, clusterData.AccountID, clusterData.ClusterName)
-		logger.L().Info("scan failure reporting enabled", helpers.String("eventReceiverURL", services.GetReportReceiverHttpUrl()))
-	}
+	if services, svcErr := config.LoadServiceURLs(apiURL); svcErr == nil && services.GetReportReceiverHttpUrl() != "" {
+		failureReporter = sbommanagerv1.NewHTTPSbomFailureReporter(services.GetReportReceiverHttpUrl(), accessKey, clusterData.AccountID, clusterData.ClusterName)
+		logger.L().Info("scan failure reporting enabled", helpers.String("eventReceiverURL", services.GetReportReceiverHttpUrl()))
+	} else if svcErr != nil {
+		logger.L().Warning("scan failure reporting disabled: unable to load backend services", helpers.Error(svcErr), helpers.String("apiURL", apiURL))
+	}

diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -10,7 +10,7 @@ import (
 
 	"github.com/kubescape/backend/pkg/servicediscovery"
 	"github.com/kubescape/backend/pkg/servicediscovery/schema"
-	servicediscoveryv2 "github.com/kubescape/backend/pkg/servicediscovery/v2"
+	servicediscoveryv3 "github.com/kubescape/backend/pkg/servicediscovery/v3"
 	"github.com/kubescape/node-agent/pkg/exporters"
 	"github.com/kubescape/node-agent/pkg/hostfimsensor/v1"
 	processtreecreator "github.com/kubescape/node-agent/pkg/processtree/config"
@@ -289,13 +289,12 @@ func (c *Config) SkipNamespace(ns string) bool {
 	return false
 }
 
-func LoadServiceURLs(filePath string) (schema.IBackendServices, error) {
-	if pathFromEnv, present := os.LookupEnv("SERVICES"); present {
-		filePath = pathFromEnv
+func LoadServiceURLs(apiURL string) (schema.IBackendServices, error) {
+	client, err := servicediscoveryv3.NewServiceDiscoveryClientV3(apiURL)
+	if err != nil {
+		return nil, err
 	}
-	return servicediscovery.GetServices(
-		servicediscoveryv2.NewServiceDiscoveryFileV2(filePath),
-	)
+	return servicediscovery.GetServices(client)
 }
 
 type OrderedEventQueueConfig struct {