change prefix to metadata.github.com

Author: piceri

README.md

@@ -90,14 +90,14 @@ Runtime risks and custom tags can be added to deployment records using annotatio
 
 Runtime risks are risks associated with the deployment of an artifact. These risks can be used to filter GitHub Advanced Security (GHAS) alerts and add context to alert prioritization. 
 
-Add the annotation `artifact-metadata.github.com/runtime-risks`, with a comma-separated list of supported runtime risk values. Annotations are aggregated from the pod and its owner reference objects. 
+Add the annotation `metadata.github.com/runtime-risks`, with a comma-separated list of supported runtime risk values. Annotations are aggregated from the pod and its owner reference objects. 
 
 Currently supported runtime risks can be found in the [Create Deployment Record API docs](https://docs.github.com/en/rest/orgs/artifact-metadata?apiVersion=2022-11-28#create-an-artifact-deployment-record). Invalid runtime risk values will be ignored.
 
 ### Custom Tags
 You can add custom tags to your deployment records to help filter and organize them in GitHub.
 
-Add annotations with the prefix `artifact-metadata.github.com/<key>`  (e.g. `artifact-metadata.github.com/team: payments`) to add a custom tag. Annotations are aggregated from the pod and its owner reference objects.
+Add annotations with the prefix `metadata.github.com/<key>`  (e.g. `metadata.github.com/team: payments`) to add a custom tag. Annotations are aggregated from the pod and its owner reference objects.
 
 If a key is seen at multiple levels of the ownership hierarchy, the value from the lowest level (closest to the pod) will take precedence. For example, if a tag key is present on both the pod and its owning deployment, the value from the pod will be used.
 

internal/controller/controller.go

@@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"log/slog"
-	"regexp"
 	"slices"
 	"strings"
 	"time"
@@ -36,17 +35,15 @@ const (
 	// EventDeleted indicates that a pod has been deleted.
 	EventDeleted = "DELETED"
 	// RuntimeRiskAnnotationKey represents the annotation key for runtime risks.
-	RuntimeRiskAnnotationKey = "artifact-metadata.github.com/runtime-risks"
-	// CustomTagAnnotationKeyPattern is a regex to find custom tag annotations and extract the key.
-	CustomTagAnnotationKeyPattern = `artifact-metadata\.github\.com/([^\s]+)`
+	RuntimeRiskAnnotationKey = "metadata.github.com/runtime-risks"
+	// CustomTagAnnotationKeyPrefix is the annotation key prefix for custom tags.
+	CustomTagAnnotationKeyPrefix = "metadata.github.com/"
 	// MaxCustomTags is the maximum number of custom tags per deployment record.
 	MaxCustomTags = 5
 	// MaxCustomTagLength is the maximum length for a custom tag key or value.
 	MaxCustomTagLength = 100
 )
 
-var customTagAnnotationKeyRegexp = regexp.MustCompile(CustomTagAnnotationKeyPattern)
-
 type ttlCache interface {
 	Get(k any) (any, bool)
 	Set(k any, v any, ttl time.Duration)
@@ -760,8 +757,8 @@ func extractMetadataFromObject(obj *metav1.PartialObjectMetadata, aggPodMetadata
 		if RuntimeRiskAnnotationKey == key {
 			continue
 		}
-		if matches := customTagAnnotationKeyRegexp.FindStringSubmatch(key); matches != nil {
-			tagKey := matches[1]
+		if strings.HasPrefix(key, CustomTagAnnotationKeyPrefix) {
+			tagKey := strings.TrimPrefix(key, CustomTagAnnotationKeyPrefix)
 			tagValue := annotations[key]
 			if utf8.RuneCountInString(tagKey) > MaxCustomTagLength || utf8.RuneCountInString(tagValue) > MaxCustomTagLength {
 				slog.Warn("Tag key or value exceeds max length, skipping",