⚲

Project

General

Profile

Home
Projects
Help

Search:

Containers and images

All Projects

Containers and images

Overview
Activity
Roadmap
Issues
Gantt
Wiki

Custom queries

Containers
Containers - backlog
Containers - bugs
openQA Infrastructure Project
openqa-review - Closed tickets last updated by openqa-review, last 30 days
QA roadmap long-term
QA SLE functional
QA SLE Functional - closed in last 14 days
QA SLE Functional - High, need to be refined
QA SLE Functional - over cycle time median
QA SLE u
QA SLE y
QA tools (tag not necessary in openQA and subprojects)
QA tools tag (tag not necessary in openQA and subprojects; excluding tickets in "Ready" version as they are already on the backlog)
QAC - Backlog
QE tools team - backlog (dev)
QE tools team - backlog (ready issues)
QE tools team - backlog SLA high
QE tools team - backlog SLA immediate
QE tools team - backlog SLA no immediate/urgent in feedback/blocked
QE tools team - backlog SLA normal
QE tools team - backlog SLA urgent
QE tools team - backlog SLO high
QE tools team - backlog SLO normal
QE tools team - backlog SLO urgent
QE tools team - backlog, high-level view (epics and higher)
QE tools team - backlog, non-reactive work, needs parent
QE tools team - backlog, top-level view (all sagas)
QE tools team - closed within last 14 days
QE tools team - closed within last 60 days
QE tools team - closed yesterday
QE Tools Team - Collaborative Session
QE tools team - due date forecast
QE tools team - exceeding due-date
QE tools team - infrastructure backlog
QE tools team - next - sorted by update time
QE tools team - next issues
QE tools team - non-estimated (unblocked) issues (dev)
QE tools team - non-estimated (unblocked) issues (infra)
QE tools team - ready issues - Workable
QE tools team - ready, not assigned/blocked/low
QE tools team - SLO high forecast
QE tools team - update forecast
QE tools team - updated by priority
QE tools team - what members of the team are working on - Feedback (not-low)
QE Tools Team Backlog By Assignee
Tools Team Retrospective
Tools Team Retrospective (not estimated or assigned)

Actions

Copy link

action #108233

closed

coordination #87853: [epic][brainstorming]

container scanning services

Added by jlausuch almost 3 years ago. Updated about 2 months ago.

Status:

Rejected

Priority:

Low

Assignee:

rbranco

Target version:

Start date:

2022-03-11

Due date:

% Done:

Estimated time:

Tags:

containers

Description

Try out container scanning services like trivy [1] and clair to be notified about vulnerabilities inside of their containers.
Investigate how those tools work and come up with a suggestion if it makes sense to include that in our tests.
NouVector [3] also offers interesting things we could use.

[1] https://github.com/aquasecurity/trivy
[2] https://github.com/quay/clair
[3] https://neuvector.com/

Related issues 1 (0 open — 1 closed)

Related to Containers and images - action #87805: Investigate security test cases for automation

Rejected

rbranco

2021-01-15

Actions

Issue # Delay: days Cancel

History
Notes
Property changes

Actions

Copy link

Updated by jlausuch almost 3 years ago

Parent task set to #87853

Actions

Copy link

Updated by jlausuch almost 2 years ago

Related to action #87805: Investigate security test cases for automation added

Actions

Copy link

Updated by pdostal almost 2 years ago

Ad NeuVecotr, I found this: https://open-docs.neuvector.com/scanning/scanners#standalone-scanner-for-local-scanning

Actions

Copy link

Updated by rbranco almost 2 years ago

pdostal wrote:

Ad NeuVecotr, I found this: https://open-docs.neuvector.com/scanning/scanners#standalone-scanner-for-local-scanning

NeuVector is also a SUSE product now.

Actions

Copy link

Updated by rbranco almost 2 years ago

Status changed from Workable to In Progress

Actions

Copy link

Updated by pdostal almost 2 years ago

For NeuVector: https://suse.slack.com/archives/C02KFUJD64U/p1674136935360399

Actions

Copy link

Updated by jlausuch almost 2 years ago

Status changed from In Progress to Workable

Actions

Copy link

Updated by rbranco almost 2 years ago

Status changed from Workable to In Progress
Assignee set to rbranco

Actions

Copy link

Updated by rbranco almost 2 years ago

I asked in #team-buildops about the issue of scanning containers and their approach is to release a new image when a new package is released, and that they tried NeuVector in IBS/OBS and failed. I also asked in #discuss-neuvector and they have their own team to test the product.

https://suse.slack.com/archives/C02BX1X92HM/p1676280368655279

Actions

Copy link

#10