Add a generic image vulnerability scan and patch doc

Azure / container-upstream

This project captures work in progress, and completed work for the Azure Core Container Upstream team

MIT License

53 stars 26 forks source link

Add a generic image vulnerability scan and patch doc #106

Open aramase opened 2 years ago

aramase commented 2 years ago

Most of the projects listed in this repo have image scanning enabled as part of the CI and nightly runs. We should add a generic document to this repo:

Define how to run image scan as part of CI
Define a policy on what the patching steps would be

This doc will establish image scanning as a requirement for new projects that we onboard and also can be referenced in the project docs instead of each project having its own blurb about it.

kitarp29 commented 2 years ago

Hi @aramase @ritazh I would like to work on it. Could you help me in starting with it?