Open Vad1mo opened 6 years ago
Thanks a lot for this :clap:
I'd like to add a suggestion. It would be useful for a feature to run a full-rescan of a registry. I have many, many images in Portus/Registry prior to configuring Clair and I now cannot rescan those images it seems.
Will this include updating to use the Clair V3 API too?
Will this include updating to use the Clair V3 API too?
I see that this version of the API is only included in the master
branch (so it has not been released yet). Meaning that it may change, I guess. So, I'd say that we should take a look at it, but I wouldn't say it's top priority.
That being said, I remember that there were some changes on the v1
of the API for some versions of Clair (or at least Portus failed for some versions of Clair so we pinned a specific version). So, I'd say that it's important to check more versions of Clair (master and v3
included).
Thanks for the heads up :+1:
Is there any way to have it run the scan against the entire registry once you enable clair?
Abstract
The first phase of the vulnerability scanner allowed the general scanning of repositories. In order to make better and more precise conclusions out the results it is desired to improve the vulnerability scanner.
This issue here is intended to track all the effort related to deliver an improved version of the vulnerability scanner.
The issue #1658 targets some of the features
Related Tasks
[x] #1669 Store vulnerabilities in a more clever way.
[ ] Periodic scanning of images: Scanning should not only happen once after an image is pushed. Images should be scanned on a regular basis. There should be an option to control the scheduler. (Examples: How Often, Scan only Latest, Newest, SemVer newest, Tag RegEx and so forth.)
[ ] Better Vulnerability overview and reporting. Overview of images the vulnerable. (Examples: Sort images by vulnerability. All vulnerabilities of latest images)
[ ] Add vulnerability results to audit trail. See if Pushed images are vulnerable
[ ] Vulnerability Notifications. Get Notification if Vulnerable images becomes vulnerable. (Example: All, Only Latest)
You are invited to make suggestions