[Enhancement] automatically subscribe when adding images for analysis

anchore / kubernetes-admission-controller

Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchore

Apache License 2.0

64 stars 27 forks source link

[Enhancement] automatically subscribe when adding images for analysis #7

Open antimack opened 5 years ago

antimack commented 5 years ago

Since we are using controller in Kubernetes, manually subscribing to the notifications in such dynamic environment can be really hard. It would be great to have an option for automatic subscribing to the notifications when image added for analysing, for example something in config like this:

"auto_subscribe": {
    "policy_eval": true,
    "vuln_update": true
  },

I think we can omit "analysis_update" and "tag_update" since they will be automatically enabled if I understand correctly.

Thanks!

zhill commented 5 years ago

thanks @antimack , noted and i'll look into it for future release. Generally we want to improve the subscription/watch handling in anchore engine itself as well, so these could be coordinated efforts. But simple first cut is to set them in this client.

jcamu commented 3 years ago

Hello,

Any news on this subject? There is indeed a more global question on how to handle subscriptions, notifications... Policy_eval are the most important notifications for us, others are not used. What it is important is if a policy evaluation failed or not. Like with notifications, a way to store locally these message and send them after to an ELK instance for example should be interesting as we don't want to be alerted via webhook for very images when it's an new Os CVE.( Getting hundred of notifications for the same error it"s not the best). Unfortunately we need to let the alerting, notification to a third party application i think.

Regards