Scanning summary is missing some images

[kimwnasptd]

The current actions we have for pushing summary file as an artifact, after the CVE scanning, have a bug and some images show to have 0 CVEs of any category.

Example artefacts https://github.com/canonical/bundle-kubeflow/actions/runs/5639880194

An example for this is docker.io/metacontrollerio/metacontroller:v2.0.4 image, which is reported to have 0 CVEs while if I run trivy locally I'll see

Total: 47 (UNKNOWN: 0, LOW: 0, MEDIUM: 10, HIGH: 34, CRITICAL: 3)

[i-chvets]

Kubeflow-CI is fixed. Saving space solution is added, debug logs are removed. https://github.com/canonical/kubeflow-ci/pull/99 https://github.com/canonical/kubeflow-ci/pull/98 https://github.com/canonical/kubeflow-ci/pull/97 https://github.com/canonical/kubeflow-ci/pull/96

Repository that is still missing get-images.sh is kfp-operators. It requires update of requirements on track/2.0 in order for script ot be merged. PR for script: https://github.com/canonical/kfp-operators/pull/259 Requirements PR, still failing with soluations discussed during daily: https://github.com/canonical/kfp-operators/pull/283

List of images currently retrieved by updated scripts (note missing KFP images):

Image list:
docker.io/kubeflownotebookswg/poddefaults-webhook:v1.7.0
argoproj/workflow-controller:v3.3.9
argoproj/argocli:v3.3.9
argoproj/argoexec:v3.3.9
dexidp/dex:v2.2
docker.io/istio/pilot:1.16.2
docker.io/istio/proxyv2:1.16.2
docker.io/kubeflowkatib/katib-controller:v0.15.0
docker.io/kubeflowkatib/katib-db-manager:v0.15.0
docker.io/kubeflowkatib/katib-ui:v0.15.0
docker.io/kubeflowkatib/suggestion-darts:v0.15.0
docker.io/kubeflowkatib/suggestion-enas:v0.15.0,
docker.io/kubeflowkatib/suggestion-goptuna:v0.15.0
docker.io/kubeflowkatib/suggestion-hyperband:v0.15.0
docker.io/kubeflowkatib/suggestion-hyperopt:v0.15.0
docker.io/kubeflowkatib/suggestion-optuna:v0.15.0
docker.io/kubeflowkatib/suggestion-pbt:v0.15.0,
docker.io/kubeflowkatib/suggestion-skopt:v0.15.0
docker.io/kubeflowkatib/suggestion-darts:v0.15.0
docker.io/kubeflowkatib/suggestion-enas:v0.15.0,
docker.io/kubeflowkatib/suggestion-goptuna:v0.15.0
docker.io/kubeflowkatib/suggestion-hyperband:v0.15.0
docker.io/kubeflowkatib/suggestion-hyperopt:v0.15.0
docker.io/kubeflowkatib/suggestion-optuna:v0.15.0
docker.io/kubeflowkatib/suggestion-pbt:v0.15.0,
docker.io/kubeflowkatib/suggestion-skopt:v0.15.0
docker.io/kubeflowkatib/enas-cnn-cifar10-cpu:v0.15.0
docker.io/kubeflowkatib/earlystopping-medianstop:v0.15.0
docker.io/kubeflowkatib/mxnet-mnist:v0.15.0
docker.io/kubeflowkatib/pytorch-mnist-cpu:v0.15.0
docker.io/kubeflowkatib/file-metrics-collector:v0.15.0
docker.io/kubeflowkatib/tfevent-metrics-collector:v0.15.0
otel/opentelemetry-collector:latest
kserve/models-web-app:v0.8.0
kserve/kserve-controller:v0.10.0
gcr.io/kubebuilder/kube-rbac-proxy:v0.10.0
docker.io/seldonio/mlserver:1.0.0
kserve/lgbserver:v0.10.0
kserve/paddleserver:v0.10.0
kserve/pmmlserver:v0.10.0
kserve/sklearnserver:v0.10.0
kserve/xgbserver:v0.10.0
nvcr.io/nvidia/tritonserver:21.09-py3
pytorch/torchserve-kfs:0.7.0
tensorflow/serving:2.6.2
kserve/agent:v0.10.0
kserve/aix-explainer
kserve/alibi-explainer
kserve/art-explainer
kserve/router:v0.10.0
kserve/storage-initializer:v0.10.0
docker.io/kubeflownotebookswg/centraldashboard:v1.7.0
docker.io/kubeflownotebookswg/profile-controller:v1.7.0
docker.io/kubeflownotebookswg/kfam:v1.7.0
kubeflownotebookswg/tensorboard-controller:v1.7.0
kubeflownotebookswg/tensorboards-web-app:v1.7.0
docker.io/kubeflownotebookswg/volumes-web-app:v1.7.0
docker.io/metacontrollerio/metacontroller:v2.0.4
minio/minio:RELEASE.2021-09-03T03-56-13Z
docker.io/kubeflownotebookswg/notebook-controller:v1.7.0
docker.io/kubeflownotebookswg/jupyter-web-app:v1.7.0
kubeflownotebookswg/jupyter-scipy:v1.7.0
kubeflownotebookswg/jupyter-pytorch-full:v1.7.0
kubeflownotebookswg/jupyter-pytorch-cuda-full:v1.7.0
kubeflownotebookswg/jupyter-tensorflow-full:v1.7.0
kubeflownotebookswg/jupyter-tensorflow-cuda-full:v1.7.0
swr.cn-south-1.myhuaweicloud.com/mindspore/jupyter-mindspore:v1.6.1
kubeflownotebookswg/codeserver-python:v1.7.0
kubeflownotebookswg/rstudio-tidyverse:v1.7.0
gcr.io/arrikto/kubeflow/oidc-authservice:e236439
docker.io/seldonio/engine:1.12.0
docker.io/charmedkubeflow/seldon-core-operator:v1.15.0_22.04_1
docker.io/seldonio/seldon-core-executor:1.14.0
docker.io/charmedkubeflow/mlserver-sklearn:1.2.0_22.04_1
docker.io/charmedkubeflow/mlserver-xgboost:1.2.0_22.04_1
docker.io/charmedkubeflow/mlserver-mlflow:1.2.0_22.04_1
nvcr.io/nvidia/tritonserver:21.08-py3
docker.io/charmedkubeflow/mlserver-huggingface:1.2.4_22.04_1
seldonio/mlserver:1.2.0-slim
seldonio/tfserving-proxy:1.15.0
docker.io/charmedkubeflow/sklearnserver:v1.16.0_20.04_1
seldonio/xgboostserver:1.15.0
seldonio/mlflowserver:1.15.0
docker.io/seldonio/seldon-core-executor:1.14.0
seldonio/rclone-storage-initializer:1.14.1
seldonio/alibiexplainer:1.15.0
seldonio/mlserver:1.2.0-alibi-explain
kubeflow/training-operator:v1-66aa6
ghcr.io/canonical/charmed-mysql@sha256:017605f168fcc569d102bb74b29ef9041256bd066013dece9ceee8c889

[i-chvets]

In some cases Trivy fails to scan images, complaining about incorrect format. After scan is complete, analysis should be done which image scans have failed. Reports for those will be missing.

[i-chvets]

KFP images scanned manually and added to the report.

[i-chvets]

The report was created manually with all missing images added. Work is being done to ensure script work properly. Closing this issue in favour of https://github.com/canonical/bundle-kubeflow/issues/674