Open tarilabs opened 1 week ago
It looks to me to get better numbers we need to have coordination with KFP WG for which we copy the MLMD setup.
I notice mysql:8.0.39 as also suggested in https://github.com/kubeflow/model-registry/pull/267 would improve some of this numbers, although same considerations as above, since it seems to be also failing the bare minimal K8s test we have on this repo.
With KF 1.9, the Platform (KF/Manifest) team is introducing CVE reporting. ref: https://blog.kubeflow.org/kubeflow-1.9-release/#cve-scanning
Since https://github.com/kubeflow/manifests/pull/2860 it is possible to access the reports for the whole KF platform by accessing the zip archive in any of the run from: https://github.com/kubeflow/manifests/actions/workflows/trivy.yaml
With https://github.com/kubeflow/manifests/pull/2856 we avoid a double-counting in the final report for image which are shared across WGs/Components (ie: we share Mysql and gcr.io/tfx-oss-public/ml_metadata_store_server)
Baseline
From the KF 1.9 release, this numbers where reported:
September 2nd
Source images
Shared images