Uploaded image for project: 'OpenShift Image Registry'
  1. OpenShift Image Registry
  2. IR-151

Manifest security endpoint

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Obsolete
    • Icon: Undefined Undefined
    • None
    • None
    • Registry
    • None
    • False
    • None
    • False
    • None
    • None
    • None
    • None

      As an OpenShift user
      I want Quay Container Security Operator to work with the image registry
      so that I can see vulnerabilities of pushed and imported images.

      Acceptance Criteria

      • the user should be able to provide the registry with the Clair URL (API change)
      • the registry is able to authenticate with Clair (API change?)
      • the image registry has /.well-known/app-capabilities endpoint
      • the image registry has capability io.quay.manifest-security
      • Container Security Operator can get vulnerabilities from the image registry

      See Also

      https://quay.io/.well-known/app-capabilities
      https://quay.io/api/v1/repository/app-sre/centos/manifest/sha256:9e0c275e0bcb495773b10a18e499985d782810e47b4fce076422acb4bc3da3dd/security?features=true&vulnerabilities=true

              Unassigned Unassigned
              obulatov@redhat.com Oleg Bulatov (Inactive)
              None
              None
              None
              None
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: