-
Feature
-
Resolution: Done
-
Undefined
-
None
-
None
-
False
-
None
-
False
Summary
As an OpenShift administrator
I want to access the recommendations and CVEs from the CLI
so that I can interact with advisor from my terminal and integrate the data with my other tools.
Additional context:
We can use oc, odo, ocm-cli or a custom CLI binary (less preferable IMO). The behavior could be as follows:
List recommendations:
oc get recommendations ID MODIFIED FIRST IMPACTED TOTAL RISK ccx_rules_ocp.external.rules.empty_prometheus_db_volume.report 2 years ago 22 days ago Moderate ccx_rules_ocp.external.rules.namespaces_with_overlapping_uid_ranges.report 7 months ago 3 months ago Important ccx_rules_ocp.external.rules.okd_cluster_unsupported.report 1 year ago 3 months ago Moderate
List vulnerabilities:
oc get vulnerabilities ID PUBLISH DATE SEVERITY CVSS BASE SCORE EXPOSED IMAGES CVE-2022-38177 21 Sept 2022 Important 7.5 59 CVE-2022-38178 21 Sept 2022 Important 7.5 59 CVE-2022-40674 14 Sept 2022 Important 9.8 21
See more examples at the Google doc.
Unknowns:
- What binary to use? oc, odo, ocm-cli or a custom CLI binary?
- Is this useful for our customers? Maybe we can offer this as a beta and gather some insights.
- Can we show the details there or would it be better to redirect the user to the Webconsole? How can we track whether admin views a recommendation via WebConsole or CLI?
Acceptance criteria:
Unknowns are solved and feature is implemented.