Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-27455

Count mismatch in Image vunerabilities reported in the Openshift Console

    XMLWordPrintable

Details

    Description

      Problem Description:

      Installed the Red Hat Quay Container Security Operator on the 4.13.25 cluster .

      Below are my test results :

      ```

      sasakshi@sasakshi ~]$ oc version
      Client Version: 4.12.7
      Kustomize Version: v4.5.7
      Server Version: 4.13.25
      Kubernetes Version: v1.26.9+aa37255

      [sasakshi@sasakshi ~]$ oc get csv -A | grep -i "quay" | tail -1
      openshift container-security-operator.v3.10.2 Red Hat Quay Container Security Operator 3.10.2 container-security-operator.v3.10.1 Succeeded

      [sasakshi@sasakshi ~]$ oc get subs -A
      NAMESPACE NAME PACKAGE SOURCE CHANNEL
      openshift-operators container-security-operator container-security-operator redhat-operators stable-3.10

      [sasakshi@sasakshi ~]$ oc get imagemanifestvuln -A | wc -l
      82
      [sasakshi@sasakshi ~]$ oc get vuln --all-namespaces | wc -l
      82

      Console -> Administration -> Image Vulnerabitlites : 82

      Home -> Overiview -> Status -> Image Vulnerabitlites : 66
      ```

      Observations from My testing :

      • `oc get vuln --all-namespaces` reports the same count as `oc get imagemanifestvuln -A`
      • Difference in the count is reported in the following
        ```
        Console -> Administration -> Image Vulnerabitlites : 82
        Home -> Overiview -> Status -> Image Vulnerabitlites : 66
        ```
        Why there is a difference in reporting of the above two entries?

      Kindly refer to the attached screenshots for reference .

      Documentation link referred:

      https://docs.openshift.com/container-platform/4.14/security/pod-vulnerability-scan.html#security-pod-scan-query-cli_pod-vulnerability-scan

      Attachments

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-28232 [release-4.15] Count mismatch in Image vunerabilities reported in the Openshift Console

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed
          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. PROJQUAY-6512 CSO failed to create imagemanifestvulns on Openshift 4.15

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed
          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-28232 [release-4.15] Count mismatch in Image vunerabilities reported in the Openshift Console

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed
          links to

          GitHub openshift/console#13529: OCPBUGS-27455: do not deduplicate ImageManifestVulns in Overview popover

          Web Link RHEA-2024:0041 OpenShift Container Platform 4.16.z bug fix update

          Activity

            People

              rhn-engineering-rhamilto Robb Hamilton
              sasakshi@redhat.com Sakshi sakshi
              YaDan Pei YaDan Pei
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated: