Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-967

Improve Console UI experience for Software Supply Chain Security (SSCS) Use Cases

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Done
    • Icon: Critical Critical
    • None
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • 100
    • 100% 100%
    • 0
    • 0
    • Program Call

      Outcome/Feature Overview (aka. Goal Summary)  

      Enrich the OpenShift Pipelines experience for DevSecOps and Software Supply Chain Security use cases such as CVEs, SBOMs and signatures.

      Goals (aka. expected user outcomes)

      Improving application developer experience when using OpenShift Pipelines by increasing awareness of important SSCS elements. An OpenShift Pipelines PipelineRun's Task can emit CVEs, SBOMs, policy reporting as well as identify signing status.

       

      Requirements (aka. Acceptance Criteria):

      • CVE Summary as a column in PipelineRun list view
      • Link to SBOM for PipelineRuns
      • Add a badge/icon for chains.tekton.dev/signed=true for PipelineRuns

            karthik.jk Karthik Jeeyar
            bsutter@redhat.com Burr Sutter
            Jeffrey Phillips, Karthik Jeeyar
            Sanket Pathak Sanket Pathak
            Tanya Shearon Tanya Shearon
            Parag Dave Parag Dave
            Votes:
            0 Vote for this issue
            Watchers:
            11 Start watching this issue

              Created:
              Updated:
              Resolved: