Uploaded image for project: 'OpenShift Dev Console'
  1. OpenShift Dev Console
  2. ODC-4372

View Base Image vulnerabilities in Project Dashboard

XMLWordPrintable

    • View Base Image vulnerabilities in Project Dashboard
    • To Do
    • 0% To Do, 0% In Progress, 100% Done
    • L

      Problem:

      Currently, developers don't have visibility into vulnerabilities in their projects.

      Goal:

      Our initial requirement is to allow developers the ability to view base image vulnerabilities across all container images within a specific Project. 

      Why is it important?

      Use cases:

      As a developer, ...

      • I want to view a count of the number of images that are vulnerable in my selected project, when CSO is installed to the cluster.
      • I want to see a breakdown by severity across all vulnerable images in my selected project.
      • I want to see the number of vulnerabilities in each vulnerable image and the count of how many are fixable.
      • I want to see how many pods are affected by each vulnerable image
      • I want a link to access details in Quay for each vulnerable container image that is stored in that repository

      Acceptance criteria

      As a developer, ...

      1. I should be able to see an option to view list of Vulnerabilities for a selected project
      2. I should be able to see the total count of vulnerable images in a selected project
      3. I should be able to see severity-based counts of all vulnerable images in a selected project
      4. I should be able to drill into severity, count of vulnerabilities, count of fixable vulnerabilities, number of affected pods for each vulnerable image
      5. I should be able to launch the Quay UI panel, in context of the manifest of the vulnerable image stored in that repository

      Dependencies (External/Internal):

      CSO

      Slack Channel

      #tmp-odc-app-vulnerabilities in CoreOS slack

      Design Artifacts:

      tbd

      Exploration:

      Step 1 - Empathize
      Step 2 - Define
      Step 3 - Ideate

      Note:

      Initial use case/journey ideas https://docs.google.com/presentation/d/12XmfeoZxnaOjsbRMIGr7FJtrE9ywvW5B2tEFi2wG3dQ/edit?usp=sharing

      Notes

      Depending on the user's role, the permissions might limit the sorts of actions they have access to.

          There are no Sub-Tasks for this issue.

              Unassigned Unassigned
              sdoyle@redhat.com Serena Nichols (Inactive)
              jaivardhan Kumar jaivardhan Kumar
              Sanket Pathak Sanket Pathak
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: