Uploaded image for project: 'OpenShift Dev Console'
  1. OpenShift Dev Console
  2. ODC-7421

Show vulnerability column in the pipelinerun list page


    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • None


      As a user, I want to see the vulnerabilities in the OCP console, so that I can identify and fix the issue as early as possible.

      Acceptance Criteria

      1. Show the Vulnerabilities column in the pipelinerun list page.
      2. UI should use the new tekton results naming conventions (find the link below).
      3. UI needs to aggregate all the results that contain the string SCAN_OUTPUT.  eg: ROXCTL_SCAN_OUTPUT, ACS_SCAN_OUTPUT.
      4. Show signed badge next to the pipelinerun name if it is signed by chains.
      5. Show View SBOM link in the kebab menu, if the pipeline run has SBOM attached to it.

      Additional Details: 

      Tekton results naming conventions - doc 

      Batch the tekton results API request to avoid performance issues and use pagination to fetch the vulnerabilities when a user scrolls down in the list page.

      Note: A pipelinerun can have multiple results SCAN_OUTPUT results.

            jephilli@redhat.com Jeffrey Phillips
            karthik.jk Karthik Jeeyar
            0 Vote for this issue
            2 Start watching this issue