Details
-
Story
-
Resolution: Done
-
Undefined
-
None
-
None
-
None
-
False
-
None
-
False
-
OCPSTRAT-967 - Improve Console UI experience for Software Supply Chain Security (SSCS) Use Cases
-
0
-
Not Supported
Description
Description
As a user, I want to see the vulnerabilities in the OCP console, so that I can identify and fix the issue as early as possible.
Acceptance Criteria
- Show the Vulnerabilities column in the pipelinerun list page.
- UI should use the new tekton results naming conventions (find the link below).
- UI needs to aggregate all the results that contain the string SCAN_OUTPUT. eg: ROXCTL_SCAN_OUTPUT, ACS_SCAN_OUTPUT.
- Show signed badge next to the pipelinerun name if it is signed by chains.
- Show View SBOM link in the kebab menu, if the pipeline run has SBOM attached to it.
Additional Details:
Tekton results naming conventions - doc
Batch the tekton results API request to avoid performance issues and use pagination to fetch the vulnerabilities when a user scrolls down in the list page.
Note: A pipelinerun can have multiple results SCAN_OUTPUT results.
Attachments
Issue Links
- is blocked by
-
ODC-7347 Support to load PipelineRuns and Logs also from Tekton Results
-
- Closed
-
- links to
