Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-3195

Consider disabling pulls for images whose CVE level is higher than some threshold

    XMLWordPrintable

Details

    • Feature
    • Resolution: Won't Do
    • Minor
    • None
    • None
    • quay
    • False
    • False
    • 0
    • 0% 0%
    • 0

    Description

      Currently, Quay will not limit pulling of images based on CVE status. It will allow pulls of container images regardless of how many CVEs the image has, it's up to the user to decide whether he or she wants to pull that image.

      This ability would allow us to set a threshold after which image pulls would be disabled by the registry. This is something that Nexus and Harbor are already doing.

      Is this something that's feasible for Quay?

      Attachments

        Activity

          People

            Unassigned Unassigned
            rhn-support-ibazulic Ivan Bazulic
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: