Loading...

XML

Word

Printable

Details

Type: Story
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: None
Component/s: quay-operator
Labels:
- triaged

Story Points:
8
Blocked:
False
Blocked Reason:
None
Ready:
False

RICE Score:
0

SFDC Cases Links:
SFDC Cases Counter:

Description

As an openshift operator
I would like CSO to respect my ICSP rules
So it can scan images from my internal registry instead of reaching out the internet

NOTES

ICSP definition: https://github.com/openshift/api/blob/a6156965faae5ce117e3cd3735981a3fc0e27e27/operator/v1alpha1/types_image_content_source_policy.go#L25-L44
How CSO checks if registry supports security scans: https://github.com/quay/container-security-operator/blob/44a4493ddf0fe9adea82906adf6be073f02e61fb/labeller/labeller.go#L305
Registries.conf documentation: https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md

ACCEPTANCE CRITERIA

ICSP rules are interpreted by the CSO operator

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Ricardo Maraschini (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2022/04/21 2:44 PM

Updated:: 2022/06/02 5:52 PM