1. Install and configure Red Hat Quay on Openshift as per https://access.redhat.com/documentation/en-us/red_hat_quay/3.7/html/configure_red_hat_quay/index 2. Create a new user from Web UI 3. Create a new repository from Web UI   Click "+ Create New Repository"   Enter "Repository Name"   Click "🔒 Create Private Repository" 4. Configure Repository Notification   Go to "Settings" of the new repository   Click "+ Create Notification"   Choose "Package Vulnerability Found"   Choose Negligible as "With minimum severity level :"    Choose "Red Hat Quay Notification" as "Then issue a notification"   Enter the new user name to "Recipient:" 5. Push images to run Clair security scan   ex)   podman login --tls-verify=false <Quay URL>   podman pull registry.access.redhat.com/ubi7/ubi:7.9-193   podman images    podman tag fdef99b34155 <Quay URL>/testuser/testrepo:v1   podman push --tls-verify=false --remove-signatures <Quay URL>/testuser/testrepo:v1 6. Security scan is run automatically and vulnerabilities are found, but no notification appears. For example, the following vulnerabilities are found in registry.access.redhat.com/ubi7/ubi:7.9-193 by Clair security scan.     Quay Security Scanner has detected 40 vulnerabilities.     Patches are available for 38 vulnerabilities.     3 Critical-level vulnerabilities.     12 High-level vulnerabilities.     24 Medium-level vulnerabilities.     1 Unknown-level vulnerabilities.