Major Description:
This is an issue found in Quay 3.9.0, when configure quay image repository with Events and Notifications to have slack notification for "Push to Repository" and "Package Vulnerability Found", after pushed new image with critical image vulnerability, found can only get slack notification "new image pushed", But can't get slack notification of "new critical image vulnerability found", pls review this issue.
Note:
- The Quay notification works well with Events and Notifications "Package Vulnerability Found".
- This issue is not Quay 3.9.0 regression issue, and can also be reproduced in Quay 3.8.9
Quay: quay-operator-bundle-container-v3.9.0-122
Quay config.yaml:
BROWSER_API_CALLS_XHR_ONLY: false CREATE_PRIVATE_REPO_ON_PUSH: true CREATE_NAMESPACE_ON_PUSH: true FEATURE_QUOTA_MANAGEMENT: true FEATURE_PROXY_CACHE: true CREATE_REPOSITORY_ON_PUSH_PUBLIC: true FEATURE_EXTENDED_REPOSITORY_NAMES: true FEATURE_USER_INITIALIZE: true FEATURE_GENERAL_OCI_SUPPORT: true FEATURE_HELM_OCI_SUPPORT: true FEATURE_PROXY_STORAGE: true PERMANENTLY_DELETE_TAGS: true SUPER_USERS: - quay - admin DISTRIBUTED_STORAGE_CONFIG: default: - AzureStorage - azure_account_key: ****** azure_account_name: quayazure1000 azure_container: quayazure1000 sas_token: ****** storage_path: /quayazuredata/quayregistry DISTRIBUTED_STORAGE_DEFAULT_LOCATIONS: - default DISTRIBUTED_STORAGE_PREFERENCE: - default FEATURE_SECURITY_SCANNER_NOTIFY_ON_NEW_INDEX: True
Config Slack Notification when package vulnerability found:
