Uploaded image for project: 'Red Hat Advanced Cluster Security'
  1. Red Hat Advanced Cluster Security
  2. ROX-32564

Vulnerability Scanning Support for Hummingbird Images

    • Product / Portfolio Work
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected

      Goal Summary:

      Project Hummingbird images are built to be minimal, often lacking shells or package managers (e.g., rpm). This feature enables Clair and RHACS to scan these images and cross-reference them with Red Hat's VEX metadata.

      Goals and expected user outcomes:

      Implement integrated scanning in RHACS and Clair to validate the "Zero-CVE" status of Project Hummingbird images and provide continuous monitoring against new vulnerability discoveries.

      Acceptance Criteria:

      A list of specific needs or objectives that a feature must deliver in order to be considered complete. Be sure to include nonfunctional requirements such as security, reliability, performance, maintainability, scalability, usability, etc. Initial completion during {}Refinement{} status.

      [enter _general_ Feature acceptance here]

      Success Criteria or KPIs measured:

      A list of specific, measurable criteria that will be used to determine if the feature is successful. Include key performance indicators (KPIs) or other metrics., etc. Initial completion during __Refinement_ status._

      [enter success criteria and/or KPIs here]

      Out of Scope:

      • Third-Party Distroless: This feature does not provide "Zero-CVE" certification for Google Distroless or Chainguard images (though they are scanned via standard SBOM logic).
      • Remediation Suggestion: RHACS will identify the need for a patch, but it will not automatically rebuild the container image.
      • Legacy Scanners: This feature is only supported on {_}RHACS Scanner V4 (ClairCore-based){*}.

              vle@redhat.com Vu Le
              dcaspin@redhat.com Doron Caspin
              Shubha Badve Shubha Badve
              ACS Scanner
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: