community icon indicating copy to clipboard operation
community copied to clipboard

Published 20 hours ago verified publisher icon aws-controllers-k8s

Enable image scanning for ACK controller images

Open vijtrip2 opened this issue 3 years ago • 3 comments
trafficstars

Is your feature request related to a problem?

  • Currently there is no automated way of finding security vulnerabilities in the latest ACK service controller images.

Describe the solution you'd like

  • Running periodic jobs to scan the latest controller images and if any security vulnerability is surfacing.
  • ACK core team will be informed about security vulnerability through a private communication channel

Describe alternatives you've considered

  • TODO: research about managed image scanning from public ecr
  • Running scan on image of single controller instead of all

vijtrip2 avatar Jan 10 '22 19:01 vijtrip2

I think this is a great idea, maybe hook Clair into the existing prow process / infrastructure that ACK team uses? Quay uses this for its scanning. Just a thought so the entire wheel doesn't have to be re-invented for this.

acornett21 avatar Jan 14 '22 22:01 acornett21

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close. If this issue is safe to close now please do so with /close. Provide feedback via https://github.com/aws-controllers-k8s/community. /lifecycle stale

ack-bot avatar Jun 23 '22 17:06 ack-bot

/lifecycle frozen

vijtrip2 avatar Jun 24 '22 16:06 vijtrip2