mr.shintla

looking forward to the pull request. i think it should not take care where the db actually is, this is the responsibility of the user that wants to run the...

btw: i fixed the problem with my own CA by oc create secret generic container-security-operator-extra-certs -n openshift-operators --from-file=ca1.crt=ca1.crt

Seems the upstream ticket got closed as "wont fix" (https://issues.redhat.com/browse/PROJQUAY-2990) Nevertheless: Security related Products are not allowed to fall back to the answer "all secure" ! This is exceptionally bad...

what was the solution? i'm stuck with this aswell... i have multiple organizations inside on-prem quay and therefore created all pull-secrets and linked them to sa/default inside openshift-operators namespace with...

**there is no global/project dashboard about vulnerabilities findings?** > _No, the vulnerabilities findings are associated with one signle artifact. What kind of user scenario if there is an dashborad to...

**broken security concept of "Prevent vulnerable images from running" :** * images that are not scanned (whatever reason "Unsupported" has) are not blocked from pulling like those that were scanned....

> Please disable the "prevent vulnerable" for the proxy-cache project, otherwise you can't pull images from the project. @heww : i can. and i get the image the first time...

@zyyw : security features that mean something which is not obvious are not really a good choice! 1. a not scanned image is not free from vulnerabilities! we just don't...

@zyyw, @wy65701436, @stonezdj, @heww : i don't understand why those important security-related topics here do not lead to any action at all? as far as i see all that happened...

@heww yes i know, as i found this in my tests and thats why i opened this issue, as this is a insecure fallback. and thats why this policy is...