Image Scanner -> Policy Report Adapter

Question

Image Scanner -> Policy Report Adapter

JimBugwadia opened this issue 4 years ago · 7 comments

Develop an adapter to execute a periodic or event based image scan and convert results and to generate or update a Policy Report custom resource based on the WG Policy CRD.

The tasks involved are:

Research available OSS image scanners like Clair and Trivy
Design how the scan should be run i.e. when a new image pull happens or periodically
Run the scan as a CronJob and produce the Policy Report CRD

Answer 1 · 2021-04-30T20:05:48.000Z

Hi, I'm Stephen, I saw this project on the LFX projects and it needs a mentee for the project. I would love to work on this Image Scanner and also the Falco project, I was once a small Kubernetes contributor and terraform, I have not worked with Falco before or built a Policy report before, but I have worked with Go adapter on two different projects.

Answer 2 · 2021-04-30T21:49:58.000Z

Hi @adeniyistephen - thanks for your interest and welcome to the working group! Please feel free to ask questions here or on our slack channel (https://kubernetes.slack.com/archives/C906A4GAF) to help you draft a proposal.

Answer 3 · 2021-06-01T20:23:43.000Z

@JimBugwadia Can't wait to start. :)

Answer 4 · 2021-08-30T21:02:42.000Z

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

After 90d of inactivity, lifecycle/stale is applied
After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

Mark this issue or PR as fresh with /remove-lifecycle stale
Mark this issue or PR as rotten with /lifecycle rotten
Close this issue or PR with /close
Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

Answer 5 · 2021-11-29T00:21:31.000Z

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

After 90d of inactivity, lifecycle/stale is applied
After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

Mark this issue or PR as fresh with /remove-lifecycle stale
Mark this issue or PR as rotten with /lifecycle rotten
Close this issue or PR with /close
Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

Answer 6 · 2021-11-29T01:27:00.000Z

/remove-lifecycle stale

Answer 7 · 2021-11-29T01:27:58.000Z

Closed via #88.