Harbor: [Feature Request] Provide a UI to visualize container vulnerabilities
When trying to identify which containers within our registry contain vulnerabilities, it is frustrating to have to check every individual tag, within every individual registry, within every individual project. It's entirely infeasible to check every single container vulnerability report using the current UI framework for doing so.
Ideally, we would like to see a UI which would show the status of all container scans, scoped according to a user's permissions to view specific projects. This UI would allow users concerned with maintaining container security to get a high level view of the actual contents of these scans across all the projects they have access to. This data lends itself well to helping users determine which CVEs are worth allocating time to resolving due to their widespread occurrence across all their stored container images
cdchris12
All 4 comments
I think maybe one view in each project is more reasonable. We will think about this. But this be easily retrievable via API as a workaround for now, let me know if you need help with that.
xaleeks
on 19 Jan 2020
This new feature sounds good for me too. A consolidated report and a critical CVE list of Images found will be nice to rectify or expunge the Image.
gunboe
on 4 Jun 2020
A consolidated report with filter is crucial for operations. A all-in-one on-line downloadable report to show all the vulnerabilities, white listing(scope, expiration) alone with artifact is very helpful.
As side notes, it will be nice to have the CVE white list at image level to have better control.
dwctua
on 8 Jul 2020
+1 from here
brondum
on 17 Jul 2020
Related issues
pingcrosby
路
3Comments
Poil
路
3Comments
cten
路
3Comments
moooofly
路
3Comments
reasonerjt
路
3Comments
Most helpful comment
+1 from here