core icon indicating copy to clipboard operation
core copied to clipboard
verified publisher icon thoth-station

show image analysis on RHACS reports

Open goern opened this issue 4 years ago • 2 comments

Is your feature request related to a problem? Please describe. As an Operator of ODH, I want to use RHACS Governance and Risk features, so that all the modules of a Jupyter Notebook are under active maintenance, even if they are installed from upstream

High-level Goals Show how image analysis by Thoth can be used to implement Governance and Risk management of an ODH via RHACS

Describe the solution you'd like A. Thoth Guidance Services provides details package analysis based on container image sha via an REST API B. an Operator create kubernetes-native objects on OpenShift representing parts of the image analysis C. RHACS has a policy based on the object created in B. (D). Stackrocs prevents Notebooks from being started if some threshold

Describe alternatives you've considered tbd

Additional context

  • https://cloud.redhat.com/blog/implement-policy-based-governance-using-configuration-management-of-red-hat-advanced-cluster-management-for-kubernetes
  • https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.0/html/security/governance-and-risk#image-vulnerability-policy
  • https://github.com/quay/container-security-operator

Acceptance Criteria tbd

goern avatar Sep 15 '21 09:09 goern

see also https://github.com/thoth-station/thoth-application/issues/2137#issuecomment-964553107 and https://chat.google.com/room/AAAAVjnVXFk/bnLGL_-tlhk

goern avatar Nov 22 '21 17:11 goern

/priority backlog /lifecycle frozen

goern avatar Jan 18 '22 11:01 goern