Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for OCI Registries #267

Open
nlamirault opened this issue May 2, 2023 · 6 comments
Open

Support for OCI Registries #267

nlamirault opened this issue May 2, 2023 · 6 comments
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.

Comments

@nlamirault
Copy link

nlamirault commented May 2, 2023
edited
Loading

Hi,
according to the documentation: This operator scans all SBOMs from a git-repository for vulnerabilities using Grype

The sbom-operator could generate a SBOM and store it into an OCI-Registry.

Do you think it is possible to support OCI Registry in vulnerability-operator
@ckotzbauer
Copy link
Owner

Hi @nlamirault,
thanks for your feature-request. Yes, it is of course possible to add an OCI-Target to this project. Which information in which format do you wish to store?

@ckotzbauer ckotzbauer added the kind/feature Categorizes issue or PR as related to a new feature. label May 2, 2023
@nlamirault
Copy link
Author

i would like to do:

  • the sbom-operator generate SBOM, and store it into an OCI Registry
  • the vulnerability-operator load SBOM from this OCI Registry and execute a scan.

@ckotzbauer
Copy link
Owner

Okay, you want OCI-Support as source instead of as target. Yes, this might also be possible.

@github-actions
Copy link

github-actions bot commented Aug 2, 2023

This issue is stale because it has been open 90 days with no activity. Remove stale label with /remove-lifecycle stale or comment or this will be closed in 5 days.

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Aug 2, 2023
@ckotzbauer ckotzbauer added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Aug 2, 2023
@nlamirault
Copy link
Author

any news on this feature @ckotzbauer ?

@ckotzbauer
Copy link
Owner

No, not yet. I did not forget this feature, but had no time to implement it yet.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nlamirault @ckotzbauer