Uploaded image for project: 'GPII - Global Public Inclusive Infrastructure'
  1. GPII - Global Public Inclusive Infrastructure
  2. GPII-4464

Container images with vulnerabilities

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: APCP Infrastructure
    • Labels:
    • Sprint:
      Ops Pilot CC 1 - Sprint 50
    • Story Points:
      3

      Description

      We've discovered several images with vulnerabilities after improving the review process - these need to be dealt with

      gcloud config set project $TF_VAR_project_id
      Updated property [core/project].
      gcloud beta container images list --format='value(name)'       | xargs -n1 -I '{}' gcloud beta container images list-tags '{}'           --show-occurrences --format=json           --filter
      ='vuln_counts.CRITICAL > 0'       | jq '.[] | {"image": .DISCOVERY[].resourceUrl, "vuln_counts": .vuln_counts }'
      {
        "image": "https://gcr.io/gpii-common-prd/couchdb@sha256:039eeb1b0601bc78bb7be9d292af08822986da2ad344568b3548afb424125884",
        "vuln_counts":

      {     "CRITICAL": 2,     "HIGH": 18,     "LOW": 18,     "MEDIUM": 87   }

      }
      {
        "image": "https://gcr.io/gpii-common-prd/couchdb@sha256:26a1962d06a5e5be965e517c69d2452c82edf335208ed51360d3493724591e2c",
        "vuln_counts":

      {     "CRITICAL": 2,     "HIGH": 18,     "LOW": 18,     "MEDIUM": 87   }

      }
      {
        "image": "https://gcr.io/gpii-common-prd/couchdb@sha256:b877af600e293895f04c59e49e685dee7fa7aaf4bcfafb516491ebd1d9152543",
        "vuln_counts":

      {     "CRITICAL": 2,     "HIGH": 18,     "LOW": 18,     "MEDIUM": 88   }

      }
      {
        "image": "https://gcr.io/gpii-common-prd/couchdb@sha256:4ef67c2160bad2c2b48c0368fa2e328a2c18f2a65442ad1741d895ff7560583c",
        "vuln_counts":

      {     "CRITICAL": 2,     "HIGH": 16,     "LOW": 17,     "MEDIUM": 87   }

      }
      {
        "image": "https://gcr.io/gpii-common-prd/couchdb@sha256:088fb3bc9c193ab4783e47d34f30f009eebabe305ea32280fb3ef0e44f8af8ab",
        "vuln_counts":

      {     "CRITICAL": 2,     "HIGH": 19,     "LOW": 17,     "MEDIUM": 88   }

      }
      {
        "image": "https://gcr.io/gpii-common-prd/couchdb@sha256:ad7c905d2680d828b7cd64639481209e2a5460804fb97518fd47c048d3032040",
        "vuln_counts":

      {     "CRITICAL": 2,     "HIGH": 19,     "LOW": 17,     "MEDIUM": 87   }

      }
      {
        "image": "https://gcr.io/gpii-common-prd/couchdb@sha256:d5e34de969f1eae6793b6b6e319b36ed96badf2617d0ce26c8e247494b1e4ead",
        "vuln_counts":

      {     "CRITICAL": 2,     "HIGH": 19,     "LOW": 15,     "MEDIUM": 85   }

      }
      {
        "image": "https://gcr.io/gpii-common-prd/gpii__couchdb-statefulset-assembler@sha256:0bd8727ca2b0cb8f6d959f0c23edede3918651ec4f2b4f49e1121c7691d72ace",
        "vuln_counts":

      {     "CRITICAL": 2,     "HIGH": 14,     "LOW": 14,     "MEDIUM": 62   }

      }
      {
        "image": "https://gcr.io/gpii-common-prd/gpii__couchdb-statefulset-assembler@sha256:aee756f436ff1daf32701d21da929e8c0b657b5b5ed7755d84e3f0f3c8c75116",
        "vuln_counts":

      {     "CRITICAL": 3,     "HIGH": 12,     "LOW": 11,     "MEDIUM": 53   }

      }
      {
        "image": "https://gcr.io/gpii-common-prd/quay.io__kiali__kiali@sha256:e073c23ab674b65e366f61a19a9722806ca2a7d6ddac5845fae78a7013adfba4",
        "vuln_counts":

      {     "CRITICAL": 1,     "HIGH": 3,     "LOW": 2,     "MEDIUM": 29   }

      }
       

        Attachments

          Activity

            People

            Assignee:
            Stepan Stepan Stipl
            Reporter:
            Stepan Stepan Stipl
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: