Audit containerized environments #361
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
lifecycle/frozen
Indicates that an issue or PR should not be auto-closed due to staleness.
needs-triage
Indicates an issue or PR lacks a `triage/...` label and requires one.
priority/backlog
Higher priority than priority/awaiting-more-evidence.
sig/stack-guidance
Categorizes an issue or PR as relevant to SIG Stack Guidance.
Comments
fridex
added
kind/feature
|
Related: #366 |
|
/sig stack-guidance |
sesheta
added
the
sig/stack-guidance
|
Testing if project assignment works: |
|
/project SIG-Stack-Guidance New |
|
/priority backlog |
sesheta
added
the
priority/backlog
|
/assign |
|
Reviewed in sig-sg meeting 2022-06-27:
|
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with /lifecycle stale |
sesheta
added
the
lifecycle/stale
|
/remove-lifecycle stale |
sesheta
added
lifecycle/frozen
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
As a user of Thoth, I would like to submit my container image to Thoth services and Thoth should give me results of analyses that will tell me if content in the containerized environment is known and if there are any issues associated with the container image and its security.
Describe the solution you'd like
Extend container image analyses so that it not only explores what is present in the containerized environment, but can judge if the container image is find with respect to its content, libraries installed, provenance, and so.
Describe alternatives you've considered
Let users validate their container images, but that is too prone to errors.
Related: thoth-station/micropipenv#206
Related: https://discuss.python.org/t/pip-installation-reports/12316
The text was updated successfully, but these errors were encountered: