On Thu, Jan 20, 2022 at 09:44:54PM +0100, Simon Szustkowski wrote:
>Hmmm, on every page view you say? So it would be possible to just curl the
>Quay landingpage via cron?
Yes, they can use the Quay Security API or the clair API directly.
>I don't think my customer would visit the Quay WebUI so often and merely
>use the Container Security Operator in Openshift, and they are explicitly
>asking for periodic scannings in the background to track the "degradation"
>of an image.
If they're using the CSO, I'd assume it's requesting new vulnerability
reports periodically. I don't know for certain, though.
--
hank