Product Discovery: Show Container Scanning results in the GitLab Container Registry

Problem to solve

We can get the security status of docker images using the GitLab Container Scanning feature. This is shown in the security reports, but it could be useful to show in the Registry section where all images are listed.

Further details

Users can check their images to see if something is vulnerable.

Proposal

Add a security badge (with link to the full report) to show the security status of images listed in the Registry section.

Experience

Status in registry

Screen_Shot_2019-03-05_at_12.13.20_PM

Hover states

Screen_Shot_2019-03-07_at_2.50.46_PM

Edge Cases
Case Example
When a container does not have container scanning configured TBD
When there is a configuration error with an image TBD

What does success look like, and how can we measure that?

People will click on the badge to see the full report.

Edited by Andy Volpe