Exit Codes of Container Scanning Job Should be Configurable
Problem to solve
Clair can exit non-zero if unapproved vulnerabilities are detected. This is particularly useful in deployment stages where you don't want to allow known security vulnerabilities to be deployed (e.g., production). The container scanning template doesn't leverage this capability and always exits the job with exit code 0. Because of this, it doesn't even alert a user/operator that vulnerabilities were found without inspecting either the security dashboard or the output of the job.
References:
Intended users
Developers and Security personnel
Further details
As a security professional, I want to configure my CI/CD jobs so new security vulnerabilities prevent the application from being deployed to production.
Proposal
Permissions and Security
Documentation
Testing
What does success look like, and how can we measure that?
Exit code would be non-zero if scan was not passed. CI script could then use the non-zero code to determine what to do next or could ignore non-zero code (effectively as it does now)
What is the type of buyer?
Large, enterprise customers that run instances in off-line networks such as governments and possibly even financial or research customers that take security very seriously.