Improve UX when container scanning encounters an unsupported image in Auto DevOps

Problem to solve

When container scanning comes across an unsupported image, such as distroless, users may not realize what occurred.

Target audience

Container users who use gcr.io/distroless/base image as a base image.

Further details

container scanning job in Auto DevOps passes while it warns a critical error as follows:

$ container_scanning

...

2019/01/21 16:33:46 [CRIT] ▶ Could not fetch vulnerabilities. No features have been detected in the image. This usually means that the image isn't supported by Clair

https://gitlab.com/tnir/tnir-gitlab-test-general/-/jobs/148827763

Proposal

Users should notice users lack of container scanning of the image.

What does success look like, and how can we measure that?

TBD

Links / references

Edited Jul 29, 2019 by Nicole Schwartz