Improve UX when container scanning encounters an unsupported image in Auto DevOps
Problem to solve
When container scanning comes across an unsupported image, such as distroless, users may not realize what occurred.
Container users who use
gcr.io/distroless/base image as a base image.
container scanning job in Auto DevOps passes while it warns a critical error as follows:
2019/01/21 16:33:46 [CRIT]
▶Could not fetch vulnerabilities. No features have been detected in the image. This usually means that the image isn't supported by Clair
Users should notice users lack of container scanning of the image.
What does success look like, and how can we measure that?