Product Discovery: Show Container Scanning results in the GitLab Container Registry
Problem to solve
We can get the security status of docker images using the GitLab Container Scanning feature. This is shown in the security reports, but it could be useful to show in the Registry section where all images are listed.
Further details
Users can check their images to see if something is vulnerable.
Proposal
Add a security badge (with link to the full report) to show the security status of images listed in the Registry section.
Experience
Status in registry
Hover states
Edge Cases
Case | Example |
---|---|
When a container does not have container scanning configured | TBD |
When there is a configuration error with an image | TBD |
What does success look like, and how can we measure that?
People will click on the badge to see the full report.