Bug 1515438

Summary: [RFE] Support standard structured image scan annotation
Product: Red Hat CloudForms Management Engine Reporter: Satoe Imaishi <simaishi>
Component: SmartState AnalysisAssignee: Erez Freiberger <efreiber>
Status: CLOSED ERRATA QA Contact: brahmani
Severity: medium Docs Contact:
Priority: medium    
Version: 5.8.0CC: aweiteka, efreiber, gblomqui, jhardy, lavenel, obarenbo
Target Milestone: GAKeywords: FutureFeature
Target Release: 5.9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: container
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: 1458678 Environment:
Last Closed: 2018-03-01 13:21:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: Container Management Target Upstream Version:
Embargoed:
Bug Depends On: 1458678    
Bug Blocks:    

Comment 2 CFME Bot 2017-11-29 20:24:00 UTC 
New commit detected on ManageIQ/manageiq/gaprindashvili:
https://github.com/ManageIQ/manageiq/commit/3ec3b2e1852e8a7883a96eaeb6607e1d158bc3f6

commit 3ec3b2e1852e8a7883a96eaeb6607e1d158bc3f6
Author:     Gregg Tanzillo <gtanzill>
AuthorDate: Mon Nov 20 09:24:08 2017 -0500
Commit:     Satoe Imaishi <simaishi>
CommitDate: Mon Nov 20 14:32:10 2017 -0500

    Merge pull request #15031 from enoodle/container_ssa_annotate_success
    
    Container ssa annotate success
    (cherry picked from commit 9835af3b3e53525a3dbb6745b4718866890edd4f)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1515438

 app/models/miq_action.rb        | 11 ++++++-----
 db/fixtures/miq_actions.csv     |  2 ++
 db/fixtures/miq_policy_sets.yml | 19 +++++++++++++++++--
 spec/models/miq_action_spec.rb  |  4 ++--
 4 files changed, 27 insertions(+), 9 deletions(-)
Comment 3 brahmani 2017-11-30 11:48:13 UTC 
Verified on 5.9.0.11.20171127204214_e316988.
after run SSA on Container Image.
on openshift run:

oc get image sha256:105dd6e8e518b5f632e550ac8edeef52c5079c7fb102fc55db45d3b52d8053c1 -o yaml

get output:

metadata:
  annotations:
    images.openshift.io/deny-execution: "true"
    quality.images.openshift.io/vulnerability.openscap: '{"name":"ManageIQ","timestamp":1512042083,"description":"OpenSCAP
      Score","reference":"","compliant":false,"summary":[{"label":"Critical","severityIndex":3,"data":6},{"label":"Important","severityIndex":2,"data":10},{"label":"Medium","severityIndex":1,"data":0},{"label":"Low","severityIndex":0,"data":0}]}'
    security.manageiq.org/failed-policy: openscap policy
    security.manageiq.org/successful-policy: openscap policy
Comment 6 errata-xmlrpc 2018-03-01 13:21:17 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2018:0380