Bug 1942716

Summary: Quay Container Security operator has Medium <-> Low colors reversed
Product: OpenShift Container Platform Reporter: Peter Kreuser <pkreuser>
Component: Dev ConsoleAssignee: Christoph Jerolimov <cjerolim>
Status: CLOSED ERRATA QA Contact: Debsmita Santra <dsantra>
Severity: medium Docs Contact: Rishu Mehra <rmehra>
Priority: medium    
Version: 4.7CC: amerdler, aos-bugs, cjerolim, dsantra, hmishra, jokerman, nmukherj
Target Milestone: ---   
Target Release: 4.8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Previously, the colors for the *Low* and *Medium* severity issues of the Image Manifest Vulnerabilities (IMVs) did not match the color representation shown in the (link:https://quay.io/[Quay.io]) interface. As a result, when the user changed the severity order of vulnerabilities to *High*, the IMVs ordered the issues incorrectly. This created confusion when reviewing the IMVs. The current release fixes this issue. (link:https://bugzilla.redhat.com/show_bug.cgi?id=1942716[*BZ#1942716*])
 Story Points: ---
Clone Of: Environment:
Last Closed: 2021-07-27 22:55:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Console showing IMV resource with reversed colors
none
Console IMV resource list with reversed colors
none
Quay.io correct colors none

Description Peter Kreuser 2021-03-24 19:16:41 UTC 
Created attachment 1766032 [details]
Console showing IMV resource with reversed colors

Description of problem:
Quay Container Security operator uses orange color to represent Low vulnerabilities and yellow to represent Medium, whereas Quay.io interface uses the opposite (which would be more expected.)

Version-Release number of selected component (if applicable):
4.4


How reproducible:
Always

Steps to Reproduce:
1. Install the Quay Container Security operator
2 .View the Status card on the Overview (Cluster) Dashboard, there should now be a Image Vulnerabilities status
3. View the image manifest vuln resource (if vulnerable images are found) by clicking the count of namespaces.
4. If the image manifest vuln resource contains both medium and low vulnerabilties, note the colors
Actual results:
Medium is yellow, Low is orange

Expected results:
Medium is orange, Low is yellow, as shown on quay.io

Additional info:
Comment 1 Peter Kreuser 2021-03-24 19:17:24 UTC 
Created attachment 1766033 [details]
Console IMV resource list with reversed colors
Comment 2 Peter Kreuser 2021-03-24 19:17:46 UTC 
Created attachment 1766034 [details]
Quay.io correct colors
Comment 4 Debsmita Santra 2021-04-20 07:39:31 UTC 
verified on 4.8.0-0.nightly-2021-04-19-175100
Comment 7 errata-xmlrpc 2021-07-27 22:55:28 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2438