The dashboard card from the security operator plugin doesn't make it clear that it only scans images from quay. This could give users a false sense of security when it says there are no vulnerabilities. It's possible containers running images from other registries are vulnerable.
We should add a statement in the UI that only images from quay are scanned.
This is not release blocking. Moving to low severity.
Status text: Quay Image Security
Popover title: Quay Image Security breakdown (Breakdown can be dropped if too long.)
Popover description: Container images from quay are analyzed to identify vulnerabilities. Images from other registries will not be scanned.
Created attachment 1645423 [details]
The text show images scaned from quay
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.