Using the Red Hat Quay Container Security Operator, you can access
vulnerability scan results from the OpenShift Container Platform web
console for container images used in active pods on the cluster. The
Red Hat Quay Container Security Operator:
- Watches containers associated with pods on all or specified namespaces
- Queries the container registry where the containers came from
for vulnerability information, provided an image’s registry is
running image scanning (such as Quay.io or a Red Hat Quay registry
with Clair scanning)
- Exposes vulnerabilities via the ImageManifestVuln object in the
Kubernetes API
For more information on the Container Security Operator, follow the
OpenShift documentation:
https://docs.openshift.com/container-platform/latest/security/pod-vulnerability-scan.html