apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: vulnerabilityreports.aquasecurity.github.io
labels:
app.kubernetes.io/managed-by: starboard
spec:
group: aquasecurity.github.io
versions:
- name: v1alpha1
served: true
storage: true
schema:
openAPIV3Schema:
description: |
VulnerabilityReport summarizes vulnerabilities in application dependencies and operating system packages
built into container images.
type: object
required:
- apiVersion
- kind
- metadata
- report
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
report:
type: object
required:
- scanner
- artifact
- summary
- vulnerabilities
properties:
scanner:
type: object
required:
- name
- vendor
- version
properties:
name:
type: string
vendor:
type: string
version:
type: string
registry:
type: object
properties:
server:
type: string
artifact:
type: object
properties:
repository:
type: string
digest:
type: string
tag:
type: string
mimeType:
type: string
summary:
type: object
required:
- criticalCount
- highCount
- mediumCount
- lowCount
- unknownCount
properties:
criticalCount:
type: integer
minimum: 0
highCount:
type: integer
minimum: 0
mediumCount:
type: integer
minimum: 0
lowCount:
type: integer
minimum: 0
unknownCount:
type: integer
minimum: 0
vulnerabilities:
type: array
items:
type: object
required:
- vulnerabilityID
- resource
- installedVersion
- fixedVersion
- severity
- title
properties:
vulnerabilityID:
type: string
resource:
type: string
installedVersion:
type: string
fixedVersion:
type: string
score:
type: number
severity:
type: string
enum:
- CRITICAL
- HIGH
- MEDIUM
- LOW
- UNKNOWN
title:
type: string
description:
type: string
primaryLink:
type: string
links:
type: array
items:
type: string
additionalPrinterColumns:
- jsonPath: .report.artifact.repository
type: string
name: Repository
description: The name of image repository
- jsonPath: .report.artifact.tag
type: string
name: Tag
description: The name of image tag
- jsonPath: .report.scanner.name
type: string
name: Scanner
description: The name of the vulnerability scanner
- jsonPath: .metadata.creationTimestamp
type: date
name: Age
description: The age of the report
- jsonPath: .report.summary.criticalCount
type: integer
name: Critical
description: The number of critical vulnerabilities
priority: 1
- jsonPath: .report.summary.highCount
type: integer
name: High
description: The number of high vulnerabilities
priority: 1
- jsonPath: .report.summary.mediumCount
type: integer
name: Medium
description: The number of medium vulnerabilities
priority: 1
- jsonPath: .report.summary.lowCount
type: integer
name: Low
description: The number of low vulnerabilities
priority: 1
- jsonPath: .report.summary.unknownCount
type: integer
name: Unknown
description: The number of unknown vulnerabilities
priority: 1
scope: Namespaced
names:
singular: vulnerabilityreport
plural: vulnerabilityreports
kind: VulnerabilityReport
listKind: VulnerabilityReportList
categories:
- all
shortNames:
- vuln
- vulns