Container image details: size of each layer of the image

[flavio]

The current mock of the "container image details" -> "layers grouped view" shows for each layer its size.

Currently this information is not available inside of the Image resource produced by SBOMscanner.

As you know a container image is made by multiple layers. Right now the backend saves only these details about a continer layer:

• The command that generated the layer (e.g.: apt-get install curl)
• The ID of the layer.

These information allow the user to know that CVE-123 was originated by running the command apt-get install curl inside of the layer XYZ.

While we could add the size of the layer to the tracked information, I wonder if there's an actual need to show this detail inside of a security product.

Our goal is not to build a "container registry explorer" like Harbor.

CC @davideiori1, @oboc-sts

[olblak]

As of today, I don't see the value to have that information per layer. The UI should provide the right information that help prioritize security related work. Anything else is just noise to me.

[oboc-sts]

Agree. We can take it out.

[flavio]

Also, looking at the other columns... I think we can leave out also the "Updated" one. This information is not available inside of the container image

CC @fabriziosestito

[davideiori1]

Yes, no need for the size.
If updated is not available, we can remove also that one.

[flavio]

Thanks for your clarifications.

I think that clarifies things to @xingzhang-suse and the rest of the team.