Extend Stratos (https://github.com/SUSE/stratos) by adding the ability to integrate open-source Analysis tools such as Popeye, Kube Score, Anchore, Clair etc, so that users can run these tools on their clusters from Stratos and view the results from Stratos.

Allow results to be viewed contextually - so errors/warnings from an analysis will be shown on the appropriate view - e.g. the namespace view, pods view etc.

How does this project relate to the theme "Simplify, Modernize & Accelerate" ?

• Simplify - By integrating Open-Source Static Analyzers, we simplify the experience for customers - allowing them to run analyzers and view/visualize the results through a simply-to-use, visual, web-based interface. The customer does need to wrangle with installing, configuring and maintaining analyzers, figuring out how to run them and scrolling through text reports in a command shell!
• Modernize - Analyze your Cloud Native, containerized workloads easily - know that as you adopt Cloud Native, you can have confidence that your workloads adhere to industry best practice.
• Accelerate - Repeat and rinse: analyze workloads for issues, fix, deploy and validate - quickly and easily from the web-based management interface.

Resources

Demo Video: A short demo of the UI -> https://youtu.be/1sykhmube08

Screenshots:

• Report List
• Run Report
• Analyzer Info
• Example Report

> Source code for this project is in a PR on the Stratos GitHub repository - see: https://github.com/SUSE/stratos/pull/312

What's left to do?

• Create a report viewer for Sonobuoy
• Integrate Sonobouy CLI to invoke the analyzer
• UX tweaks and improvements

Updates

Wednesday

The basic framework is now in place - you can run analysers from Stratos and view reports. Currently integrated Popeye and Kube Score. Need to add a report viewer for Kube Score and Sonobuoy and also integrate Sonobuoy.

Various UI tidy-ups to improve the Popeye report presentation and the report list. Also added a view to show the available analyzers.

Working on allowing reports to be run over a specific Kubernetes namespace or a Helm Release. Adding an Analysis tab in the appropriate place to show the latest analysis report for a namespace or release.

Thursday

• Refactoring report viewer so that it is easier to add different formats.
• Adding support for viewing the last Analysis for a Namespace or Helm release

Lots of refactoring today. Created normalized alert format for the reports so that I can overlay these in other views. Overlay of report results on the Helm Release view almost done.

Friday

Last day! Lots of tidying up. Analyzers now run asynchronously and the status in the UI is updated and better presented. Created report viewer for the Kube-score analyzer and also a mapper to alerts to show on the Helm Release (Workloads) view for overlay.

Report viewer on the Workload view now shows latest and allows selection of a different report.