Comments (2)
To use Trivy scanner with Harbor in an air-gapped environment, please refer to this doc:
- https://github.com/goharbor/harbor/wiki/Harbor-FAQs#trivy-in-air-gapped-environment
Please also setskip_java_db_update
totrue
, if your harbor version >= 2.10.1 (or >= v2.9.3)
from harbor.
To use Trivy scanner with Harbor in an air-gapped environment, please refer to this doc:
- https://github.com/goharbor/harbor/wiki/Harbor-FAQs#trivy-in-air-gapped-environment
Please also setskip_java_db_update
totrue
, if your harbor version >= 2.10.1 (or >= v2.9.3)
the link that you provided is for initial setup which i already did. I am asking specifically about the continuous update.
we all know that trivy db gets updated periodically and want to make sure that we have an updated db mounted in the container.
I have a cronjob which will download the trivy db from s3 and mount it to /home/scanner/.cache/trivy dir. If we update the db in the S3(for my test i just uploaded an empty trivy.db) so i know that when trivy scans against that db it will show no vulnerability but the trivy is still showing the vulnerabilities. Either my test scenario is wrong or there is something going on in the backend that i am unaware of.
so that's the reason why i am asking is it creating the metada.json and trivy.db inside /home/scanner/.cache/trivy/db/ based out of /home/scanner/.cache/trivy/trivy.db
from harbor.
Related Issues (20)
- Inaccurate descriptors returned when discovering referrers HOT 3
- Harbor Can not connect to external sentinel redis HOT 2
- Adding custom CA gets skipped for non-Photon images HOT 1
- Way to get Trivy Statistics to Prometheus?
- Harbor replication : image deletion is not replicated HOT 4
- New test cases/Refactor & Enhancement & Remove test cases/Bump up version Harbor 2.12
- Customize logo/title
- API created Robot accounts not appearing in UI HOT 2
- Project admins from group unable to create robot accounts HOT 2
- expose SCANNER_TRIVY_TIMEOUT in harbor.yml
- `cannot redirect to other site` with OIDC login and empty `redirect_url` parameter HOT 3
- invalid image reference format in Logs Portal HOT 3
- Token generated with higher access rights than requested HOT 4
- Add search in the tags for docker image HOT 2
- Tag RC-versions with pre-release HOT 1
- The latest installation script (v2.10.2-rc1) cannot be run.
- Harbor UI does not show helm value file and throws error "unknown: gzip: invalid header" HOT 9
- Replication filter - exclude by name HOT 2
- ERROR: column t0.subject_artifact_repo does not exist at character 61 HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from harbor.