Comments (5)
Which harbor version (is it a GA build)? Could you provide more context like user info and error msg of your scan request?
from harbor.
It is harbor version v2.11.0 . We have enabled the "Automatically generate SBOM on push". But it doesn't seem to work as expected ( refer first image below) , we cannot see the sub-section, that displays the accessory, type and etc. But when i click on SBOM "view log" . I could see this error under it (refer second image).
from harbor.
Detailed SBOM Log :
2024-06-27T06:34:18Z [DEBUG] [/pkg/scan/job.go:385]: registration:
2024-06-27T06:34:18Z [INFO] [/pkg/scan/job.go:396]: {
"uuid": "30325296-e769-11ee-9ebb-0242ac1a0007",
"name": "Trivy",
"description": "The Trivy scanner adapter",
"url": "http://trivy-adapter:8080",
"disabled": false,
"is_default": true,
"health": "healthy",
"auth": "",
"access_credential": "[HIDDEN]",
"skip_certVerify": false,
"use_internal_addr": true,
"adapter": "Trivy",
"vendor": "Aqua Security",
"version": "v0.51.2",
"create_time": "2024-03-21T09:55:46.125433Z",
"update_time": "2024-03-21T09:55:46.125434Z"
}
2024-06-27T06:34:18Z [DEBUG] [/pkg/scan/job.go:385]: scanRequest:
2024-06-27T06:34:18Z [INFO] [/pkg/scan/job.go:396]: {
"registry": {
"url": "http://core:8080",
"authorization": "[HIDDEN]",
"insecure": false
},
"artifact": {
"namespace_id": 8,
"repository": "sree/test",
"tag": "9.3.15.0-jre8",
"digest": "sha256:b191c928b40735790767c0478028d206d7d5a0728c8851815846e3662acd348f",
"mime_type": "application/vnd.docker.distribution.manifest.v2+json",
"size": 126471248
},
"enabled_capabilities": [
{
"type": "sbom",
"produces_mime_types": [
"application/vnd.security.sbom.report+json; version=1.0"
],
"parameters": {
"sbom_media_types": [
"application/spdx+json"
]
}
}
]
}
2024-06-27T06:34:18Z [INFO] [/pkg/scan/job.go:172]: Report mime types: [application/vnd.security.sbom.report+json; version=1.0]
2024-06-27T06:34:18Z [INFO] [/pkg/scan/job.go:229]: Get report for mime type: application/vnd.security.sbom.report+json; version=1.0
2024-06-27T06:34:20Z [DEBUG] [/pkg/scan/job.go:242]: check scan report for mime application/vnd.security.sbom.report+json; version=1.0 at 2024/06/27 06:34:20
2024-06-27T06:34:20Z [DEBUG] [/pkg/scan/job.go:303]: Converting report ID 3f7e0198-7fbb-4b3a-9586-671334a0c695 to the new V2 schema
2024-06-27T06:34:20Z [DEBUG] [/pkg/scan/sbom/sbom.go:105]: Pushing accessory artifact to harbor-endpoint
2024-06-27T06:34:20Z [ERROR] [/pkg/scan/sbom/sbom.go:108]: error when create accessory from image Get "harbor-endpoint": Forbidden
2024-06-27T06:34:20Z [ERROR] [/pkg/scan/job.go:307]: Failed to convert vulnerability data to new schema for report 3f7e0198-7fbb-4b3a-9586-671334a0c695, error Get "harbor-endpoint": Forbidden
from harbor.
Could anyone please tell me what are the right steps to activate the SBOM successfully ?
from harbor.
Hi please refer to this issue #20565
And already fixed along with v2.11.1
from harbor.
Related Issues (20)
- Please, don't deprecate HTTP protocol on the Harbor reverse proxy HOT 1
- 配置mysql8,不生效 HOT 3
- Pull time is not relevant with proxy-cache HOT 1
- Add customizable `look and feel` for portal HOT 2
- The "Proxy Cache" type of project supports access through subdomains without the projectName path.
- OIDC Provider migration - subiss issues
- How to build locally? HOT 3
- JobService `job_stats` have too long a TTL for large "Scan All" with Trivy
- Please improve the Robot Permission UI HOT 1
- How to get harbor logs HOT 3
- [Documentation] demo.goharbor.io: could not create an account HOT 2
- Harbor job service memory used continued growth HOT 3
- Cannot generate SBOM when using external_url and reverse proxy HOT 2
- docker push image to harbor fails with `unauthorized: unauthorized to access repository` HOT 4
- Configure the harbor network at install time HOT 2
- GAR is not working in proxy-cache through mode
- Login to Harbor reports password error HOT 2
- HARBOR configured with MINIO via HTPPS - (HTTP status: 500 Internal Server Error") HOT 3
- Access ID and Secret for replication to another harbor instance HOT 1
- Replication filter - exclude by name/label HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from harbor.