Comments (6)
Thank you for additional details @chris-cmsoft
Since this in an integral component of Harbor, if the community decides to add support for rediss:// to Harbor we'll do the same for this adapter.
from harbor-scanner-trivy.
What is your use case? Harbor itself does not currently support rediss:// connection URI.
Do you want to use different Redis instance or cluster for Harbor services (without TLS) and Trivy scanner adapter (with TLS)?
from harbor-scanner-trivy.
Some managed services are immediately provisioned with the rediss://
URI.
My use case is specifically DigitalOcean managed Redis.
Trivy is the first place I noticed it as it was the first component I deployed, but the same would be applicable to Harbor.
More a note for consideration than a requirement.
Ultimately your choice whether it's a worthwhile addition.
from harbor-scanner-trivy.
Closing as a stale issue. What's more it makes sense only if the upstream Harbor does provide support for connecting to Redis with TLS
from harbor-scanner-trivy.
Hi @danielpacak,
We have a helm chart at bitnami/charts that also uses this component and where we would like to support TLS connections to Redis as users often use external redis services.
I was looking at bitnami/charts#7691 when I realised that the components we use don't always support it.
Would you mind keeping this issue opened to help us track when this will become supported for the the harbor trivy scanner?
I believe this will become a more frequent use case, and eventually the community will add support for it. There is an issue currently opened for this - goharbor/harbor#13223
Thanks!
from harbor-scanner-trivy.
Since Trivy is the default scanner in Harbor, we'll update this adapter service in scope of goharbor/harbor#13223
from harbor-scanner-trivy.
Related Issues (20)
- Scan report is missing the binary related to vulnerability HOT 1
- the length of usernames and passwords must match with 2.8.2 HOT 8
- About vulnerabilities [email protected] on image docker
- mkdir /home/scanner/.cache/trivy/fanal: permission denied HOT 1
- ERROR: column t0.critical_cnt does not exist HOT 1
- It does not work when scan java program HOT 1
- Trivy status goes unhealthy during the scan
- how to skip java db update when scanning start
- Allow image layer cache (fanal.db) to be stored in Redis HOT 1
- Trivy scan results are not up to date HOT 1
- Trivy redis connection support redis TLS mode HOT 3
- the helm repo has a bogus release with version 0.31.0 HOT 5
- Allow disable metrics api
- Add private repo environment variable
- /api/v1/scan API should return 400 to the client when the enabled_capabilities.produces_mime_types not specified HOT 1
- /api/v1/scan/{scan_request_id}/report should send http 400 when the sbom_media_type is missed for sbom scan HOT 1
- trivy should skip to generate sbom for container images that have layers[0].mediaType being not valid HOT 2
- Trivy use a lot space in /var/lib/docker/overlay and grow faster HOT 1
- Specify `--image-src remote`
- Harbor failed to connect on trivy-adapter api since v0.31.0
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from harbor-scanner-trivy.