Upstream
/
harbor
mirror of https://github.com/goharbor/harbor.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixed link and moved content

This commit is contained in:
Stuart Clements 2019-12-13 16:19:43 +01:00
parent 5e3dd2c45d
commit 1ed6b10522
2 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/harbor-doc-reorg/administration/vulnerability_scanning/_index.md
View File

@ -16,15 +16,5 @@ You can manually initiate scanning on a particular image, or on all images in Ha
- [Scan an Individual Image](scan_individual_image.md)
- [Scan All Images](scan_all_images.md)
- [Schedule Scans](schedule_scans.md)
- [Configure System-Wide CVE Whitelists](configire_system_whitelist.md)
- [Configure System-Wide CVE Whitelists](configure_system_whitelist.md)
**Vulnerability metadata**
Vulnerability scanners depend on the vulnerability metadata to complete the analysis process. After the first initial installation, the vulnerability scanner automatically starts to update the metadata database from different vulnerability repositories. The database update might take a while, based on the data size and network connection.
Depending on the scanner that you use, once the database is ready, the timestamp of the last update is shown in the **Interrogation Services** > **Vulnerability** tab. Currently, only Clair and Anchore provide timestamp information.
![browse project](../../img/clair_ready.png)
Until the database has been fully populated, the timestamp is replaced by a warning symbol. When the database is ready, you can scan images individually or scan all images across all projects.
If your Harbor instance is not connected to the external internet, you must manually update the vulnerability metadata. For information about how to update Clair manually, see [Import Vulnerability Data to an Offline Harbor instance](import_vulnerability_data.md).

13
docs/harbor-doc-reorg/administration/vulnerability_scanning/pluggable_scanners.md
View File

@ -25,4 +25,15 @@ To connect Harbor to additional vulnerability scanners, you must install and con
![Test scanner connection](../../img/test-scanner-connection.png)
1. Click **Add** to connect Harbor to the scanner.
1. Optionally repeat the procedure to add more scanners.
1. If you configure multiple scanners, select one and click **Set as Default** to designate it as the default scanner.
1. If you configure multiple scanners, select one and click **Set as Default** to designate it as the default scanner.
## Vulnerability Metadata
Vulnerability scanners depend on the vulnerability metadata to complete the analysis process. After the first initial installation, the vulnerability scanner automatically starts to update the metadata database from different vulnerability repositories. The database update might take a while, based on the data size and network connection.
Depending on the scanner that you use, once the database is ready, the timestamp of the last update is shown in the **Interrogation Services** > **Vulnerability** tab. Currently, only Clair and Anchore provide timestamp information.
![browse project](../../img/clair_ready.png)
Until the database has been fully populated, the timestamp is replaced by a warning symbol. When the database is ready, you can scan images individually or scan all images across all projects.
If your Harbor instance is not connected to the external internet, you must manually update the vulnerability metadata. For information about how to update Clair manually, see [Import Vulnerability Data to an Offline Harbor instance](import_vulnerability_data.md).