mirror of
https://github.com/goharbor/harbor.git
synced 2025-01-11 18:38:14 +01:00
Merge pull request #11459 from heww/scan-cleanup
refactor: cleanup unused code about scan
This commit is contained in:
commit
43df7b2577
@ -2155,7 +2155,7 @@ paths:
|
||||
'500':
|
||||
description: Unexpected internal errors.
|
||||
'503':
|
||||
description: Harbor is not deployed with Clair.
|
||||
description: Harbor is not deployed with scanners.
|
||||
/configurations:
|
||||
get:
|
||||
summary: Get system configurations.
|
||||
@ -3896,7 +3896,7 @@ definitions:
|
||||
type: boolean
|
||||
admin_role_in_auth:
|
||||
type: boolean
|
||||
description: indicate the admin privilege is grant by authenticator (LDAP), is always false unless it is the current login user
|
||||
description: indicate the admin privilege is grant by authenticator (LDAP), is always false unless it is the current login user
|
||||
reset_uuid:
|
||||
type: string
|
||||
Salt:
|
||||
@ -4172,9 +4172,9 @@ definitions:
|
||||
with_notary:
|
||||
type: boolean
|
||||
description: If the Harbor instance is deployed with nested notary.
|
||||
with_clair:
|
||||
with_chartmuseum:
|
||||
type: boolean
|
||||
description: If the Harbor instance is deployed with nested clair.
|
||||
description: If the Harbor instance is deployed with nested chartmuseum.
|
||||
registry_url:
|
||||
type: string
|
||||
description: The url of registry against which the docker command should be issued.
|
||||
@ -4196,30 +4196,6 @@ definitions:
|
||||
harbor_version:
|
||||
type: string
|
||||
description: The build version of Harbor.
|
||||
next_scan_all:
|
||||
type: integer
|
||||
description: 'The UTC time in milliseconds, after which user can call scanAll API to scan all images.'
|
||||
clair_vulnerability_status:
|
||||
type: object
|
||||
description: The status of vulnerability data of Clair.
|
||||
properties:
|
||||
overall_last_update:
|
||||
type: integer
|
||||
description: 'The UTC timestamp in milliseconds of last successful update for Clair vulnerability data, when all the updaters are successfully executed.'
|
||||
details:
|
||||
type: array
|
||||
description: Detail timestamp of different namespace. This is introduced to handle the case when some updaters are executed successfully and some not.
|
||||
items:
|
||||
$ref: '#/definitions/VulnNamespaceTimestamp'
|
||||
VulnNamespaceTimestamp:
|
||||
type: object
|
||||
properties:
|
||||
namespace:
|
||||
type: string
|
||||
description: The namespace of the Vulnerability
|
||||
last_update:
|
||||
type: integer
|
||||
description: The UTC timestamp in miliseconds of last successful update for vulnerability data.
|
||||
SystemInfo:
|
||||
type: object
|
||||
properties:
|
||||
@ -5633,124 +5609,6 @@ definitions:
|
||||
type: string
|
||||
description: The identifier of the scanner registration
|
||||
|
||||
VulnerabilityItem:
|
||||
type: object
|
||||
properties:
|
||||
id:
|
||||
type: string
|
||||
description: ID of the CVE.
|
||||
example: 'CVE-2017-8283'
|
||||
package:
|
||||
type: string
|
||||
description: 'An operating system or software dependency package containing the vulnerability.'
|
||||
example: 'dpkg'
|
||||
version:
|
||||
type: string
|
||||
description: 'The version of the package containing the vulnerability.'
|
||||
example: '1.17.27'
|
||||
fix_version:
|
||||
type: string
|
||||
description: 'The version of the package containing the fix if available.'
|
||||
example: '1.18.0'
|
||||
severity:
|
||||
type: string
|
||||
description: 'A standard scale for measuring the severity of a vulnerability.'
|
||||
example: 'high'
|
||||
description:
|
||||
type: string
|
||||
description: 'Description of the CVE'
|
||||
example: 'dpkg-source in dpkg 1.3.0 through 1.18.23 is able to use a non-GNU patch program'
|
||||
links:
|
||||
type: array
|
||||
description: 'The list of link to the upstream database with the full description of the vulnerability.'
|
||||
items:
|
||||
type: string
|
||||
example: 'https://security-tracker.debian.org/tracker/CVE-2017-8283'
|
||||
Report:
|
||||
type: object
|
||||
description: 'The harbor native report format'
|
||||
properties:
|
||||
generated_at:
|
||||
type: string
|
||||
description: 'Time of generating this report'
|
||||
example: '2006-01-02T15:04:05'
|
||||
severity:
|
||||
type: string
|
||||
description: 'A standard scale for measuring the severity of a vulnerability.'
|
||||
example: 'high'
|
||||
vulnerabilities:
|
||||
type: array
|
||||
items:
|
||||
$ref: '#/definitions/VulnerabilityItem'
|
||||
scanner:
|
||||
$ref: '#/definitions/Scanner'
|
||||
|
||||
ScanOverview:
|
||||
type: object
|
||||
description: 'The scan overview attached in the metadata of tag'
|
||||
additionalProperties:
|
||||
$ref: '#/definitions/NativeReportSummary'
|
||||
|
||||
NativeReportSummary:
|
||||
type: object
|
||||
description: 'The summary for the native report'
|
||||
properties:
|
||||
report_id:
|
||||
type: string
|
||||
description: 'id of the native scan report'
|
||||
example: '5f62c830-f996-11e9-957f-0242c0a89008'
|
||||
scan_status:
|
||||
type: string
|
||||
description: 'The status of the report generating process'
|
||||
example: 'Success'
|
||||
severity:
|
||||
type: string
|
||||
description: 'The overall severity'
|
||||
example: 'High'
|
||||
duration:
|
||||
type: integer
|
||||
format: int64
|
||||
description: 'The seconds spent for generating the report'
|
||||
example: 300
|
||||
summary:
|
||||
$ref: '#/definitions/VulnerabilitySummary'
|
||||
start_time:
|
||||
type: string
|
||||
format: date-time
|
||||
description: 'The start time of the scan process that generating report'
|
||||
example: '2006-01-02T14:04:05'
|
||||
end_time:
|
||||
type: string
|
||||
format: date-time
|
||||
description: 'The end time of the scan process that generating report'
|
||||
example: '2006-01-02T15:04:05'
|
||||
|
||||
VulnerabilitySummary:
|
||||
type: object
|
||||
description: |
|
||||
VulnerabilitySummary contains the total number of the foun d vulnerabilities number and numbers of each severity level.
|
||||
properties:
|
||||
total:
|
||||
type: integer
|
||||
format: int
|
||||
description: 'The total number of the found vulnerabilities'
|
||||
example: 500
|
||||
fixable:
|
||||
type: integer
|
||||
format: int
|
||||
description: 'The number of the fixable vulnerabilities'
|
||||
example: 100
|
||||
summary:
|
||||
type: object
|
||||
description: 'Numbers of the vulnerabilities with different severity'
|
||||
additionalProperties:
|
||||
type: integer
|
||||
format: int
|
||||
example: 10
|
||||
example:
|
||||
'Critical': 5
|
||||
'High': 5
|
||||
|
||||
Stats:
|
||||
type: object
|
||||
description: Stats provides the overall progress of the scan all process.
|
||||
|
@ -24,7 +24,6 @@ func init() {
|
||||
new(Project),
|
||||
new(Role),
|
||||
new(RepoRecord),
|
||||
new(ClairVulnTimestamp),
|
||||
new(ProjectMetadata),
|
||||
new(ConfigEntry),
|
||||
new(Label),
|
||||
|
@ -1,136 +0,0 @@
|
||||
// Copyright Project Harbor Authors
|
||||
//
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
package models
|
||||
|
||||
import (
|
||||
"time"
|
||||
)
|
||||
|
||||
// ClairVulnTimestampTable is the name of the table that tracks the timestamp of vulnerability in Clair.
|
||||
const ClairVulnTimestampTable = "clair_vuln_timestamp"
|
||||
|
||||
// ClairVulnTimestamp represents a record in DB that tracks the timestamp of vulnerability in Clair.
|
||||
type ClairVulnTimestamp struct {
|
||||
ID int64 `orm:"pk;auto;column(id)" json:"-"`
|
||||
Namespace string `orm:"column(namespace)" json:"namespace"`
|
||||
LastUpdate time.Time `orm:"column(last_update)" json:"-"`
|
||||
LastUpdateUTC int64 `orm:"-" json:"last_update"`
|
||||
}
|
||||
|
||||
// TableName is required by beego to map struct to table.
|
||||
func (ct *ClairVulnTimestamp) TableName() string {
|
||||
return ClairVulnTimestampTable
|
||||
}
|
||||
|
||||
// ClairLayer ...
|
||||
type ClairLayer struct {
|
||||
Name string `json:"Name,omitempty"`
|
||||
NamespaceNames []string `json:"NamespaceNames,omitempty"`
|
||||
Path string `json:"Path,omitempty"`
|
||||
Headers map[string]string `json:"Headers,omitempty"`
|
||||
ParentName string `json:"ParentName,omitempty"`
|
||||
Format string `json:"Format,omitempty"`
|
||||
Features []ClairFeature `json:"Features,omitempty"`
|
||||
}
|
||||
|
||||
// ClairFeature ...
|
||||
type ClairFeature struct {
|
||||
Name string `json:"Name,omitempty"`
|
||||
NamespaceName string `json:"NamespaceName,omitempty"`
|
||||
VersionFormat string `json:"VersionFormat,omitempty"`
|
||||
Version string `json:"Version,omitempty"`
|
||||
Vulnerabilities []ClairVulnerability `json:"Vulnerabilities,omitempty"`
|
||||
AddedBy string `json:"AddedBy,omitempty"`
|
||||
}
|
||||
|
||||
// ClairVulnerability ...
|
||||
type ClairVulnerability struct {
|
||||
Name string `json:"Name,omitempty"`
|
||||
NamespaceName string `json:"NamespaceName,omitempty"`
|
||||
Description string `json:"Description,omitempty"`
|
||||
Link string `json:"Link,omitempty"`
|
||||
Severity string `json:"Severity,omitempty"`
|
||||
Metadata map[string]interface{} `json:"Metadata,omitempty"`
|
||||
FixedBy string `json:"FixedBy,omitempty"`
|
||||
FixedIn []ClairFeature `json:"FixedIn,omitempty"`
|
||||
}
|
||||
|
||||
// ClairError ...
|
||||
type ClairError struct {
|
||||
Message string `json:"Message,omitempty"`
|
||||
}
|
||||
|
||||
// ClairLayerEnvelope ...
|
||||
type ClairLayerEnvelope struct {
|
||||
Layer *ClairLayer `json:"Layer,omitempty"`
|
||||
Error *ClairError `json:"Error,omitempty"`
|
||||
}
|
||||
|
||||
// ClairNotification ...
|
||||
type ClairNotification struct {
|
||||
Name string `json:"Name,omitempty"`
|
||||
Created string `json:"Created,omitempty"`
|
||||
Notified string `json:"Notified,omitempty"`
|
||||
Deleted string `json:"Deleted,omitempty"`
|
||||
Limit int `json:"Limit,omitempty"`
|
||||
Page string `json:"Page,omitempty"`
|
||||
NextPage string `json:"NextPage,omitempty"`
|
||||
Old *ClairVulnerabilityWithLayers `json:"Old,omitempty"`
|
||||
New *ClairVulnerabilityWithLayers `json:"New,omitempty"`
|
||||
}
|
||||
|
||||
// ClairNotificationEnvelope ...
|
||||
type ClairNotificationEnvelope struct {
|
||||
Notification *ClairNotification `json:"Notification,omitempty"`
|
||||
Error *ClairError `json:"Error,omitempty"`
|
||||
}
|
||||
|
||||
// ClairVulnerabilityWithLayers ...
|
||||
type ClairVulnerabilityWithLayers struct {
|
||||
Vulnerability *ClairVulnerability `json:"Vulnerability,omitempty"`
|
||||
OrderedLayersIntroducingVulnerability []ClairOrderedLayerName `json:"OrderedLayersIntroducingVulnerability,omitempty"`
|
||||
}
|
||||
|
||||
// ClairOrderedLayerName ...
|
||||
type ClairOrderedLayerName struct {
|
||||
Index int `json:"Index"`
|
||||
LayerName string `json:"LayerName"`
|
||||
}
|
||||
|
||||
// ClairVulnerabilityStatus reflects the readiness and freshness of vulnerability data in Clair,
|
||||
// which will be returned in response of systeminfo API.
|
||||
type ClairVulnerabilityStatus struct {
|
||||
OverallUTC int64 `json:"overall_last_update,omitempty"`
|
||||
Details []ClairNamespaceTimestamp `json:"details,omitempty"`
|
||||
}
|
||||
|
||||
// ClairNamespaceTimestamp is a record to store the clairname space and the timestamp,
|
||||
// in practice different namespace in Clair maybe merged into one, e.g. ubuntu:14.04 and ubuntu:16.4 maybe merged into ubuntu and put into response.
|
||||
type ClairNamespaceTimestamp struct {
|
||||
Namespace string `json:"namespace"`
|
||||
Timestamp int64 `json:"last_update"`
|
||||
}
|
||||
|
||||
// ClairNamespace ...
|
||||
type ClairNamespace struct {
|
||||
Name string `json:"Name,omitempty"`
|
||||
VersionFormat string `json:"VersionFormat,omitempty"`
|
||||
}
|
||||
|
||||
// ClairNamespaceEnvelope ...
|
||||
type ClairNamespaceEnvelope struct {
|
||||
Namespaces *[]ClairNamespace `json:"Namespaces,omitempty"`
|
||||
Error *ClairError `json:"Error,omitempty"`
|
||||
}
|
@ -51,20 +51,19 @@ type Storage struct {
|
||||
|
||||
// GeneralInfo wraps common systeminfo for anonymous request
|
||||
type GeneralInfo struct {
|
||||
WithNotary bool `json:"with_notary"`
|
||||
AuthMode string `json:"auth_mode"`
|
||||
AuthProxySettings *models.HTTPAuthProxy `json:"authproxy_settings,omitempty"`
|
||||
RegistryURL string `json:"registry_url"`
|
||||
ExtURL string `json:"external_url"`
|
||||
ProjectCreationRestrict string `json:"project_creation_restriction"`
|
||||
SelfRegistration bool `json:"self_registration"`
|
||||
HasCARoot bool `json:"has_ca_root"`
|
||||
HarborVersion string `json:"harbor_version"`
|
||||
ClairVulnStatus *models.ClairVulnerabilityStatus `json:"clair_vulnerability_status,omitempty"`
|
||||
RegistryStorageProviderName string `json:"registry_storage_provider_name"`
|
||||
ReadOnly bool `json:"read_only"`
|
||||
WithChartMuseum bool `json:"with_chartmuseum"`
|
||||
NotificationEnable bool `json:"notification_enable"`
|
||||
WithNotary bool `json:"with_notary"`
|
||||
AuthMode string `json:"auth_mode"`
|
||||
AuthProxySettings *models.HTTPAuthProxy `json:"authproxy_settings,omitempty"`
|
||||
RegistryURL string `json:"registry_url"`
|
||||
ExtURL string `json:"external_url"`
|
||||
ProjectCreationRestrict string `json:"project_creation_restriction"`
|
||||
SelfRegistration bool `json:"self_registration"`
|
||||
HasCARoot bool `json:"has_ca_root"`
|
||||
HarborVersion string `json:"harbor_version"`
|
||||
RegistryStorageProviderName string `json:"registry_storage_provider_name"`
|
||||
ReadOnly bool `json:"read_only"`
|
||||
WithChartMuseum bool `json:"with_chartmuseum"`
|
||||
NotificationEnable bool `json:"notification_enable"`
|
||||
}
|
||||
|
||||
// GetVolumeInfo gets specific volume storage info.
|
||||
|
Loading…
Reference in New Issue
Block a user