Remove clair related code

- clair code in harbor core - clair code in frontend - clair code in robotcase Signed-off-by: DQ <dengq@vmware.com>
2024-11-22 02:05:41 +01:00 · 2020-11-26 17:13:37 +08:00 · 2020-11-26 17:13:37 +08:00 · 590212b485
commit 590212b485
parent dec12308a1
60 changed files with 96 additions and 195 deletions
--- a/.github/workflows/build-package.yml
+++ b/.github/workflows/build-package.yml
@ -75,8 +75,8 @@ jobs:
          fi

          cd src/github.com/goharbor/harbor
-          sudo make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} NOTARYFLAG=true CLAIRFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY=
-          sudo make package_online GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} NOTARYFLAG=true CLAIRFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY=
+          sudo make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} NOTARYFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY=
+          sudo make package_online GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=${Harbor_Build_Base_Tag} VERSIONTAG=${Harbor_Assets_Version} PKGVERSIONTAG=${Harbor_Package_Version} NOTARYFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY=
          harbor_offline_build_bundle=$(basename harbor-offline-installer-*.tgz)
          harbor_online_build_bundle=$(basename harbor-online-installer-*.tgz)
          echo "Package name is: $harbor_offline_build_bundle"
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -317,7 +317,7 @@ Once your pull request has been opened, harbor will run two CI pipelines against
 * If the coverage dramatic decline, you need to commit unit test to coverage your code.
 2. In the drone CI, the E2E test will be triggered against the pull request. Also, the source code will be checked via `gosec`, and the result is stored in google storage for later analysis. The pipeline is about to build and install harbor from source code, then to run four very basic E2E tests to validate the basic functionalities of harbor, like:
 * Registry Basic Verification, to validate the image can be pulled and pushed successful.
-* Clair Basic Verification, to validate the image can be scanned successful.
+* Trivy Basic Verification, to validate the image can be scanned successful.
 * Notary Basic Verification, to validate the image can be signed successful.
 * Ldap Basic Verification, to validate harbor can work in LDAP environment.

--- a/SECURITY.md
+++ b/SECURITY.md
@ -24,7 +24,7 @@ Provide a descriptive subject line and in the body of the email include the foll
 ## When to report a vulnerability
 * When you think Harbor has a potential security vulnerability.
 * When you suspect a potential vulnerability but you are unsure that it impacts Harbor.
-* When you know of or suspect a potential vulnerability on another project that is used by Harbor. For example Harbor has a dependency on Docker, PGSql, Redis, Notary, Clair, etc.
+* When you know of or suspect a potential vulnerability on another project that is used by Harbor. For example Harbor has a dependency on Docker, PGSql, Redis, Notary, Trivy, etc.
  
 ## Patch, Release, and Disclosure
 The Harbor Security Team will respond to vulnerability reports as follows:
--- a/make/harbor.yml.tmpl
+++ b/make/harbor.yml.tmpl
@ -171,7 +171,6 @@ _version: 2.0.0
 #   registry_db_index: 1
 #   jobservice_db_index: 2
 #   chartmuseum_db_index: 3
-#   clair_db_index: 4
 #   trivy_db_index: 5
 #   idle_timeout_seconds: 30

--- a/make/photon/prepare/templates/core/env.jinja
+++ b/make/photon/prepare/templates/core/env.jinja
@ -24,12 +24,10 @@ MAX_JOB_WORKERS={{max_job_workers}}
 CORE_SECRET={{core_secret}}
 JOBSERVICE_SECRET={{jobservice_secret}}
 WITH_NOTARY={{with_notary}}
-WITH_CLAIR={{with_clair}}
 WITH_TRIVY={{with_trivy}}
 CORE_URL={{core_url}}
 CORE_LOCAL_URL={{core_local_url}}
 JOBSERVICE_URL={{jobservice_url}}
-CLAIR_ADAPTER_URL={{clair_adapter_url}}
 TRIVY_ADAPTER_URL={{trivy_adapter_url}}
 NOTARY_URL={{notary_url}}
 REGISTRY_STORAGE_PROVIDER_NAME={{storage_provider_name}}
--- a/src/common/config/metadata/metadatalist.go
+++ b/src/common/config/metadata/metadatalist.go
@ -50,7 +50,7 @@ const (
 	QuotaGroup     = "quota"
 	// Put all config items do not belong a existing group into basic
 	BasicGroup = "basic"
-	ClairGroup = "clair"
+	TrivyGroup = "trivy"
 )

 var (
@ -65,8 +65,7 @@ var (
 		{Name: common.AUTHMode, Scope: UserScope, Group: BasicGroup, EnvKey: "AUTH_MODE", DefaultValue: "db_auth", ItemType: &AuthModeType{}, Editable: false},
 		{Name: common.ChartRepoURL, Scope: SystemScope, Group: BasicGroup, EnvKey: "CHART_REPOSITORY_URL", DefaultValue: "http://chartmuseum:9999", ItemType: &StringType{}, Editable: false},

-		{Name: common.ClairAdapterURL, Scope: SystemScope, Group: ClairGroup, EnvKey: "CLAIR_ADAPTER_URL", DefaultValue: "http://clair-adapter:8080", ItemType: &StringType{}, Editable: false},
-		{Name: common.TrivyAdapterURL, Scope: SystemScope, Group: ClairGroup, EnvKey: "TRIVY_ADAPTER_URL", DefaultValue: "http://trivy-adapter:8080", ItemType: &StringType{}, Editable: false},
+		{Name: common.TrivyAdapterURL, Scope: SystemScope, Group: TrivyGroup, EnvKey: "TRIVY_ADAPTER_URL", DefaultValue: "http://trivy-adapter:8080", ItemType: &StringType{}, Editable: false},

 		{Name: common.CoreURL, Scope: SystemScope, Group: BasicGroup, EnvKey: "CORE_URL", DefaultValue: "http://core:8080", ItemType: &StringType{}, Editable: false},
 		{Name: common.CoreLocalURL, Scope: SystemScope, Group: BasicGroup, EnvKey: "CORE_LOCAL_URL", DefaultValue: "http://127.0.0.1:8080", ItemType: &StringType{}, Editable: false},
@ -146,7 +145,6 @@ var (
 		{Name: common.OIDCAutoOnboard, Scope: UserScope, Group: OIDCGroup, DefaultValue: "false", ItemType: &BoolType{}},

 		{Name: common.WithChartMuseum, Scope: SystemScope, Group: BasicGroup, EnvKey: "WITH_CHARTMUSEUM", DefaultValue: "false", ItemType: &BoolType{}, Editable: true},
-		{Name: common.WithClair, Scope: SystemScope, Group: BasicGroup, EnvKey: "WITH_CLAIR", DefaultValue: "false", ItemType: &BoolType{}, Editable: true},
 		{Name: common.WithTrivy, Scope: SystemScope, Group: BasicGroup, EnvKey: "WITH_TRIVY", DefaultValue: "false", ItemType: &BoolType{}, Editable: true},
 		{Name: common.WithNotary, Scope: SystemScope, Group: BasicGroup, EnvKey: "WITH_NOTARY", DefaultValue: "false", ItemType: &BoolType{}, Editable: true},
 		// the unit of expiration is minute, 43200 minutes = 30 days
--- a/src/common/const.go
+++ b/src/common/const.go
@ -88,7 +88,6 @@ const (
 	TokenExpiration                  = "token_expiration"
 	AdminInitialPassword             = "admin_initial_password"
 	WithNotary                       = "with_notary"
-	WithClair                        = "with_clair"
 	WithTrivy                        = "with_trivy"
 	ScanAllPolicy                    = "scan_all_policy"
 	UAAEndpoint                      = "uaa_endpoint"
@ -118,7 +117,6 @@ const (
 	UserMember                        = "u"
 	GroupMember                       = "g"
 	ReadOnly                          = "read_only"
-	ClairAdapterURL                   = "clair_adapter_url"
 	TrivyAdapterURL                   = "trivy_adapter_url"
 	NotaryURL                         = "notary_url"
 	DefaultCoreEndpoint               = "http://core:8080"
--- a/src/common/utils/ldap/ldap_test.go
+++ b/src/common/utils/ldap/ldap_test.go
@ -67,7 +67,6 @@ var defaultConfigWithVerifyCert = map[string]interface{}{
 	common.TokenExpiration:            30,
 	common.AdminInitialPassword:       "password",
 	common.WithNotary:                 false,
-	common.WithClair:                  false,
 }

 func TestMain(m *testing.M) {
--- a/src/common/utils/test/config.go
+++ b/src/common/utils/test/config.go
@ -55,7 +55,7 @@ var defaultConfig = map[string]interface{}{
 	common.TokenExpiration:            30,
 	common.AdminInitialPassword:       "password",
 	common.WithNotary:                 false,
-	common.WithClair:                  false,
+	common.WithTrivy:                  false,
 	common.UAAClientID:                "testid",
 	common.UAAClientSecret:            "testsecret",
 	common.UAAEndpoint:                "10.192.168.5",
--- a/src/common/utils/test/test.go
+++ b/src/common/utils/test/test.go
@ -124,7 +124,7 @@ func GetUnitTestConfig() map[string]interface{} {
 		common.WithNotary:             "false",
 		common.WithChartMuseum:        "false",
 		common.SelfRegistration:       "true",
-		common.WithClair:              "true",
+		common.WithTrivy:              "true",
 		common.TokenServiceURL:        "http://core:8080/service/token",
 		common.RegistryURL:            fmt.Sprintf("http://%s:5000", ipAddress),
 		common.ReadOnly:               false,
--- a/src/controller/scan/base_controller_test.go
+++ b/src/controller/scan/base_controller_test.go
@ -77,7 +77,7 @@ func (suite *ControllerTestSuite) SetupSuite() {

 	m := &v1.ScannerAdapterMetadata{
 		Scanner: &v1.Scanner{
-			Name:    "Clair",
+			Name:    "Trivy",
 			Vendor:  "Harbor",
 			Version: "0.1.0",
 		},
@ -123,7 +123,7 @@ func (suite *ControllerTestSuite) SetupSuite() {
 	rp := vuln.Report{
 		GeneratedAt: time.Now().UTC().String(),
 		Scanner: &v1.Scanner{
-			Name:    "Clair",
+			Name:    "Trivy",
 			Vendor:  "Harbor",
 			Version: "0.1.0",
 		},
--- a/src/controller/scanner/base_controller.go
+++ b/src/controller/scanner/base_controller.go
@ -328,7 +328,7 @@ func (bc *basicController) GetMetadata(registrationUUID string) (*v1.ScannerAdap
 }

 var (
-	reservedNames = []string{"Clair", "Trivy"}
+	reservedNames = []string{"Trivy"}
 )

 func isReservedName(name string) bool {
--- a/src/controller/scanner/base_controller_test.go
+++ b/src/controller/scanner/base_controller_test.go
@ -54,7 +54,7 @@ func (suite *ControllerTestSuite) SetupTest() {

 	m := &v1.ScannerAdapterMetadata{
 		Scanner: &v1.Scanner{
-			Name:    "Clair",
+			Name:    "Trivy",
 			Vendor:  "Harbor",
 			Version: "0.1.0",
 		},
--- a/src/core/api/scan_all_test.go
+++ b/src/core/api/scan_all_test.go
@ -46,16 +46,16 @@ func TestScanAllAPI(t *testing.T) {
 func (suite *ScanAllAPITestSuite) SetupSuite() {
 	// Ensure scanner is there
 	reg := &scanner.Registration{
-		Name:        "Clair",
-		Description: "The clair scanner adapter",
-		URL:         "https://clair.com:8080",
+		Name:        "Trivy",
+		Description: "The trivy scanner adapter",
+		URL:         "https://trivy.com:8080",
 		Disabled:    false,
 		IsDefault:   true,
 	}

 	scMgr := sc.New()
 	uuid, err := scMgr.Create(reg)
-	require.NoError(suite.T(), err, "failed to initialize clair scanner")
+	require.NoError(suite.T(), err, "failed to initialize trivy scanner")

 	suite.uuid = uuid
 	suite.m = scMgr
--- a/src/core/config/config.go
+++ b/src/core/config/config.go
@ -314,16 +314,6 @@ func WithNotary() bool {
 	return cfgMgr.Get(common.WithNotary).GetBool()
 }

-// WithClair returns a bool value to indicate if Harbor's deployed with Clair
-func WithClair() bool {
-	return cfgMgr.Get(common.WithClair).GetBool()
-}
-
-// ClairAdapterEndpoint returns the endpoint of clair adapter instance, by default it's the one deployed within Harbor.
-func ClairAdapterEndpoint() string {
-	return cfgMgr.Get(common.ClairAdapterURL).GetString()
-}
-
 // WithTrivy returns a bool value to indicate if Harbor's deployed with Trivy.
 func WithTrivy() bool {
 	return cfgMgr.Get(common.WithTrivy).GetBool()
--- a/src/core/config/config_test.go
+++ b/src/core/config/config_test.go
@ -32,7 +32,7 @@ func TestConfig(t *testing.T) {
 	dao.PrepareTestData([]string{"delete from properties where k='scan_all_policy'"}, []string{})
 	defaultCACertPath = path.Join(currPath(), "test", "ca.crt")
 	c := map[string]interface{}{
-		common.WithClair:       false,
+		common.WithTrivy:       false,
 		common.WithChartMuseum: false,
 		common.WithNotary:      false,
 	}
@ -147,8 +147,8 @@ func TestConfig(t *testing.T) {
 	if WithNotary() {
 		t.Errorf("Withnotary should be false")
 	}
-	if WithClair() {
-		t.Errorf("WithClair should be false")
+	if WithTrivy() {
+		t.Errorf("WithTrivy should be false")
 	}
 	if ReadOnly() {
 		t.Errorf("ReadOnly should be false")
--- a/src/core/main.go
+++ b/src/core/main.go
@ -229,7 +229,6 @@ func main() {
 }

 const (
-	clairScanner = "Clair"
 	trivyScanner = "Trivy"
 )

@ -251,20 +250,6 @@ func registerScanners() {
 		uninstallScannerNames = append(uninstallScannerNames, trivyScanner)
 	}

-	if config.WithClair() {
-		log.Info("Registering Clair scanner")
-		wantedScanners = append(wantedScanners, scanner.Registration{
-			Name:            clairScanner,
-			Description:     "The Clair scanner adapter",
-			URL:             config.ClairAdapterEndpoint(),
-			UseInternalAddr: true,
-			Immutable:       true,
-		})
-	} else {
-		log.Info("Removing Clair scanner")
-		uninstallScannerNames = append(uninstallScannerNames, clairScanner)
-	}
-
 	if err := scan.RemoveImmutableScanners(uninstallScannerNames); err != nil {
 		log.Warningf("failed to remove scanners: %v", err)
 	}
@ -285,8 +270,5 @@ func getDefaultScannerName() string {
 	if config.WithTrivy() {
 		return trivyScanner
 	}
-	if config.WithClair() {
-		return clairScanner
-	}
 	return ""
 }
--- a/src/pkg/scan/init_test.go
+++ b/src/pkg/scan/init_test.go
@ -57,12 +57,9 @@ func TestEnsureScanners(t *testing.T) {
 			Keywords: map[string]interface{}{
 				"ex_name__in": []string{
 					"trivy",
-					"clair",
 				},
 			},
-		}).Return([]*scanner.Registration{
-			{Name: "clair", URL: "http://clair:8080"},
-		}, nil)
+		}).Return([]*scanner.Registration{}, nil)
 		mgr.On("Create", &scanner.Registration{
 			Name: "trivy",
 			URL:  "http://trivy:8080",
@ -70,7 +67,6 @@ func TestEnsureScanners(t *testing.T) {

 		err := EnsureScanners([]scanner.Registration{
 			{Name: "trivy", URL: "http://trivy:8080"},
-			{Name: "clair", URL: "http://clair:8080"},
 		})

 		assert.NoError(t, err)
@ -85,25 +81,18 @@ func TestEnsureScanners(t *testing.T) {
 			Keywords: map[string]interface{}{
 				"ex_name__in": []string{
 					"trivy",
-					"clair",
 				},
 			},
 		}).Return([]*scanner.Registration{
 			{Name: "trivy", URL: "http://trivy:8080"},
-			{Name: "clair", URL: "http://clair:8080"},
 		}, nil)
 		mgr.On("Update", &scanner.Registration{
 			Name: "trivy",
 			URL:  "http://trivy:8443",
 		}).Return(nil)
-		mgr.On("Update", &scanner.Registration{
-			Name: "clair",
-			URL:  "http://clair:8443",
-		}).Return(nil)

 		err := EnsureScanners([]scanner.Registration{
 			{Name: "trivy", URL: "http://trivy:8443"},
-			{Name: "clair", URL: "http://clair:8443"},
 		})

 		assert.NoError(t, err)
@ -130,7 +119,7 @@ func TestEnsureDefaultScanner(t *testing.T) {
 		scannerManager = mgr

 		mgr.On("GetDefault").Return(&scanner.Registration{
-			Name: "clair",
+			Name: "trivy",
 		}, nil)

 		err := EnsureDefaultScanner("trivy")
--- a/src/pkg/scan/job_test.go
+++ b/src/pkg/scan/job_test.go
@ -70,7 +70,7 @@ func (suite *JobTestSuite) TestJob() {
 		ID:   0,
 		UUID: "uuid",
 		Name: "TestJob",
-		URL:  "https://clair.com:8080",
+		URL:  "https://trivy.com:8080",
 	}

 	rData, err := r.ToJSON()
@ -121,7 +121,7 @@ func (suite *JobTestSuite) TestJob() {
 	rp := vuln.Report{
 		GeneratedAt: time.Now().UTC().String(),
 		Scanner: &v1.Scanner{
-			Name:    "Clair",
+			Name:    "Trivy",
 			Vendor:  "Harbor",
 			Version: "0.1.0",
 		},
--- a/src/pkg/scan/report/summary_test.go
+++ b/src/pkg/scan/report/summary_test.go
@ -44,7 +44,7 @@ func (suite *SummaryTestSuite) SetupSuite() {
 	rp := vuln.Report{
 		GeneratedAt: time.Now().UTC().String(),
 		Scanner: &v1.Scanner{
-			Name:    "Clair",
+			Name:    "Trivy",
 			Vendor:  "Harbor",
 			Version: "0.1.0",
 		},
@ -102,7 +102,7 @@ func (suite *SummaryTestSuite) TestSummaryGenerateSummaryNoOptions() {
 	suite.Nil(nativeSummary.CVEBypassed)
 	suite.Equal(2, nativeSummary.Summary.Total)

-	suite.Equal("Clair", nativeSummary.Scanner.Name)
+	suite.Equal("Trivy", nativeSummary.Scanner.Name)
 	suite.Equal("Harbor", nativeSummary.Scanner.Vendor)
 	suite.Equal("0.1.0", nativeSummary.Scanner.Version)
 }
--- a/src/pkg/scan/report/supported_mime_test.go
+++ b/src/pkg/scan/report/supported_mime_test.go
@ -42,7 +42,7 @@ func (suite *SupportedMimesSuite) SetupSuite() {
 	rp := vuln.Report{
 		GeneratedAt: time.Now().UTC().String(),
 		Scanner: &v1.Scanner{
-			Name:    "Clair",
+			Name:    "Trivy",
 			Vendor:  "Harbor",
 			Version: "0.1.0",
 		},
--- a/src/pkg/scan/rest/v1/client_test.go
+++ b/src/pkg/scan/rest/v1/client_test.go
@ -57,7 +57,7 @@ func (suite *ClientTestSuite) TestClientMetadata() {
 	require.NoError(suite.T(), err)
 	require.NotNil(suite.T(), m)

-	assert.Equal(suite.T(), m.Scanner.Name, "Clair")
+	assert.Equal(suite.T(), m.Scanner.Name, "Trivy")
 }

 // TestClientSubmitScan tests the scan submission of client
@ -114,7 +114,7 @@ func (mh *mockHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		}
 		m := &ScannerAdapterMetadata{
 			Scanner: &Scanner{
-				Name:    "Clair",
+				Name:    "Trivy",
 				Vendor:  "Harbor",
 				Version: "0.1.0",
 			},
--- a/src/portal/src/app/base/harbor-shell/harbor-shell.component.spec.ts
+++ b/src/portal/src/app/base/harbor-shell/harbor-shell.component.spec.ts
@ -57,7 +57,7 @@ describe('HarborShellComponent', () => {
        },
        getConfig: function () {
            return {
-                with_clair: true
+                with_trivy: true
            };
        }
    };
--- a/src/portal/src/app/config/scanner/config-scanner.component.spec.ts
+++ b/src/portal/src/app/config/scanner/config-scanner.component.spec.ts
@ -17,7 +17,7 @@ describe('ConfigurationScannerComponent', () => {
  let mockScannerMetadata = {
    scanner: {
      name: 'test1',
-      vendor: 'clair',
+      vendor: 'trivy',
      version: '1.0.1',
     },
    capabilities: [{
--- a/src/portal/src/app/config/scanner/scanner-metadata/scanner-metadata.component.spec.ts
+++ b/src/portal/src/app/config/scanner/scanner-metadata/scanner-metadata.component.spec.ts
@ -11,7 +11,7 @@ describe('ScannerMetadataComponent', () => {
  let mockScannerMetadata = {
    scanner: {
      name: 'test1',
-      vendor: 'clair',
+      vendor: 'trivy',
      version: '1.0.1',
     },
    capabilities: [{
--- a/src/portal/src/app/project/repository/artifact-list-page/artifact-list-page.component.spec.ts
+++ b/src/portal/src/app/project/repository/artifact-list-page/artifact-list-page.component.spec.ts
@ -27,7 +27,7 @@ describe('ArtifactListPageComponent', () => {
                project_creation_restriction: "",
                with_chartmuseum: "",
                with_notary: "",
-                with_clair: "",
+                with_trivy: "",
                with_admiral: "",
                registry_url: "",
            };
--- a/src/portal/src/app/project/repository/artifact-list-page/artifact-list/artifact-list-tab/artifact-list-tab.component.spec.ts
+++ b/src/portal/src/app/project/repository/artifact-list-page/artifact-list/artifact-list-tab/artifact-list-tab.component.spec.ts
@ -43,7 +43,7 @@ describe("ArtifactListTabComponent (inline template)", () => {
  let spyScanner: jasmine.Spy;
  let scannerMock = {
    disabled: false,
-    name: "Clair"
+    name: "Trivy"
  };
  let mockActivatedRoute = {
    snapshot: {
--- a/src/portal/src/app/project/repository/artifact/artifact-additions/summary/summary.component.spec.ts
+++ b/src/portal/src/app/project/repository/artifact/artifact-additions/summary/summary.component.spec.ts
@ -128,12 +128,12 @@ describe('SummaryComponent', () => {
    " for container   | undefined |\n| `registry.volumes` | used to create PVCs if persistence is enabled (see " +
    "instructions in values.yaml) | see values.yaml |\n| `registry.nodeSelector` | Node labels for pod assignment " +
    "| `{}` |\n| `registry.tolerations` | Tolerations for pod assignment | `[]` |\n| `registry.affinity` | " +
-    "Node/Pod affinities | `{}` |\n| **Clair** |\n| `clair.enabled` | Enable Clair? | `true` |\n| " +
-    "`clair.image.repository` | Repository for clair image | `vmware/clair-photon` |\n| `clair.image.tag` |" +
-    " Tag for clair image | `v2.0.1-v1.4.0`\n| `clair.resources` | [resources](https://kubernetes.io/docs/concepts/" +
-    "configuration/manage-compute-resources-container/) to allocate for container   | undefined\n| `clair.nodeSelector" +
-    "` | Node labels for pod assignment | `{}` |\n| `clair.tolerations` | Tolerations for pod assignment | `[]` |\n| " +
-    "`clair.affinity` | Node/Pod affinities | `{}` |\n| `postgresql` | Overrides for postgresql chart [values.yaml](https" +
+    "Node/Pod affinities | `{}` |\n| **Trivy** |\n| `trivy.enabled` | Enable Trivy? | `true` |\n| " +
+    "`trivy.image.repository` | Repository for trivy image | `goharbor/trivy-photon` |\n| `trivy.image.tag` |" +
+    " Tag for trivy image | `v2.0.1-v1.4.0`\n| `trivy.resources` | [resources](https://kubernetes.io/docs/concepts/" +
+    "configuration/manage-compute-resources-container/) to allocate for container   | undefined\n| `trivy.nodeSelector" +
+    "` | Node labels for pod assignment | `{}` |\n| `trivy.tolerations` | Tolerations for pod assignment | `[]` |\n| " +
+    "`trivy.affinity` | Node/Pod affinities | `{}` |\n| `postgresql` | Overrides for postgresql chart [values.yaml](https" +
    "://github.com/kubernetes/charts/blob/f2938a46e3ae8e2512ede1142465004094c3c333/stable/postgresql/values.yaml) | " +
    "see values.yaml\n| **Notary** |\n| `notary.enabled` | Enable Notary? | `true` |\n| `notary.server.image.repository`" +
    " | Repository for notary server image | `vmware/notary-server-photon` |\n| `notary.server.image.tag` | Tag for " +
--- a/src/portal/src/app/project/repository/artifact/artifact-tag/artifact-tag.component.spec.ts
+++ b/src/portal/src/app/project/repository/artifact/artifact-tag/artifact-tag.component.spec.ts
@ -38,7 +38,7 @@ describe('ArtifactTagComponent', () => {
            project_creation_restriction: "",
            with_chartmuseum: "",
            with_notary: "",
-            with_clair: "",
+            with_trivy: "",
            with_admiral: "",
            registry_url: "",
        };
--- a/src/portal/src/app/services/app-config.ts
+++ b/src/portal/src/app/services/app-config.ts
@ -18,7 +18,7 @@ import { ClairDBStatus } from "../../lib/services";
 export class AppConfig {
    with_notary: boolean;
    with_admiral: boolean;
-    with_clair: boolean;
+    with_trivy: boolean;
    admiral_endpoint: string;
    auth_mode: string;
    registry_url: string;
@ -37,7 +37,7 @@ export class AppConfig {
        // Set default value
        this.with_notary = false;
        this.with_admiral = false;
-        this.with_clair = false;
+        this.with_trivy = false;
        this.admiral_endpoint = "";
        this.auth_mode = "db_auth";
        this.registry_url = "";
--- a/src/portal/src/lib/components/config/registry-config.component.spec.ts
+++ b/src/portal/src/lib/components/config/registry-config.component.spec.ts
@ -47,7 +47,7 @@ describe('RegistryConfigComponent (inline template)', () => {
  let mockSystemInfo: SystemInfo = {
    "with_notary": true,
    "with_admiral": false,
-    "with_clair": true,
+    "with_trivy": true,
    "admiral_endpoint": "NA",
    "auth_mode": "db_auth",
    "registry_url": "10.112.122.56",
--- a/src/portal/src/lib/components/config/vulnerability/vulnerability-config.component.spec.ts
+++ b/src/portal/src/lib/components/config/vulnerability/vulnerability-config.component.spec.ts
@ -37,7 +37,7 @@ let mockedManualMetrics: ScanningMetrics = {
 };
 const mockedScanner: Scanner = {
  "uuid": "ca3c27f3-72f3-11ea-9e46-0242ac170004",
-  "name": "clair",
+  "name": "trivy",
  "description": "",
  "url": "http://10.92.161.247:8080",
  "disabled": false,
--- a/src/portal/src/lib/components/project-policy-config/project-policy-config.component.spec.ts
+++ b/src/portal/src/lib/components/project-policy-config/project-policy-config.component.spec.ts
@ -14,7 +14,7 @@ import { CURRENT_BASE_HREF } from "../../utils/utils";

 const mockSystemInfo: SystemInfo[] = [
  {
-    'with_clair': true,
+    'with_trivy': true,
    'with_notary': true,
    'with_admiral': false,
    'admiral_endpoint': 'NA',
@ -26,7 +26,7 @@ const mockSystemInfo: SystemInfo[] = [
    'harbor_version': 'v1.1.1-rc1-160-g565110d'
  },
  {
-    'with_clair': false,
+    'with_trivy': false,
    'with_notary': false,
    'with_admiral': false,
    'admiral_endpoint': 'NA',
--- a/src/portal/src/lib/services/interface.ts
+++ b/src/portal/src/lib/services/interface.ts
@ -194,7 +194,7 @@ export interface AccessLogItem {
 *
 */
 export interface SystemInfo {
-  with_clair?: boolean;
+  with_trivy?: boolean;
  with_notary?: boolean;
  with_admiral?: boolean;
  with_chartmuseum?: boolean;
--- a/tests/ci/api_common_install.sh
+++ b/tests/ci/api_common_install.sh
@ -22,7 +22,7 @@ then
    sed "s/# github_token: xxx/github_token: $GITHUB_TOKEN/" -i make/harbor.yml
 fi

-sudo make build_base_docker compile build prepare COMPILETAG=compile_golangimage GOBUILDTAGS="include_oss include_gcs" NOTARYFLAG=true CLAIRFLAG=true TRIVYFLAG=true CHARTFLAG=true GEN_TLS=true
+sudo make build_base_docker compile build prepare COMPILETAG=compile_golangimage GOBUILDTAGS="include_oss include_gcs" NOTARYFLAG=true TRIVYFLAG=true CHARTFLAG=true GEN_TLS=true

 # set the debugging env
 echo "GC_TIME_WINDOW_HOURS=0" | sudo tee -a ./make/common/config/core/env
--- a/tests/ci/distro_installer.sh
+++ b/tests/ci/distro_installer.sh
@ -3,5 +3,5 @@ set -x

 set -e

-sudo make package_online GOBUILDTAGS="include_oss include_gcs" VERSIONTAG=dev-travis PKGVERSIONTAG=dev-travis UIVERSIONTAG=dev-travis GOBUILDIMAGE=golang:1.14.7 COMPILETAG=compile_golangimage NOTARYFLAG=true CLAIRFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY=
-sudo make package_offline GOBUILDTAGS="include_oss include_gcs" VERSIONTAG=dev-travis PKGVERSIONTAG=dev-travis UIVERSIONTAG=dev-travis GOBUILDIMAGE=golang:1.14.7 COMPILETAG=compile_golangimage NOTARYFLAG=true CLAIRFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY=
+sudo make package_online GOBUILDTAGS="include_oss include_gcs" VERSIONTAG=dev-travis PKGVERSIONTAG=dev-travis UIVERSIONTAG=dev-travis GOBUILDIMAGE=golang:1.14.7 COMPILETAG=compile_golangimage NOTARYFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY=
+sudo make package_offline GOBUILDTAGS="include_oss include_gcs" VERSIONTAG=dev-travis PKGVERSIONTAG=dev-travis UIVERSIONTAG=dev-travis GOBUILDIMAGE=golang:1.14.7 COMPILETAG=compile_golangimage NOTARYFLAG=true CHARTFLAG=true TRIVYFLAG=true HTTPPROXY=
--- a/tests/resources/Harbor-Pages/Verify.robot
+++ b/tests/resources/Harbor-Pages/Verify.robot
@ -451,13 +451,6 @@ Verify System Setting Allowlist
    Loop Verifiy CVE_IDs  @{cve_ids}
    Close Browser

-Verify Clair Is Default Scanner
-    Init Chrome Driver
-    Sign In Harbor  ${HARBOR_URL}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}
-    Switch To Scanners Page
-    Should Display The Default Clair Scanner
-    Close Browser
-
 Verify Trivy Is Default Scanner
    Init Chrome Driver
    Sign In Harbor  ${HARBOR_URL}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}
--- a/tests/resources/Harbor-Pages/Vulnerability.robot
+++ b/tests/resources/Harbor-Pages/Vulnerability.robot
@ -52,7 +52,7 @@ Move To Summary Chart
    Sleep  1

 Scan Repo
-#use fail for image clair can not scan, otherwise use success
+#use fail for image can not scan, otherwise use success
    [Arguments]  ${tagname}  ${status}
    #select one tag
    Retry Element Click  //clr-dg-row[contains(.,'${tagname}')]//label
@ -81,18 +81,9 @@ Switch To Scanners Page
    Retry Element Click  xpath=//clr-main-container//clr-vertical-nav//a[contains(.,'Interrogation')]
    Retry Wait Until Page Contains Element  ${set_default_scanner}

-Should Display The Default Clair Scanner
-    Retry Wait Until Page Contains Element  //clr-datagrid//clr-dg-row//clr-dg-cell[contains(.,'Clair')]//span[contains(.,'Default')]
-
 Should Display The Default Trivy Scanner
    Retry Wait Until Page Contains Element  //clr-datagrid//clr-dg-row//clr-dg-cell[contains(.,'Trivy')]//span[contains(.,'Default')]

-Clair Is Immutable Scanner
-    Retry Element Click  //clr-dg-row[contains(.,'Clair')]//clr-radio-wrapper/label
-    Retry Double Keywords When Error  Retry Element Click  ${scanner_action_xpath}  Retry Wait Until Page Contains Element  ${delete_scanner_action_xpath}
-    Retry Double Keywords When Error  Retry Element Click  ${delete_scanner_action_xpath}  Retry Wait Until Page Contains Element  ${delete_scanner_confirm_btn}
-    Retry Double Keywords When Error  Retry Element Click  ${delete_scanner_confirm_btn}  Retry Wait Until Page Contains Element  ${immutable_msg_xpath}
-
 Trivy Is Immutable Scanner
    Retry Element Click  //clr-dg-row[contains(.,'Trivy')]//clr-radio-wrapper/label
    Retry Double Keywords When Error  Retry Element Click  ${scanner_action_xpath}  Retry Wait Until Page Contains Element  ${delete_scanner_action_xpath}
--- a/tests/resources/Harbor-Pages/Vulnerability_Elements.robot
+++ b/tests/resources/Harbor-Pages/Vulnerability_Elements.robot
@ -26,7 +26,6 @@ ${vulnerability_page}  //clr-vertical-nav-group-children/a[contains(.,'Vulnerabi
 ${set_default_scanner}  //button[@id='set-default']
 ${scanner_action_xpath}  //span[@id='action-scanner']
 ${delete_scanner_action_xpath}  //span[@id='delete-scanner-action']
-${immutable_msg_xpath}  //span[contains(.,'registration Clair is not allowed to delete as it is immutable: scanner API: delete')]
 ${immutable_trivy_msg_xpath}  //span[contains(.,'registration Trivy is not allowed to delete as it is immutable: scanner API: delete')]
 ${delete_scanner_confirm_btn}  xpath=//clr-modal//button[contains(.,'DELETE')]
 ${scan_now_result}  xpath=//div[@id="scan-result-container"]
--- a/tests/resources/Harbor-Util.robot
+++ b/tests/resources/Harbor-Util.robot
@ -38,35 +38,35 @@ Install Harbor to Test Server
    Generate Certificate Authority For Chrome

 Up Harbor
-    [Arguments]  ${with_notary}=true  ${with_clair}=true  ${with_chartmuseum}=true
-    ${rc}  ${output}=  Run And Return Rc And Output  make start -e NOTARYFLAG=${with_notary} CLAIRFLAG=${with_clair} CHARTFLAG=${with_chartmuseum}
+    [Arguments]  ${with_notary}=true  ${with_chartmuseum}=true
+    ${rc}  ${output}=  Run And Return Rc And Output  make start -e NOTARYFLAG=${with_notary} CHARTFLAG=${with_chartmuseum}
    Log  ${rc}
    Log  ${output}
    Should Be Equal As Integers  ${rc}  0

 Down Harbor
-    [Arguments]  ${with_notary}=true  ${with_clair}=true  ${with_chartmuseum}=true
-    ${rc}  ${output}=  Run And Return Rc And Output  echo "Y" | make down -e NOTARYFLAG=${with_notary} CLAIRFLAG=${with_clair} CHARTFLAG=${with_chartmuseum}
+    [Arguments]  ${with_notary}=true  ${with_chartmuseum}=true
+    ${rc}  ${output}=  Run And Return Rc And Output  echo "Y" | make down -e NOTARYFLAG=${with_notary} CHARTFLAG=${with_chartmuseum}
    Log  ${rc}
    Log  ${output}
    Should Be Equal As Integers  ${rc}  0

 Package Harbor Offline
-    [Arguments]  ${with_notary}=true  ${with_clair}=true  ${with_chartmuseum}=true  ${with_trivy}=true
+    [Arguments]  ${with_notary}=true  ${with_chartmuseum}=true  ${with_trivy}=true
    Log To Console  \nStart Docker Daemon
    Start Docker Daemon Locally
-    Log To Console  make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=%{Harbor_Build_Base_Tag} NPM_REGISTRY=%{NPM_REGISTRY} VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} CLAIRFLAG=${with_clair} CHARTFLAG=${with_chartmuseum} TRIVYFLAG=${with_trivy} HTTPPROXY=
-    ${rc}  ${output}=  Run And Return Rc And Output  make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=%{Harbor_Build_Base_Tag} NPM_REGISTRY=%{NPM_REGISTRY} VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} CLAIRFLAG=${with_clair} CHARTFLAG=${with_chartmuseum} TRIVYFLAG=${with_trivy} HTTPPROXY=
+    Log To Console  make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=%{Harbor_Build_Base_Tag} NPM_REGISTRY=%{NPM_REGISTRY} VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} CHARTFLAG=${with_chartmuseum} TRIVYFLAG=${with_trivy} HTTPPROXY=
+    ${rc}  ${output}=  Run And Return Rc And Output  make package_offline GOBUILDTAGS="include_oss include_gcs" BASEIMAGETAG=%{Harbor_Build_Base_Tag} NPM_REGISTRY=%{NPM_REGISTRY} VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} CHARTFLAG=${with_chartmuseum} TRIVYFLAG=${with_trivy} HTTPPROXY=
    Log To Console  ${rc}
    Log To Console  ${output}
    Should Be Equal As Integers  ${rc}  0

 Package Harbor Online
-    [Arguments]  ${with_notary}=true  ${with_clair}=true  ${with_chartmuseum}=true  ${with_trivy}=true
+    [Arguments]  ${with_notary}=true  ${with_chartmuseum}=true  ${with_trivy}=true
    Log To Console  \nStart Docker Daemon
    Start Docker Daemon Locally
-    Log To Console  \nmake package_online GOBUILDTAGS="include_oss include_gcs"  VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} CLAIRFLAG=${with_clair} CHARTFLAG=${with_chartmuseum} TRIVYFLAG=${with_trivy} HTTPPROXY=
-    ${rc}  ${output}=  Run And Return Rc And Output  make package_online GOBUILDTAGS="include_oss include_gcs" VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} CLAIRFLAG=${with_clair} CHARTFLAG=${with_chartmuseum} TRIVYFLAG=${with_trivy} HTTPPROXY=
+    Log To Console  \nmake package_online GOBUILDTAGS="include_oss include_gcs"  VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} CHARTFLAG=${with_chartmuseum} TRIVYFLAG=${with_trivy} HTTPPROXY=
+    ${rc}  ${output}=  Run And Return Rc And Output  make package_online GOBUILDTAGS="include_oss include_gcs" VERSIONTAG=%{Harbor_Assets_Version} PKGVERSIONTAG=%{Harbor_Package_Version} NOTARYFLAG=${with_notary} CHARTFLAG=${with_chartmuseum} TRIVYFLAG=${with_trivy} HTTPPROXY=
    Log  ${rc}
    Log  ${output}
    Should Be Equal As Integers  ${rc}  0
@ -105,8 +105,8 @@ Remove Notary Signature
    Should Be Equal As Integers  ${rc}  0

 Prepare
-    [Arguments]  ${with_notary}=true  ${with_clair}=true  ${with_chartmuseum}=true
-    ${rc}  ${output}=  Run And Return Rc And Output  make prepare -e NOTARYFLAG=${with_notary} CLAIRFLAG=${with_clair} CHARTFLAG=${with_chartmuseum}
+    [Arguments]  ${with_notary}=true  ${with_chartmuseum}=true
+    ${rc}  ${output}=  Run And Return Rc And Output  make prepare -e NOTARYFLAG=${with_notary} CHARTFLAG=${with_chartmuseum}
    Log  ${rc}
    Log  ${output}
    Should Be Equal As Integers  ${rc}  0
@ -139,8 +139,8 @@ Prepare Cert
    Should Be Equal As Integers  ${rc}  0

 Compile and Up Harbor With Source Code
-    [Arguments]  ${with_notary}=true  ${with_clair}=true  ${with_chartmuseum}=true
-    ${rc}  ${output}=  Run And Return Rc And Output  make install swagger_client NOTARYFLAG=${with_notary} CLAIRFLAG=${with_clair} CHARTFLAG=${with_chartmuseum} HTTPPROXY=
+    [Arguments]  ${with_notary}=true  ${with_chartmuseum}=true
+    ${rc}  ${output}=  Run And Return Rc And Output  make install swagger_client NOTARYFLAG=${with_notary} CHARTFLAG=${with_chartmuseum} HTTPPROXY=
    Log  ${output}
    Should Be Equal As Integers  ${rc}  0
    Sleep  20
--- a/tests/resources/Nightly-Util.robot
+++ b/tests/resources/Nightly-Util.robot
@ -75,7 +75,6 @@ Collect Logs
    SSHLibrary.Get File  /var/log/harbor/registry.log
    SSHLibrary.Get File  /var/log/harbor/proxy.log
    SSHLibrary.Get File  /var/log/harbor/adminserver.log
-    SSHLibrary.Get File  /var/log/harbor/clair.log
    SSHLibrary.Get File  /var/log/harbor/jobservice.log
    SSHLibrary.Get File  /var/log/harbor/postgresql.log
    SSHLibrary.Get File  /var/log/harbor/notary-server.log
--- a/tests/resources/OVA-Util.robot
+++ b/tests/resources/OVA-Util.robot
@ -32,7 +32,7 @@ ${ova_network_options}  --prop:network.ip0=${ova_network_ip0} --prop:network.net

 ${ova_harbor_admin_password}  harbor-admin-passwd
 ${ova_harbor_db_password}  harbor-db-passwd
-#${ova_service_options}  --prop:auth_mode="%{AUTH_MODE}" --prop:clair_db_password="%{CLAIR_DB_PASSWORD}" --prop:max_job_workers="%{MAX_JOB_WORKERS}" --prop:harbor_admin_password="%{HARBOR_ADMIN_PASSWORD}" --prop:db_password="%{DB_PASSWORD}"
+#${ova_service_options}  --prop:auth_mode="%{AUTH_MODE}" --prop:max_job_workers="%{MAX_JOB_WORKERS}" --prop:harbor_admin_password="%{HARBOR_ADMIN_PASSWORD}" --prop:db_password="%{DB_PASSWORD}"

 #${ova_options}  ${ovftool_options} ${ova_appliance_options} ${ova_service_options}
 #${ova_options_with_network}  ${ova_options} ${ova_network_options} 
--- a/tests/robot-cases/Group0-BAT/BAT.robot
+++ b/tests/robot-cases/Group0-BAT/BAT.robot
@ -35,18 +35,6 @@ Test Case - Registry Basic Verfication

    Close Browser

-Test Case - Clair Basic Verfication
-    Init Chrome Driver
-    ${d}=  get current date  result_format=%m%s
-    Create An New Project With New User  url=${HARBOR_URL}  username=tester${d}  email=tester${d}@vmware.com  realname=tester${d}  newPassword=Test1@34  comment=harbor  projectname=project${d}  public=false
-    Push Image  ${ip}  tester${d}  Test1@34  project${d}  hello-world
-    Go Into Project  project${d}
-    Go Into Repo  project${d}/hello-world
-    Scan Repo  latest  Succeed
-    Summary Chart Should Display  latest
-    #Edit Repo Info
-    Close Browser
-
 Test Case - Notary Basic Verfication
    Enable Notary Client

--- a/tests/robot-cases/Group1-Nightly/Clair.robot
+++ b/tests/robot-cases/Group1-Nightly/Clair.robot
@ -24,13 +24,6 @@ ${SSH_USER}  root
 ${HARBOR_ADMIN}  admin

 *** Test Cases ***
-Test Case - Clair Is Default Scanner And It Is Immutable
-    Init Chrome Driver
-    Sign In Harbor  ${HARBOR_URL}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}
-    Switch To Scanners Page
-    Should Display The Default Clair Scanner
-    Clair Is Immutable Scanner
-
 Test Case - Disable Scan Schedule
    Init Chrome Driver
    Sign In Harbor  ${HARBOR_URL}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}
--- a/tests/robot-cases/Group1-Nightly/Nightly.robot
+++ b/tests/robot-cases/Group1-Nightly/Nightly.robot
@ -28,12 +28,6 @@ ${HARBOR_ADMIN}  admin
 Test Case - Get Harbor Version
 #Just get harbor version and log it
    Get Harbor Version
-Test Case - Clair Is Default Scanner And It Is immutable
-    Init Chrome Driver
-    Sign In Harbor  ${HARBOR_URL}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}
-    Switch To Scanners Page
-    Should Display The Default Clair Scanner
-    Clair Is Immutable Scanner

 Test Case - Read Only Mode
    Init Chrome Driver
--- a/tests/robot-cases/Group1-Nightly/Upgrade.robot
+++ b/tests/robot-cases/Group1-Nightly/Upgrade.robot
@ -26,10 +26,6 @@ ${HARBOR_ADMIN}  admin
 Test Case - Manage project publicity
    Body Of Manage project publicity

-Test Case - Scan A Tag In The Repo
-    [Tags]  clair
-    Body Of Scan A Tag In The Repo  hello-world  latest  is_no_vulerabilty=${true}
-
 Test Case - Scan A Tag In The Repo
    [Tags]  trivy
    Body Of Scan A Tag In The Repo  vmware/photon  1.0
--- a/tests/robot-cases/Group1-Nightly/multi_scanners.robot
+++ b/tests/robot-cases/Group1-Nightly/multi_scanners.robot
@ -47,9 +47,6 @@ Test Case - Switch Scanner

    Switch To Scanners Page

-    Set Default Scanner  Clair
-    Should Display The Default Clair Scanner
-
    Go Into Project  project${d}
    Go Into Repo  project${d}/hello-world
    Retry Wait Until Page Contains Element  ${not_scanned_icon}
--- a/tests/robot-cases/Group3-Upgrade/verify.robot
+++ b/tests/robot-cases/Group3-Upgrade/verify.robot
@ -64,7 +64,6 @@ Test Case - Upgrade Verify
    Run Keyword  Verify System Setting  ${data}
    Run Keyword  Verify System Setting Allowlist  ${data}
    Run Keyword  Verify Image Tag  ${data}
-    Run Keyword  Verify Clair Is Default Scanner

 Test Case - Upgrade Verify
    [Tags]  2.0-latest
--- a/tests/testcases/Group10-Vulnerability/10-01-Cliar-can-not-scan-some-images.md
+++ b/tests/testcases/Group10-Vulnerability/10-01-Cliar-can-not-scan-some-images.md
@ -1,21 +1,20 @@
-Test 10-01  Clair can not scan some images 
+Test 10-01  Trivy can not scan some images 
 =======
  
 # Purpose:    
-To verify that clair can not scan some image.  
+To verify that trivy can not scan some image.  
  
 # References:    
 User guide  
  
 # Environment:  
 * This test requires that a Harbor instance is running and available.  
-* Harbor is installed with clair enable.  
 * A linux host with Docker CLI installed.  
-* Clair has been updated to the latest.    
+* Trivy has been updated to the latest.    
  
 # Test Steps:  
 1. Login Harbor as admin.  
-2. Create a project and push an image clair does not recognize(for example: photon).  
+2. Create a project and push an image trivy does not recognize(for example: photon).  
 3. Scan the pushed image.  
 4. View the scan result.  
 5. Rescan it.  
--- a/tests/testcases/Group10-Vulnerability/10-02-Clair-scan-a-image-with-vulnerability.md
+++ b/tests/testcases/Group10-Vulnerability/10-02-Clair-scan-a-image-with-vulnerability.md
@ -1,17 +1,17 @@
-Test 10-02  Clair scan a image with vulnerability
+Test 10-02  Trivy scan a image with vulnerability
 =======
  
 # Purpose:  
-To verify that clair can scan a image with vulnerability.  
+To verify that trivy can scan a image with vulnerability.  

 # References:  
 User guide  
  
 # Environment:  
 * This test requires that a Harbor instance is running and available.  
-* Harbor is installed with clair enable.  
+* Harbor is installed with trivy enable.  
 * A linux host with Docker CLI installed.    
-* Clair has been updated to the latest.  
+* Trivy has been updated to the latest.  

 # Test Step  
 1. Login Harbor as admin.  
--- a/tests/testcases/Group10-Vulnerability/10-03-Clair-scan-0-package-image.md
+++ b/tests/testcases/Group10-Vulnerability/10-03-Clair-scan-0-package-image.md
@ -1,17 +1,17 @@
-Test 10-03 Clair scan 0 package image
+Test 10-03 Trivy scan 0 package image
 =======
  
 # Purpose:  
-To verify clair scan result of a 0 package image.  
+To verify trivy scan result of a 0 package image.  
  
 # References:  
 User guide  
  
 # Environment:  
 * This test requires that a Harbor instance is running and available.  
-* Harbor is installed with clair enable.  
+* Harbor is installed with trivy enable.  
 * A linux host with Docker CLI installed.  
-* Clair has been updated to the latest.    
+* Trivy has been updated to the latest.    

 # Test Step  
 1. Login Harbor as admin.  
--- a/tests/testcases/Group10-Vulnerability/10-04-Clair-data-not-ready-hint.md
+++ b/tests/testcases/Group10-Vulnerability/10-04-Clair-data-not-ready-hint.md
@ -1,4 +1,4 @@
-Test 10-04 Clair data not ready hint
+Test 10-04 Trivy data not ready hint
 =======
  
 # Purpose:  
@ -9,7 +9,7 @@ User guide
  
 # Environment:  
 * This test requires that a Harbor instance is running and available.  
-* Harbor is installed with clair enable.  
+* Harbor is installed with trivy enable.  
 * A linux host with Docker CLI installed.  
 * Limit the Harbor's bandwith to less than 1Mbps after Harbor is installed.  

--- a/tests/testcases/Group10-Vulnerability/10-05-Schedule-daily-scan.md
+++ b/tests/testcases/Group10-Vulnerability/10-05-Schedule-daily-scan.md
@ -8,9 +8,9 @@ User guide
  
 # Environment:  
 * This test requires that a Harbor instance is running and available.  
-* Harbor is installed with clair enable.  
+* Harbor is installed with trivy enable.  
 * A linux host with Docker CLI installed.  
-* Clair has been updated to the latest.  
+* Trivy has been updated to the latest.  

 # Test Step  
 1. Login Harbor as admin.  
--- a/tests/testcases/Group10-Vulnerability/10-06-Change-scan-configuration.md
+++ b/tests/testcases/Group10-Vulnerability/10-06-Change-scan-configuration.md
@ -9,7 +9,7 @@ User guide
   
 # Environment:   
 * This test requires that a Harbor instance is running and available.   
-* Harbor is installed with clair enable.   
+* Harbor is installed with trivy enable.   
 * A linux host with Docker CLI installed.   
   
 # Test Step   
--- a/tests/testcases/Group10-Vulnerability/10-07-Non-admin-can-not-scan.md
+++ b/tests/testcases/Group10-Vulnerability/10-07-Non-admin-can-not-scan.md
@ -8,7 +8,7 @@ User guide
  
 # Environment:  
 * This test requires that a Harbor instance is running and available.  
-* Harbor is installed with clair enable.  
+* Harbor is installed with trivy enable.  
 * A linux host with Docker CLI installed.  
  
 # Test Step  
--- a/tests/testcases/Group10-Vulnerability/10-08-User-can-not-pull-image-exceed-vulnerability-severity-setting.md
+++ b/tests/testcases/Group10-Vulnerability/10-08-User-can-not-pull-image-exceed-vulnerability-severity-setting.md
@ -8,9 +8,9 @@ User guide.

 # Environment:
 * This test requires that one Harbor instance is running and availiable.  
-* Harbor is installed with clair enable.  
+* Harbor is installed with trivy enable.  
 * A Linux host with Docker client installed.  
-* Clair has been updated to the latest.  
+* Trivy has been updated to the latest.  

 # Test Step:
 1. Login harbor as admin.  
--- a/tests/testcases/Group10-Vulnerability/10-09-User-can-pull-scaned-images.md
+++ b/tests/testcases/Group10-Vulnerability/10-09-User-can-pull-scaned-images.md
@ -8,9 +8,9 @@ User guide.

 # Environment:
 * This test requires that one Harbor instance is running and availiable.  
-* Harbor is installed with clair enable.  
+* Harbor is installed with trivy enable.  
 * A Linux host with Docker client installed.  
-* Clair has been updated to the latest.  
+* Trivy has been updated to the latest.  
 * Vulnerability severity limit is disabled.  

 # Test Step:
--- a/tests/testcases/Group10-Vulnerability/10-10-Manual-scan-all.md
+++ b/tests/testcases/Group10-Vulnerability/10-10-Manual-scan-all.md
@ -8,9 +8,9 @@ User guide.

 # Environment:
 * This test requires that one Harbor instance is running and availiable.  
-* Harbor is installed with clair enable.  
+* Harbor is installed with trivy enable.  
 * A Linux host with Docker client installed.  
-* Clair has been updated to the latest.  
+* Trivy has been updated to the latest.  

 # Test Step:
 1. Login Harbor as admin.  
--- a/tests/testcases/Group10-Vulnerability/10-11-User-fix-vulnerability.md
+++ b/tests/testcases/Group10-Vulnerability/10-11-User-fix-vulnerability.md
@ -1,16 +1,16 @@
 10-07  user fix vulnerability
 =======
 # Purpose:
-To test clair scan image vulnerablity correct after user fix it.  
+To test trivy scan image vulnerablity correct after user fix it.  

 # Reference:
 User guide.  

 # Environment:
 * This test requires that one Harbor instance is running and availiable.  
-* Harbor is installed with clair enable.  
+* Harbor is installed with trivy enable.  
 * A Linux host with Docker client installed.  
-* Clair has been updated to the latest.  
+* Trivy has been updated to the latest.  

 # Test Steps:
 1. Login Harbor as admin.  
--- a/tests/testcases/Group10-Vulnerability/Test-10-12-Scan-image-on-push.md
+++ b/tests/testcases/Group10-Vulnerability/Test-10-12-Scan-image-on-push.md
@ -2,16 +2,16 @@ Test 10-12  Scan Image on Push
 =======
  
 # Purpose:    
-To verify that clair can automatic scan image when image is pushed.  
+To verify that trivy can automatic scan image when image is pushed.  

 # References:    
 User guide  

 # Environment:  
 * This test requires that a Harbor instance is running and available.  
-* Harbor is installed with clair enable.  
+* Harbor is installed with trivy enable.  
 * A linux host with Docker CLI installed.  
-* Clair has been updated to the latest.    
+* Trivy has been updated to the latest.    

 # Test Steps:  
 1. Login Harbor as admin.