mirror of
https://github.com/goharbor/harbor.git
synced 2025-01-21 23:21:26 +01:00
Separate the execution vendor type sbom from image_scan (#20504)
Add vendor type SBOM for execution fixes #20495 Signed-off-by: stonezdj <stone.zhang@broadcom.com>
This commit is contained in:
parent
1f0c8289a5
commit
6d782ae695
@ -333,7 +333,11 @@ func (bc *basicController) Scan(ctx context.Context, artifact *ar.Artifact, opti
|
||||
if op := operator.FromContext(ctx); op != "" {
|
||||
extraAttrs["operator"] = op
|
||||
}
|
||||
executionID, err := bc.execMgr.Create(ctx, job.ImageScanJobVendorType, artifact.ID, task.ExecutionTriggerManual, extraAttrs)
|
||||
vendorType := handler.JobVendorType()
|
||||
// for vulnerability and generate sbom, use different vendor type
|
||||
// because the execution reaper only keep the latest execution for the vendor type IMAGE_SCAN
|
||||
// both vulnerability and sbom need to keep the latest scan execution to get the latest scan status
|
||||
executionID, err := bc.execMgr.Create(ctx, vendorType, artifact.ID, task.ExecutionTriggerManual, extraAttrs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@ -364,7 +368,8 @@ func (bc *basicController) Stop(ctx context.Context, artifact *ar.Artifact, capT
|
||||
if artifact == nil {
|
||||
return errors.New("nil artifact to stop scan")
|
||||
}
|
||||
query := q.New(q.KeyWords{"vendor_type": job.ImageScanJobVendorType, "extra_attrs.artifact.digest": artifact.Digest, "extra_attrs.enabled_capabilities.type": capType})
|
||||
vendorType := sca.GetScanHandler(capType).JobVendorType()
|
||||
query := q.New(q.KeyWords{"vendor_type": vendorType, "extra_attrs.artifact.digest": artifact.Digest, "extra_attrs.enabled_capabilities.type": capType})
|
||||
executions, err := bc.execMgr.List(ctx, query)
|
||||
if err != nil {
|
||||
return err
|
||||
@ -960,7 +965,8 @@ func (bc *basicController) launchScanJob(ctx context.Context, param *launchScanJ
|
||||
params[sca.JobParameterRequest] = sJSON
|
||||
params[sca.JobParameterMimes] = mimes
|
||||
params[sca.JobParameterRobot] = robotJSON
|
||||
|
||||
// because there is only one task type implementation
|
||||
// both the vulnerability scan and generate sbom use the same job type for now
|
||||
j := &task.Job{
|
||||
Name: job.ImageScanJobVendorType,
|
||||
Metadata: &job.Metadata{
|
||||
|
@ -342,6 +342,8 @@ func (suite *ControllerTestSuite) SetupSuite() {
|
||||
reportConverter: &postprocessorstesting.ScanReportV1ToV2Converter{},
|
||||
cache: func() cache.Cache { return suite.cache },
|
||||
}
|
||||
mock.OnAnything(suite.scanHandler, "JobVendorType").Return("IMAGE_SCAN")
|
||||
|
||||
}
|
||||
|
||||
// TearDownSuite ...
|
||||
|
@ -22,6 +22,8 @@ const (
|
||||
|
||||
// ImageScanJobVendorType is name of scan job it will be used as key to register to job service.
|
||||
ImageScanJobVendorType = "IMAGE_SCAN"
|
||||
// SBOMJobVendorType key to create sbom generate execution.
|
||||
SBOMJobVendorType = "SBOM"
|
||||
// GarbageCollectionVendorType job name
|
||||
GarbageCollectionVendorType = "GARBAGE_COLLECTION"
|
||||
// ReplicationVendorType : the name of the replication job in job service
|
||||
@ -52,6 +54,7 @@ var (
|
||||
// executionSweeperCount stores the count for execution retained
|
||||
executionSweeperCount = map[string]int64{
|
||||
ImageScanJobVendorType: 1,
|
||||
SBOMJobVendorType: 1,
|
||||
ScanAllVendorType: 1,
|
||||
PurgeAuditVendorType: 10,
|
||||
ExecSweepVendorType: 10,
|
||||
|
@ -50,6 +50,8 @@ type Handler interface {
|
||||
// PostScan defines the operation after scan
|
||||
PostScan(ctx job.Context, sr *v1.ScanRequest, rp *scan.Report, rawReport string, startTime time.Time, robot *model.Robot) (string, error)
|
||||
ReportHandler
|
||||
// JobVendorType returns the job vendor type
|
||||
JobVendorType() string
|
||||
}
|
||||
|
||||
// ReportHandler handler for scan report, it could be sbom report or vulnerability report
|
||||
|
@ -345,3 +345,7 @@ func (h *scanHandler) GetSummary(ctx context.Context, art *artifact.Artifact, mi
|
||||
err = json.Unmarshal([]byte(reportContent), &result)
|
||||
return result, err
|
||||
}
|
||||
|
||||
func (h *scanHandler) JobVendorType() string {
|
||||
return job.SBOMJobVendorType
|
||||
}
|
||||
|
@ -301,3 +301,7 @@ func (h *scanHandler) GetSummary(ctx context.Context, ar *artifact.Artifact, mim
|
||||
|
||||
return summaries, nil
|
||||
}
|
||||
|
||||
func (h *scanHandler) JobVendorType() string {
|
||||
return job.ImageScanJobVendorType
|
||||
}
|
||||
|
@ -89,6 +89,24 @@ func (_m *Handler) GetSummary(ctx context.Context, ar *artifact.Artifact, mimeTy
|
||||
return r0, r1
|
||||
}
|
||||
|
||||
// JobVendorType provides a mock function with given fields:
|
||||
func (_m *Handler) JobVendorType() string {
|
||||
ret := _m.Called()
|
||||
|
||||
if len(ret) == 0 {
|
||||
panic("no return value specified for JobVendorType")
|
||||
}
|
||||
|
||||
var r0 string
|
||||
if rf, ok := ret.Get(0).(func() string); ok {
|
||||
r0 = rf()
|
||||
} else {
|
||||
r0 = ret.Get(0).(string)
|
||||
}
|
||||
|
||||
return r0
|
||||
}
|
||||
|
||||
// MakePlaceHolder provides a mock function with given fields: ctx, art, r
|
||||
func (_m *Handler) MakePlaceHolder(ctx context.Context, art *artifact.Artifact, r *scanner.Registration) ([]*scan.Report, error) {
|
||||
ret := _m.Called(ctx, art, r)
|
||||
|
Loading…
Reference in New Issue
Block a user