mirror of
https://github.com/goharbor/harbor.git
synced 2024-10-02 15:27:42 +02:00
feat: bump up trivy adater to v0.23.0 (#15861)
Closes #14983 Signed-off-by: He Weiwei <hweiwei@vmware.com>
This commit is contained in:
parent
469333c97d
commit
89d52ba7f4
4
Makefile
4
Makefile
@ -110,8 +110,8 @@ PREPARE_VERSION_NAME=versions
|
|||||||
REGISTRYVERSION=v2.7.1-patch-2819-2553-redis
|
REGISTRYVERSION=v2.7.1-patch-2819-2553-redis
|
||||||
NOTARYVERSION=v0.6.1
|
NOTARYVERSION=v0.6.1
|
||||||
NOTARYMIGRATEVERSION=v4.11.0
|
NOTARYMIGRATEVERSION=v4.11.0
|
||||||
TRIVYVERSION=v0.18.3
|
TRIVYVERSION=v0.20.0
|
||||||
TRIVYADAPTERVERSION=v0.20.0
|
TRIVYADAPTERVERSION=v0.23.0
|
||||||
|
|
||||||
# version of chartmuseum for pulling the source code
|
# version of chartmuseum for pulling the source code
|
||||||
CHARTMUSEUM_SRC_TAG=v0.13.1
|
CHARTMUSEUM_SRC_TAG=v0.13.1
|
||||||
|
@ -5,6 +5,12 @@ import base
|
|||||||
import v2_swagger_client
|
import v2_swagger_client
|
||||||
from v2_swagger_client.rest import ApiException
|
from v2_swagger_client.rest import ApiException
|
||||||
|
|
||||||
|
|
||||||
|
report_mime_types = [
|
||||||
|
'application/vnd.security.vulnerability.report; version=1.1',
|
||||||
|
'application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0',
|
||||||
|
]
|
||||||
|
|
||||||
class Artifact(base.Base, object):
|
class Artifact(base.Base, object):
|
||||||
def __init__(self):
|
def __init__(self):
|
||||||
super(Artifact,self).__init__(api_type = "artifact")
|
super(Artifact,self).__init__(api_type = "artifact")
|
||||||
@ -20,6 +26,7 @@ class Artifact(base.Base, object):
|
|||||||
params["with_tag"] = kwargs["with_tag"]
|
params["with_tag"] = kwargs["with_tag"]
|
||||||
if "with_scan_overview" in kwargs:
|
if "with_scan_overview" in kwargs:
|
||||||
params["with_scan_overview"] = kwargs["with_scan_overview"]
|
params["with_scan_overview"] = kwargs["with_scan_overview"]
|
||||||
|
params["x_accept_vulnerabilities"] = ",".join(report_mime_types)
|
||||||
if "with_immutable_status" in kwargs:
|
if "with_immutable_status" in kwargs:
|
||||||
params["with_immutable_status"] = kwargs["with_immutable_status"]
|
params["with_immutable_status"] = kwargs["with_immutable_status"]
|
||||||
|
|
||||||
@ -115,7 +122,12 @@ class Artifact(base.Base, object):
|
|||||||
else:
|
else:
|
||||||
raise Exception("Artifact should not be scanned {}.".format(artifact.scan_overview))
|
raise Exception("Artifact should not be scanned {}.".format(artifact.scan_overview))
|
||||||
|
|
||||||
scan_status = artifact.scan_overview['application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0'].scan_status
|
scan_status = ''
|
||||||
|
for mime_type in report_mime_types:
|
||||||
|
overview = artifact.scan_overview.get(mime_type)
|
||||||
|
if overview:
|
||||||
|
scan_status = overview.scan_status
|
||||||
|
|
||||||
if scan_status == expected_scan_status:
|
if scan_status == expected_scan_status:
|
||||||
return
|
return
|
||||||
raise Exception("Scan image result is {}, not as expected {}.".format(scan_status, expected_scan_status))
|
raise Exception("Scan image result is {}, not as expected {}.".format(scan_status, expected_scan_status))
|
||||||
|
Loading…
Reference in New Issue
Block a user