2.3 KiB
Connect Harbor to Additional Vulnerability Scanners
To connect Harbor to additional vulnerability scanners, you must install and configure an instance of the additional scanner according to the scanner vendor's requirements. The scanner must expose an API endpoint to allow Harbor to trigger the scan process or get reports. You can deploy multiple different scanners, and multiple instances of the same type of scanner.
-
Log in to the Harbor interface with an account that has Harbor system administrator privileges.
-
Expand Administration, and select Interrogation Services.
-
Click the New Scanner button.
-
Enter the information to identify the scanner.
- A unique name for this scanner instance, to display in the Harbor interface.
- An optional description of this scanner instance.
- The address of the API endpoint that the scanner exposes to Harbor.
-
Select how to connect to the scanner from the Authorization drop-down menu.
- None: The scanner allows all connections without any security.
- Basic: Enter a username and password for an account that can connect to the scanner.
- Bearer: Paste the contents of a bearer token in the Token text box.
- APIKey: Paste the contents of an API key for the scanner in the APIKey text box.
-
Optionally select Skip certificate verification if the scanner uses a self-signed or untrusted certificate.
-
Optionally select Use internal registry address if the scanner should connect to Harbor using an internal network address rather than its external URL.
NOTE: To use this option, the scanner must be deployed in a network that allows the scanner to reach Harbor via Harbor's internal network.
-
Click Test Connection to make sure that Harbor can connect successfully to the scanner.
-
Click Add to connect Harbor to the scanner.
-
Optionally repeat the procedure to add more scanners.
-
If you configure multiple scanners, select one and click Set as Default to designate it as the default scanner.