Open johanhammar opened 2 years ago
As we are no longer using Harbor, we will now archive this repo. We would love to donate the project to someone else, so if anyone wanna take over the project they can contact us on EngineeringServices@bestseller.com
Hi! Is backstage-plugin-harbor-* now maintained by the container-registry organization? Thats great news! I would like to reopen this issue, it's still a problem. What do you think?
We would rather not let that extension die. We now try to revive that plugin and build it up so one day in can be merge upstream to harbor.
We recently updated Harbor to 2.4.2 and with that the Backstage Harbor Plugin broke. We're getting
Cannot read properties of undefined (reading 'severity')
We investigated a bit and it seems we get a report back with a new vulnKey. The default X-Accept-Vulnerabilites is
application/vnd.security.vulnerability.report; version=1.1, application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0
. The resulting json contains the keyapplication/vnd.security.vulnerability.report; version=1.1
Specifying only
X-Accept-Vulnerabilites: application/vnd.scanner.adapter.vuln.report.harbor+json; version=1.0
returns an empty json resultHere's two related issues in Harbor: https://github.com/goharbor/harbor/issues/16085 & https://github.com/goharbor/harbor/issues/16295
I'm not quite convinced yet that our solution, changing
vulnKey
toapplication/vnd.security.vulnerability.report; version=1.1
, is correct but might be.What do you think?