zyyw
commented
2 years ago Closed pthoelken closed 2 years ago
zyyw
commented
2 years ago 
pthoelken
commented
2 years ago @zyyw how can I use it? Any documentations?
danielpacak
commented
2 years ago The whole concept of integrating Trivy with Harbor is based on Pluggable Scanners API and scanner updaters that return JSON data that is then rendered in Harbor UI as dynamic HTML. You can also consume JSON reports through Harbor RESTful APIs. However, there's no way to configure output directory and save static HTML vulnerability reports.
pthoelken
commented
2 years ago As we can see here there is a DIRECTORY option for Reports? https://github.com/aquasecurity/harbor-scanner-trivy#configuration
Is this not a possible solution to export the Reports?
danielpacak
commented
2 years ago This configuration is an implementation detail of Harbor Scanner Trivy to store a JSON report generated by Trivy executable binary before it's served (pulled by Harbor) via HTTP endpoint. Notice also the proposal mentioned by @zyyw, which allows users to export vulnerability reports in different formats through Harbor UI. I'm not sure, however, what is the implementation status of this feature.
pthoelken
commented
2 years ago It's maybe also possible to insert a button "Download PDF Report" in the section where I can see the Trivy HTML generated report in Harbor UI?
danielpacak
commented
2 years ago Please review the community proposal mentioned by us and share your feedback there so we can keep it in one place.
It's possible to create the option in the harbor.yml file to setup the following Trivy settings?