invalid image reference format in Logs Portal

[networkhermit]

If you are reporting a problem, please make sure the following information are provided:

Expected behavior and actual behavior:

In the Logs tab of Harbor UI, I found that some image references in the Resource column are invalid:

❯ sudo k3s crictl pull ghcr.io/fluxcd/source-controller:sha256:b3012918b3da04aee9ebd6cc5c297eff41b26161b7bd06b3910b7ccff6d8b9e1
E0404 22:22:07.111820   37628 remote_image.go:180] "PullImage from image service failed" err="rpc error: code = Unknown desc = failed to parse image r
eference \"ghcr.io/fluxcd/source-controller:sha256:b3012918b3da04aee9ebd6cc5c297eff41b26161b7bd06b3910b7ccff6d8b9e1\": invalid reference format" image
="ghcr.io/fluxcd/source-controller:sha256:b3012918b3da04aee9ebd6cc5c297eff41b26161b7bd06b3910b7ccff6d8b9e1"
FATA[0000] pulling image: failed to parse image reference "ghcr.io/fluxcd/source-controller:sha256:b3012918b3da04aee9ebd6cc5c297eff41b26161b7bd06b3910
b7ccff6d8b9e1": invalid reference format

The correct format is @sha256 instead of :sha256:

❯ sudo k3s crictl pull ghcr.io/fluxcd/source-controller@sha256:b3012918b3da04aee9ebd6cc5c297eff41b26161b7bd06b3910b7ccff6d8b9e1
Image is up to date for sha256:82045e6750545003bc94ed4affab3f9f9c47aa162a93fb9f6b0711b9cc37986a

Steps to reproduce the problem:

1. In Harbor UI, choose some image to pull and COPY PULL COMMAND (it should be in the *@sha256sum:* form)
2. Running the pull command in your terminal
3. Wait for the access logs appears in Harbor Logs
4. Verify the image reference in Resource column is *:sha256sum:* form, which is invalid

Versions:
Please specify the versions of following systems.

• harbor version: v2.10.1-b7b88476
• docker engine version: [y.y.y]
• docker-compose version: [z.z.z]

Additional context:

• Harbor config files: You can get them by packaging harbor.yml and files in the same directory, including subdirectory.
• Log files: You can get them by package the /var/log/harbor/ .

[wy65701436]

hi, I cannot reproduce your problem, can you try with the demo.goharbor.io. I've validated your scenario, the digest format is correct(@sha256sum:).

[networkhermit]

hi, I cannot reproduce your problem, can you try with the demo.goharbor.io. I've validated your scenario, the digest format is correct(@sha256sum:).

I just tried demo.goharbor.io, the image reference dockerhub/library/busybox:sha256:4be429a5fbb2e71ae7958bfa558bc637cf3a61baf40a708cb8fff532b39e52d0 is invalid.

[zyyw]

Reproduced this issue in Harbor v2.10.1, it may have something to do with this code snippet - line191:

harbor/src/controller/event/topic.go

Lines 182 to 206 in b7b8847

	func (p *PullArtifactEvent) ResolveToAuditLog() (*model.AuditLog, error) {
	auditLog := &model.AuditLog{
	ProjectID: p.Artifact.ProjectID,
	OpTime: p.OccurAt,
	Operation: rbac.ActionPull.String(),
	Username: p.Operator,
	ResourceType: "artifact"}
	if len(p.Tags) == 0 {
	auditLog.Resource = fmt.Sprintf("%s:%s",
	p.Artifact.RepositoryName, p.Artifact.Digest)
	} else {
	auditLog.Resource = fmt.Sprintf("%s:%s",
	p.Artifact.RepositoryName, p.Tags[0])
	}
	// for pull public resource
	if p.Operator == "" {
	auditLog.Username = "anonymous"
	} else {
	auditLog.Username = p.Operator
	}
	return auditLog, nil
	}