Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SBOM accessory that is replicated over from another registry is not deleted after triggering SBOM manual generation #20496

Closed
zyyw opened this issue May 28, 2024 · 1 comment
Closed

SBOM accessory that is replicated over from another registry is not deleted after triggering SBOM manual generation #20496

zyyw opened this issue May 28, 2024 · 1 comment
Assignees
@wy65701436
Labels
area/SBOM target/2.11.0

Comments

@zyyw
Copy link
Contributor

zyyw commented May 28, 2024
edited
Loading

How to reproduce?

  1. deploy two harbor instances: harbor1 and harbor2
  2. push image1 to harbor1; generate SBOM for image1
  3. create a push-based replication from harbor1 to harbor2 to replicate image1 (located on harbor1) and its SBOM accessory to harbor2
  4. we can see that the image1 and its SBOM accessory are replicated to harbor2 (image1, sbom1 harbor1 -> image2, sbom2 harbor2). However, if we trigger a SBOM generate manually for the image2 (which is the image1 on harbor1 replicated to harbor2), we can see that in addition to sbom2 being associated to image2, a new SBOM (sbom3) is associated to image2. So there are in total of 2 SBOM accessories (sbom2 & sbom3) associated to image2. Should sbom2 be replace by sbom3?
Screenshot 2024-05-28 at 3 00 43 PM
@xuelichao
Copy link
Contributor

According to our discussion in design stage, Ui will Use the first item in the accessories list. i think the order of item in the list returned fro the backend does not correct. we should always put the latest one in the first item of the list.

@wy65701436 wy65701436 assigned wy65701436 and unassigned stonezdj and xuelichao May 28, 2024
wy65701436 added a commit to wy65701436/harbor that referenced this issue May 28, 2024
@wy65701436
fix 20496
9af689b 
fixes goharbor#20496

Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.

Signed-off-by: wang yan <wangyan@vmware.com>
wy65701436 added a commit to wy65701436/harbor that referenced this issue May 28, 2024
@wy65701436
fix 20496
8d86e2c 
fixes goharbor#20496

Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.

Signed-off-by: wang yan <wangyan@vmware.com>
wy65701436 added a commit to wy65701436/harbor that referenced this issue May 28, 2024
@wy65701436
fix 20496
6d0380b 
fixes goharbor#20496

Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.

Signed-off-by: wang yan <wangyan@vmware.com>
wy65701436 added a commit to wy65701436/harbor that referenced this issue May 29, 2024
@wy65701436
fix 20496
9170f47 
fixes goharbor#20496

Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.

Signed-off-by: wang yan <wangyan@vmware.com>
wy65701436 added a commit to wy65701436/harbor that referenced this issue May 29, 2024
@wy65701436
fix 20496
724af23 
fixes goharbor#20496

Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.

Signed-off-by: wang yan <wangyan@vmware.com>

Signed-off-by: wang yan <wangyan@vmware.com>
wy65701436 added a commit to wy65701436/harbor that referenced this issue May 29, 2024
@wy65701436
fix 20496
74d5475 
fixes goharbor#20496

Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.

Signed-off-by: wang yan <wangyan@vmware.com>

Signed-off-by: wang yan <wangyan@vmware.com>
@wy65701436 wy65701436 mentioned this issue May 29, 2024
Merged
5 tasks
wy65701436 added a commit that referenced this issue May 29, 2024
@wy65701436
[cherry-pick] fix 20496 (#20509)
723abc6 
fix 20496

fixes #20496

Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.

Signed-off-by: wang yan <wangyan@vmware.com>
wy65701436 added a commit to wy65701436/harbor that referenced this issue May 29, 2024
@wy65701436
[cherry-pick] fix 20496 (goharbor#20509)
0a10128 
fix 20496

fixes goharbor#20496

Harbor will reserve one SBOM accessory artifact for each subject artifact. Ensure all existing SBOMs are removed before generating the next set.

Signed-off-by: wang yan <wangyan@vmware.com>
@zyyw zyyw mentioned this issue May 30, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@wy65701436 wy65701436

Labels
area/SBOM target/2.11.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@stonezdj @wy65701436 @zyyw @xuelichao