feat(scan-all): allow scheduling scans for selected projects or repositories #22392
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…an-All-Scope header; propagate scope into execution and filter artifacts by project IDs or repositories; add simple UI to choose projects for schedule Signed-off-by: SoumyaRaikwar <[email protected]>
…der sends repositories if chosen Signed-off-by: SoumyaRaikwar <[email protected]>
…2322 by importing the local app Project model instead of the swagger-generated Project type. The ProjectService returns the app model (creation_time: string | Date), which mismatched the swagger model (creation_time: string). This unblocks Angular build for the selective scan scope UI. Signed-off-by: SoumyaRaikwar <[email protected]>
|
@SoumyaRaikwar, thanks for your contribution! because it involves much of code change in Harbor, could you please raise a proposal in github.com/goharbor/community? |
stonezdj
reviewed
Sep 29, 2025
stonezdj
requested changes
Sep 29, 2025
Signed-off-by: Soumya Raikwar <[email protected]>
|
Hi @stonezdj, Thank you for the feedback! I've submitted the design proposal to the community repository as requested: Proposal PR: Add proposal for selective scan-all scope The proposal includes:
I'll wait for the community review and approval before proceeding with any further changes to this implementation PR. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds selective scoping to scheduled “Scan All” executions so admins can target only the artifacts they care about. The backend now accepts an optional X-Scan-All-Scope header on schedule create/update that limits the scan set by either:
When the header is present, the scan-all execution enumerates only matching artifacts; when omitted, behavior remains unchanged and all artifacts are scanned (backward compatible).
Portal updates: in Interrogation Services > Vulnerability, users can select projects and optionally load and multi-select repositories before saving the schedule; the chosen scope is sent via X-Scan-All-Scope. A small TS fix switches the Project import to the local app model to resolve a type mismatch and ensure a successful Angular build.
Notes/limits:
Build status:
Related issue