Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: sweep executions of image scan job #18649

Merged
merged 1 commit into from
May 10, 2023
Merged

fix: sweep executions of image scan job #18649

merged 1 commit into from
May 10, 2023

Conversation

chlins
Copy link
Member

@chlins chlins commented May 8, 2023

  1. Change the SCAN_ALL job execution retain counts from 5 to 1(per current design, only one report be stored for every artifact, so retain latest 1 is enough).
  2. Enable the sweep for IMAGE_SCAN job(retain latest 1).

Fixes: #18633

Thank you for contributing to Harbor!

Comprehensive Summary of your change

Issue being fixed

Fixes #18633

Please indicate you've done the following:

  • Well Written Title and Summary of the PR
  • Label the PR as needed. "release-note/ignore-for-release, release-note/new-feature, release-note/update, release-note/enhancement, release-note/community, release-note/breaking-change, release-note/docs, release-note/infra, release-note/deprecation"
  • Accepted the DCO. Commits without the DCO will delay acceptance.
  • Made sure tests are passing and test coverage is added if needed.
  • Considered the docs impact and opened a new docs issue or PR with docs changes if needed in website repository.

@chlins chlins requested a review from a team as a code owner May 8, 2023 05:38
@codecov
Copy link

codecov bot commented May 8, 2023
edited
Loading

Codecov Report

Merging #18649 (2bd45f7) into main (2203831) will decrease coverage by 0.04%.
The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##             main   #18649      +/-   ##
==========================================
- Coverage   67.40%   67.37%   -0.04%     
==========================================
  Files         984      984              
  Lines      107029   107029              
  Branches     2670     2670              
==========================================
- Hits        72139    72106      -33     
- Misses      31005    31040      +35     
+ Partials     3885     3883       -2
Flag Coverage Δ
unittests 67.37% <100.00%> (-0.04%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
src/jobservice/job/known_jobs.go 0.00% <ø> (ø)
src/controller/scan/base_controller.go 60.07% <100.00%> (ø)

... and 7 files with indirect coverage changes

wy65701436
wy65701436 approved these changes May 8, 2023
View reviewed changes
Copy link
Contributor

@wy65701436 wy65701436 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@chlins chlins force-pushed the fix/sweep-image-scan-exec branch from 87d85ba to 0460159 Compare May 9, 2023 03:20
zyyw
zyyw reviewed May 9, 2023
View reviewed changes
make/migrations/postgresql/0120_2.9.0_schema.up.sql
@@ -1 +1,7 @@
CREATE INDEX IF NOT EXISTS idx_task_extra_attrs_report_uuids ON task USING gin ((extra_attrs::jsonb->'report_uuids'));

/* Set the vendor_id of IMAGE_SCAN to the artifact id instead of scanner id, which facilitates execution sweep */
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you please elaborate why changing the vendor_id of IMAGE_SCAN from scanner-id to artifact-id will facilitate the execution sweep? Thanks

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Currently, the unified sweep logic is cleaning the executions by vendor_id, an easy-to-understand example is replication, we set the vendor_id to replication policy id then we can retain fixed executions per policy, likewise for scanning, we want retain one execution for every artifact so need the vendor_id to be the artifact id.

@chlins
fix: sweep executions of image scan job
2bd45f7 
1. Change the SCAN_ALL job execution retain counts from 5 to 1(per
   current design, only one report be stored for every artifact, so
   retain latest 1 is enough).
2. Enable the sweep for IMAGE_SCAN job(retain latest 1).

Fixes: goharbor#18633

Signed-off-by: chlins <[email protected]>
@chlins chlins force-pushed the fix/sweep-image-scan-exec branch from 0460159 to 2bd45f7 Compare May 10, 2023 00:45
@chlins chlins merged commit 36c2b93 into goharbor:main May 10, 2023
WilfredAlmeida pushed a commit to WilfredAlmeida/harbor that referenced this pull request Jul 8, 2023
@chlins @WilfredAlmeida
fix: sweep executions of image scan job (goharbor#18649)
018d39b 
1. Change the SCAN_ALL job execution retain counts from 5 to 1(per
   current design, only one report be stored for every artifact, so
   retain latest 1 is enough).
2. Enable the sweep for IMAGE_SCAN job(retain latest 1).

Fixes: goharbor#18633

Signed-off-by: chlins <[email protected]>
Signed-off-by: Wilfred Almeida <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zyyw zyyw zyyw approved these changes

@wy65701436 wy65701436 wy65701436 approved these changes

Assignees

@stonezdj stonezdj

@wy65701436 wy65701436

@zyyw zyyw

@MinerYang MinerYang

Labels
release-note/update Update or Fix target/2.9.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Execution sweeper does not clean the vendor of IMAGE_SCAN
5 participants
@chlins @wy65701436 @zyyw @stonezdj @MinerYang