sbom_overview still get sbom_digest when this sbom artifact do not exist in this repository
MinerYang opened this issue · comments
If you are reporting a problem, please make sure the following information are provided:
Expected behavior and actual behavior:
sbom_overview should return null when this sbom_digest
do not exist in this project/repository
Steps to reproduce the problem:
- Step1 push image
golang:1.22.3
to repolibrary/golang
- Step2 push same image to another repo
test/golang
, then manually generate SBOM - Step3 query db
registry=# select id , project_id, repository_name, digest, type from artifact where repository_name='test/golang';
id | project_id | repository_name | digest | type
----+------------+-----------------+-------------------------------------------------------------------------+-------
5 | 2 | test/golang | sha256:aafa9c9a2b8a759dad5372dce120441462eb110cf5a1b1c9862769f453be7bcd | IMAGE
6 | 2 | test/golang | sha256:ecc2d24dba2835db0cb39de61d2e9b0a6b968a1052d0651408203d9eb7e2da2d | SBOM
(2 rows)
registry=#
registry=# select id , project_id, repository_name, digest, type from artifact where repository_name='library/golang';
id | project_id | repository_name | digest | type
----+------------+-----------------+-------------------------------------------------------------------------+-------
1 | 1 | library/golang | sha256:aafa9c9a2b8a759dad5372dce120441462eb110cf5a1b1c9862769f453be7bcd | IMAGE
(1 row)
- Step 4 click into artifact library/golang repository, will get sbom_overview with sbom_digest
sha256:ecc2d24dba2835db0cb39de61d2e9b0a6b968a1052d0651408203d9eb7e2da2d
![Screenshot 2024-05-17 at 16 20 57](https://private-user-images.githubusercontent.com/44956229/331517870-a5eaf580-5055-4c3e-b6ee-e918ed6f5dc6.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjIwMjc3MzUsIm5iZiI6MTcyMjAyNzQzNSwicGF0aCI6Ii80NDk1NjIyOS8zMzE1MTc4NzAtYTVlYWY1ODAtNTA1NS00YzNlLWI2ZWUtZTkxOGVkNmY1ZGM2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MjYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzI2VDIwNTcxNVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTI3NzM3ZDY0ZmVkMTZjMGViZTAwMmU2YTljYTIzMjdhZmYyNjkzM2E3ZjkyM2QxMWNiOGFjMGYzYjZiZmQyNmQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.UBTcMPB2Qgu6ttxSI0ytE2OEEEy7PvP8JcWjIPBetBc)
- Step 5 click SBOM details for artifact library/golang:1.22.3, will get 404 error
[/lib/http/error.go:62]: {"errors":[{"code":"NOT_FOUND","message":"artifact library/golang@sha256:ecc2d24dba2835db0cb39de61d2e9b0a6b968a1052d0651408203d9eb7e2da2d not found"}]}
![Screenshot 2024-05-17 at 16 22 37](https://private-user-images.githubusercontent.com/44956229/331518347-4cab4adb-399a-4919-9285-21d08d33e239.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjIwMjc3MzUsIm5iZiI6MTcyMjAyNzQzNSwicGF0aCI6Ii80NDk1NjIyOS8zMzE1MTgzNDctNGNhYjRhZGItMzk5YS00OTE5LTkyODUtMjFkMDhkMzNlMjM5LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MjYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzI2VDIwNTcxNVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWY2M2IyMzM5M2EzYmJkNTdlYThjNTkyMTE2MDViMDk3MWU4ODI4NGZjN2FhMTBkNmI5NGNjYmQxZGMwMGIzZTMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.1LVG6D6-lIuIBG0tPLJmXg_-mKKzsWGZCEqV1HmcLu4)
- Step6 repeat same action for artifact
test/golang:1.22.3
, SBOM details could get successfully
![Screenshot 2024-05-17 at 16 29 34](https://private-user-images.githubusercontent.com/44956229/331520511-085e7209-9afe-4f79-8790-b8ed60d1d15b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjIwMjc3MzUsIm5iZiI6MTcyMjAyNzQzNSwicGF0aCI6Ii80NDk1NjIyOS8zMzE1MjA1MTEtMDg1ZTcyMDktOWFmZS00Zjc5LTg3OTAtYjhlZDYwZDFkMTViLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MjYlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzI2VDIwNTcxNVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTM1Y2NiZmQ3MTEzZjg0YTQxNWJkZGZjYzk5MTY3MmY0ODJjODY0ODIzNWIxYmI2YTUzNTI2ZmQ1YTIxNDRjYTEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.VzY9i7rkaXC_YIgjVopjC0AX5JO5AI9nBo8wR4A_fT4)
Versions:
Please specify the versions of following systems.
- harbor version: v2.11.0-8ccf98a2