New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support SSL/TLS redis connection #155
Comments
What is your use case? Harbor itself does not currently support rediss:// connection URI. Do you want to use different Redis instance or cluster for Harbor services (without TLS) and Trivy scanner adapter (with TLS)? |
Some managed services are immediately provisioned with the My use case is specifically DigitalOcean managed Redis. Trivy is the first place I noticed it as it was the first component I deployed, but the same would be applicable to Harbor. More a note for consideration than a requirement. |
Thank you for additional details @chris-cmsoft Since this in an integral component of Harbor, if the community decides to add support for rediss:// to Harbor we'll do the same for this adapter. |
Closing as a stale issue. What's more it makes sense only if the upstream Harbor does provide support for connecting to Redis with TLS |
Hi @danielpacak, We have a helm chart at bitnami/charts that also uses this component and where we would like to support TLS connections to Redis as users often use external redis services. I was looking at bitnami/charts#7691 when I realised that the components we use don't always support it. Would you mind keeping this issue opened to help us track when this will become supported for the the harbor trivy scanner? I believe this will become a more frequent use case, and eventually the community will add support for it. There is an issue currently opened for this - goharbor/harbor#13223 Thanks! |
Since Trivy is the default scanner in Harbor, we'll update this adapter service in scope of goharbor/harbor#13223 |
Current container only support
redis://
protocol.When connecting to redis using SSL/TLS, the rediss:// protocol is used.
Would it be worthwhile adding support for the
rediss://
protocol from Trivy ?The text was updated successfully, but these errors were encountered: