guac icon indicating copy to clipboard operation
guac copied to clipboard

Published 20 hours ago verified publisher icon guacsec

[collector] Gradle collector

Open lumjjb opened this issue 3 years ago • 0 comments

Write a Gradle collector

The collector should be able to:

  • Be configured with a list of packages to collect from, and a URL to the target server
  • Either on a poll or watch basis, collect information from packages
  • Create SLSA, SBOM or SLSA attestations based on the information collected

lumjjb avatar Nov 10 '22 14:11 lumjjb

We now observed this today with other projects as well.
Here are some summarized examples:

anonymous dockerhub/grafana/loki:sha256:b792b91644570187f9d3910c3f1db0e6ab8e57cbce97f2da42c65d7d60953e47 artifact pull 11/17/22, 11:01 AM

harbor#proxy-cache-service dockerhub/grafana/loki:sha256:b792b91644570187f9d3910c3f1db0e6ab8e57cbce97f2da42c65d7d60953e47 artifact create 11/17/22, 11:01 AM

anonymous library/image_name_07_21_2022_15_10_43:ll artifact pul l11/17/22, 11:01 AM

anonymous library/image_name_07_21_2022_15_10_44:ll artifact pull 11/17/22, 11:01 AM

anonymous amazoncache/ubuntu/redis:5.0-20.04_bet aartifact pull 11/17/22, 11:02 AM

anonymous amazoncache/ubuntu/redis:6.0-22.04_edge artifact pull 11/17/22, 11:02 AM



Alexander Barth ([email protected]) on behalf of Mercedes-Benz Tech Innovation GmbH, Provider Information

AlexBarth13 avatar Nov 17 '22 16:11 AlexBarth13

There is no evidence to show that the proxy cache could lead to Harbor core high CPU, it just works as a proxy, if the artifact is not present proxy it to the remote registry.

Repository-dockerhub/grafana/loki:master-b652f0a might be pulled in a CI/CD pipeline, but I don't think it will cause the high CPU issue.

Please provide more information to prove the relationship between high CPU and proxy cache.

stonezdj avatar Nov 22 '22 06:11 stonezdj

We are also facing similar issue #17843

shyamjos avatar Nov 23 '22 08:11 shyamjos

This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.

github-actions[bot] avatar Jan 22 '23 09:01 github-actions[bot]

Removing stale because this is still an open topic.

AlexBarth13 avatar Feb 02 '23 16:02 AlexBarth13

This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.

github-actions[bot] avatar Apr 04 '23 09:04 github-actions[bot]

Closing this issue because the root cause was found. Our internal scanner caused this issue. After fixing the scanner, the issue disappeared.

AlexBarth13 avatar Apr 13 '23 07:04 AlexBarth13