Skip to content

re-enable SCAN_ALL on a daily schedule

Scan all should be re-enabled to run daily in harbor. This will ensure that cve's are kept up to date for all images for use downstream by the cve tracking workload that we would like to develop.

To validate, we need to ensure that this is not going to start causing issues. We should test in staging:

  • what the average time for a complete scan all to run in
  • the impact of scans being run frequently on the time for a scan all to complete
  • how harbor makes use of caching to minimise rescanning images unnecessarily