Harbor UI shows a warning "Vulnerability database might not be fully ready"
search cancel

Harbor UI shows a warning "Vulnerability database might not be fully ready"

book

Article ID: 345572

calendar_today

Updated On:

Products

VMware

Issue/Introduction

Symptoms:
  • Harbor is unable to update the vulnerability database.
  • In the Administration > Configuration > Vulnerability tab, you see the warning message similar to:
Vulnerability database might not be fully ready


Environment

VMware PKS 1.x

Resolution

To resolve this issue:
  • Upgrade your harbor instance to Harbor 1.6.x and later.
  • Ensure that you have specified a non-zero value for the Updater Interval under Clair settings tab in Harbor tile.
Note: Clair will update the database as per the interval mentioned in Updater Interval option. If your updater interval remains or is set to the default value 0, Clair will not update its CVE database.
  • Ensure that you have an active internet connection to Harbor instance over the port 443. When Harbor is installed in an environment without internet connection, Clair cannot fetch data from the public vulnerability database. Under this circumstance, Harbor administrator needs to manually update the Clair database.
To update the Clair database manually, see Update an offline Harbor instance with new vulnerability data.

Note: Photon OS is not a supported Operating system, i.e. containers built with Photon OS can not be scanned by Clair for vulnerabilities.

Additional Information

Its recommended to upgrade Harbor to 1.6.3 and later to resolve the below additional issues:
Clair cannot scan S3 storage because it does not have the CA certificate that signed the S3 storage url
Unable to sign images using notary after upgrading to 1.6 : https://github.com/goharbor/harbor/issues/6465

Powered by Wolken Software