feat(scan-all): allow scheduling scans for selected projects or repositories

[SoumyaRaikwar]

This PR adds selective scoping to scheduled “Scan All” executions so admins can target only the artifacts they care about. The backend now accepts an optional X-Scan-All-Scope header on schedule create/update that limits the scan set by either:

1. project_ids: [number, ...]
2. repositories: [string, ...] (e.g., project/repo or project/repo:tag)

When the header is present, the scan-all execution enumerates only matching artifacts; when omitted, behavior remains unchanged and all artifacts are scanned (backward compatible).

Portal updates: in Interrogation Services > Vulnerability, users can select projects and optionally load and multi-select repositories before saving the schedule; the chosen scope is sent via X-Scan-All-Scope. A small TS fix switches the Project import to the local app model to resolve a type mismatch and ensure a successful Angular build.

Notes/limits:

• This change scopes scheduled runs only; manual “Scan All now” remains global in this iteration.
• Invalid or unauthorized targets in the scope are ignored safely.

Build status:

• Backend: compile succeeds.
• Frontend: npm ci + ng build succeed after the type import fix.

Related issue

• Closes Allow Selective Image Scanning Instead of "Scan All" in Scheduled Interrogation Services #22266

[stonezdj]

@SoumyaRaikwar, thanks for your contribution! because it involves much of code change in Harbor, could you please raise a proposal in github.com/goharbor/community?

[stonezdj]

could you please add your proposal in github.com/goharbor/community

[SoumyaRaikwar]

Hi @stonezdj,

Thank you for the feedback! I've submitted the design proposal to the community repository as requested:

Proposal PR: Add proposal for selective scan-all scope

The proposal includes:

• Detailed technical specification for the X-Scan-All-Scope header approach
• Implementation plan covering backend, frontend, and testing
• Backward compatibility analysis
• Security considerations and open issues

I'll wait for the community review and approval before proceeding with any further changes to this implementation PR.
Thanks for guiding me through Harbor's contribution process!

[github-actions]

This PR is being marked stale due to a period of inactivty. If this PR is still relevant, please comment or remove the stale label. Otherwise, this PR will close in 30 days.

[github-actions]

This PR was closed because it has been stalled for 30 days with no activity. If this PR is still relevant, please re-open a new PR against main.

[SoumyaRaikwar]

@stonezdj , @Vad1mo
I have pushed the latest changes which include:

1. Backend: X-Scan-All-Scope header parsing and propagation to the execution manager.
2. Controller: Logic to filter artifacts based on the scope (Project IDs and Repository names).
3. Testing: Added comprehensive unit tests covering the scope propagation and artifact filtering, including edge cases. Tests are passing locally.

I've also ensured the changes are backward compatible; if the header is missing, the scan defaults to the global behavior.

I've implemented the changes in the working PR including the backend logic and the UI coverage.

Here are the mockups/screenshots of the UI implementation as requested:

Selective Scan Configuration:

[github-actions]

This PR is being marked stale due to a period of inactivty. If this PR is still relevant, please comment or remove the stale label. Otherwise, this PR will close in 30 days.

[github-actions]

This PR was closed because it has been stalled for 30 days with no activity. If this PR is still relevant, please re-open a new PR against main.