config: add top-level YAML namespace 'clair'
This enables Clair to use YAML configuration files that contain more than just a Clair configuration. Fixes #95.
This commit is contained in:
Jimmy Zelinskie
parent
f6ba17dfc7
commit
4fc32d2271
@ -13,55 +13,31 @@
|
|||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
# The values specified here are the default values that Clair uses if no configuration file is specified or if the keys are not defined.
|
# The values specified here are the default values that Clair uses if no configuration file is specified or if the keys are not defined.
|
||||||
---
|
clair:
|
||||||
database:
|
database:
|
||||||
# PostgreSQL Connection string
|
# PostgreSQL Connection string
|
||||||
# http://www.postgresql.org/docs/9.4/static/libpq-connect.html
|
# http://www.postgresql.org/docs/9.4/static/libpq-connect.html
|
||||||
source:
|
source:
|
||||||
|
|
||||||
# Number of elements kept in the cache
|
# Number of elements kept in the cache
|
||||||
# Values unlikely to change (e.g. namespaces) are cached in order to save prevent needless roundtrips to the database.
|
# Values unlikely to change (e.g. namespaces) are cached in order to save prevent needless roundtrips to the database.
|
||||||
cacheSize: 16384
|
cacheSize: 16384
|
||||||
|
|
||||||
api:
|
api:
|
||||||
# API server port
|
# API server port
|
||||||
port: 6060
|
port: 6060
|
||||||
|
|
||||||
# Health server port
|
# Health server port
|
||||||
# This is an unencrypted endpoint useful for load balancers to check to healthiness of the clair server.
|
# This is an unencrypted endpoint useful for load balancers to check to healthiness of the clair server.
|
||||||
healthport: 6061
|
healthport: 6061
|
||||||
|
|
||||||
# Deadline before an API request will respond with a 503
|
# Deadline before an API request will respond with a 503
|
||||||
timeout: 900s
|
timeout: 900s
|
||||||
|
|
||||||
# 32-bit URL-safe base64 key used to encrypt pagination tokens
|
# 32-bit URL-safe base64 key used to encrypt pagination tokens
|
||||||
# If one is not provided, it will be generated.
|
# If one is not provided, it will be generated.
|
||||||
# Multiple clair instances in the same cluster need the same value.
|
# Multiple clair instances in the same cluster need the same value.
|
||||||
paginationKey:
|
paginationKey:
|
||||||
|
|
||||||
# Optional PKI configuration
|
|
||||||
# If you want to easily generate client certificates and CAs, try the following projects:
|
|
||||||
# https://github.com/coreos/etcd-ca
|
|
||||||
# https://github.com/cloudflare/cfssl
|
|
||||||
cafile:
|
|
||||||
keyfile:
|
|
||||||
certfile:
|
|
||||||
|
|
||||||
updater:
|
|
||||||
# Frequency the database will be updated with vulnerabilities from the default data sources
|
|
||||||
# The value 0 disables the updater entirely.
|
|
||||||
interval: 2h
|
|
||||||
|
|
||||||
notifier:
|
|
||||||
# Number of attempts before the notification is marked as failed to be sent
|
|
||||||
attempts: 3
|
|
||||||
|
|
||||||
# Duration before a failed notification is retried
|
|
||||||
renotifyInterval: 2h
|
|
||||||
|
|
||||||
http:
|
|
||||||
# Optional endpoint that will receive notifications via POST requests
|
|
||||||
endpoint:
|
|
||||||
|
|
||||||
# Optional PKI configuration
|
# Optional PKI configuration
|
||||||
# If you want to easily generate client certificates and CAs, try the following projects:
|
# If you want to easily generate client certificates and CAs, try the following projects:
|
||||||
@ -71,3 +47,28 @@ notifier:
|
|||||||
cafile:
|
cafile:
|
||||||
keyfile:
|
keyfile:
|
||||||
certfile:
|
certfile:
|
||||||
|
|
||||||
|
updater:
|
||||||
|
# Frequency the database will be updated with vulnerabilities from the default data sources
|
||||||
|
# The value 0 disables the updater entirely.
|
||||||
|
interval: 2h
|
||||||
|
|
||||||
|
notifier:
|
||||||
|
# Number of attempts before the notification is marked as failed to be sent
|
||||||
|
attempts: 3
|
||||||
|
|
||||||
|
# Duration before a failed notification is retried
|
||||||
|
renotifyInterval: 2h
|
||||||
|
|
||||||
|
http:
|
||||||
|
# Optional endpoint that will receive notifications via POST requests
|
||||||
|
endpoint:
|
||||||
|
|
||||||
|
# Optional PKI configuration
|
||||||
|
# If you want to easily generate client certificates and CAs, try the following projects:
|
||||||
|
# https://github.com/cloudflare/cfssl
|
||||||
|
# https://github.com/coreos/etcd-ca
|
||||||
|
servername:
|
||||||
|
cafile:
|
||||||
|
keyfile:
|
||||||
|
certfile:
|
||||||
|
|||||||
@ -23,6 +23,12 @@ import (
|
|||||||
"gopkg.in/yaml.v2"
|
"gopkg.in/yaml.v2"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// File represents a YAML configuration file that namespaces all Clair
|
||||||
|
// configuration under the top-level "clair" key.
|
||||||
|
type File struct {
|
||||||
|
Clair Config `yaml:"clair"`
|
||||||
|
}
|
||||||
|
|
||||||
// Config is the global configuration for an instance of Clair.
|
// Config is the global configuration for an instance of Clair.
|
||||||
type Config struct {
|
type Config struct {
|
||||||
Database *DatabaseConfig
|
Database *DatabaseConfig
|
||||||
@ -97,11 +103,14 @@ func Load(path string) (config *Config, err error) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
err = yaml.Unmarshal(d, config)
|
var cfgFile File
|
||||||
|
err = yaml.Unmarshal(d, &cfgFile)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
config = &cfgFile.Clair
|
||||||
|
|
||||||
|
// Generate a pagination key if none is provided.
|
||||||
if config.API.PaginationKey == "" {
|
if config.API.PaginationKey == "" {
|
||||||
var key fernet.Key
|
var key fernet.Key
|
||||||
if err = key.Generate(); err != nil {
|
if err = key.Generate(); err != nil {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user