diff --git a/clair_config/config.yaml b/clair_config/config.yaml new file mode 100644 index 00000000..09e5a053 --- /dev/null +++ b/clair_config/config.yaml @@ -0,0 +1,77 @@ +# Copyright 2015 clair authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# The values specified here are the default values that Clair uses if no configuration file is specified or if the keys are not defined. +clair: + database: + # PostgreSQL Connection string + # http://www.postgresql.org/docs/9.4/static/libpq-connect.html + source: postgresql://postgres:password@postgres:5432?sslmode=disable + + # Number of elements kept in the cache + # Values unlikely to change (e.g. namespaces) are cached in order to save prevent needless roundtrips to the database. + cacheSize: 16384 + + api: + # API server port + port: 6060 + + # Health server port + # This is an unencrypted endpoint useful for load balancers to check to healthiness of the clair server. + healthport: 6061 + + # Deadline before an API request will respond with a 503 + timeout: 900s + + # 32-bit URL-safe base64 key used to encrypt pagination tokens + # If one is not provided, it will be generated. + # Multiple clair instances in the same cluster need the same value. + paginationKey: + + # Optional PKI configuration + # If you want to easily generate client certificates and CAs, try the following projects: + # https://github.com/coreos/etcd-ca + # https://github.com/cloudflare/cfssl + servername: + cafile: + keyfile: + certfile: + + updater: + # Frequency the database will be updated with vulnerabilities from the default data sources + # The value 0 disables the updater entirely. + interval: 2h + + notifier: + # Number of attempts before the notification is marked as failed to be sent + attempts: 3 + + # Duration before a failed notification is retried + renotifyInterval: 2h + + http: + # Optional endpoint that will receive notifications via POST requests + endpoint: + + # Optional PKI configuration + # If you want to easily generate client certificates and CAs, try the following projects: + # https://github.com/cloudflare/cfssl + # https://github.com/coreos/etcd-ca + servername: + cafile: + keyfile: + certfile: + + # Optional HTTP Proxy: must be a valid URL (including the scheme). + proxy: diff --git a/docker-compose.yml b/docker-compose.yml index 4d9cb007..529709e6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,4 +1,5 @@ version: '2' + services: postgres: container_name: clair_postgres @@ -7,8 +8,8 @@ services: POSTGRES_PASSWORD: password clair: + build: . container_name: clair_clair - image: quay.io/coreos/clair:v1.2.2 depends_on: - postgres ports: