Upstream
/
harbor
mirror of https://github.com/goharbor/harbor.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #11916 from heww/trivy-configurtions-doc 

docs(configurtions): add docs for configurations of trivy scanner
This commit is contained in:
He Weiwei 2020-05-13 19:25:43 +08:00 committed by GitHub
parent 54706f2b1b 71e59f3f08
commit 29ee57aed8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 30 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
docs/install-config/configure-yml-file.md
View File

@ -95,6 +95,31 @@ You can use certificates that are signed by a trusted third-party CA, or you can
<td valign="top"><code>updaters_interval</code></td>
<td valign="top">Set an interval for Clair updates, in hours. Set to 0 to disable the updates. The default is 12 hours.</td>
</tr>
<tr>
<td valign="top"><code>trivy</code></td>
<td valign="top">&nbsp;</td>
<td valign="top">Configure Trivy scanner.</td>
</tr>
<tr>
<td valign="top">&nbsp;</td>
<td valign="top"><code>ignore_unfixed</code></td>
<td valign="top">Set the flag to <code>true</code> to display only fixed vulnerabilities. The default value is <code>false</code></td>
</tr>
<tr>
<td valign="top">&nbsp;</td>
<td valign="top"><code>skip_update</code></td>
<td valign="top">You might want to enable this flag in test or CI/CD environments to avoid GitHub rate limiting issues. If the flag is enabled you have to manually download the `trivy.db` file and mount it in the <code>/home/scanner/.cache/trivy/db/trivy.db</code> path in container. The default value is <code>false</code></td>
</tr>
<tr>
<td valign="top">&nbsp;</td>
<td valign="top"><code>insecure</code></td>
<td valign="top">Set the flag to <code>true</code> to skip verifying registry certificate. The default value is <code>false</code></td>
</tr>
<tr>
<td valign="top">&nbsp;</td>
<td valign="top"><code>github_token</code></td>
<td valign="top">Set the GitHub access token to download Trivy DB. Trivy DB is downloaded by Trivy from the GitHub release page. Anonymous downloads from GitHub are subject to the limit of 60 requests per hour. Normally such rate limit is enough for production operations. If, for any reason, it's not enough, you could increase the rate limit to 5000 requests per hour by specifying the GitHub access token. For more details on GitHub rate limiting please consult https://developer.github.com/v3/#rate-limiting .You can create a GitHub token by following the instuctions in https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line</td>
</tr>
<tr>
<td valign="top"><code>jobservice</code></td>
<td valign="top"><code>max_job_workers</code></td>