mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-19 15:17:43 +01:00
5c3abee135
- Vendor the latest Trivy release 0.6.0 - Configure TLS 1.2 as min version when TLS is enabled - Add more tracing to adapter config to facilitate troubleshooting Resolves: #11544 Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
22 lines
932 B
Django/Jinja
22 lines
932 B
Django/Jinja
SCANNER_LOG_LEVEL={{log_level}}
|
|
SCANNER_STORE_REDIS_URL={{trivy_redis_url}}
|
|
SCANNER_STORE_REDIS_NAMESPACE=harbor.scanner.trivy:store
|
|
SCANNER_JOB_QUEUE_REDIS_URL={{trivy_redis_url}}
|
|
SCANNER_JOB_QUEUE_REDIS_NAMESPACE=harbor.scanner.trivy:job-queue
|
|
SCANNER_TRIVY_CACHE_DIR=/home/scanner/.cache/trivy
|
|
SCANNER_TRIVY_REPORTS_DIR=/home/scanner/.cache/reports
|
|
SCANNER_TRIVY_VULN_TYPE=os,library
|
|
SCANNER_TRIVY_SEVERITY=UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
|
|
SCANNER_TRIVY_IGNORE_UNFIXED={{trivy_ignore_unfixed}}
|
|
SCANNER_TRIVY_SKIP_UPDATE={{trivy_skip_update}}
|
|
SCANNER_TRIVY_GITHUB_TOKEN={{trivy_github_token}}
|
|
SCANNER_TRIVY_INSECURE={{trivy_insecure}}
|
|
HTTP_PROXY={{trivy_http_proxy}}
|
|
HTTPS_PROXY={{trivy_https_proxy}}
|
|
NO_PROXY={{trivy_no_proxy}}
|
|
{%if internal_tls.enabled %}
|
|
SCANNER_API_SERVER_ADDR=:8443
|
|
SCANNER_API_SERVER_TLS_KEY=/etc/harbor/ssl/trivy_adapter.key
|
|
SCANNER_API_SERVER_TLS_CERTIFICATE=/etc/harbor/ssl/trivy_adapter.crt
|
|
{% endif %}
|