chore: Configure Redis URL for Trivy adapter

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2024-09-20 19:29:54 +00:00 · 2020-02-13 17:57:02 +01:00 · 2020-02-13 17:57:02 +01:00 · 70dda1387a
commit 70dda1387a
parent fdf70f5dc9
3 changed files with 19 additions and 4 deletions
--- a/make/harbor.yml.tmpl
+++ b/make/harbor.yml.tmpl
@ -141,6 +141,7 @@ _version: 1.10.0
 #   jobservice_db_index: 2
 #   chartmuseum_db_index: 3
 #   clair_db_index: 4
 #   trivy_db_index: 5
 # Uncomment uaa for trusting the certificate of uaa instance that is hosted via self-signed cert.
 # uaa:
--- a/make/photon/prepare/templates/trivy-adapter/env.jinja
+++ b/make/photon/prepare/templates/trivy-adapter/env.jinja
@ -1,7 +1,10 @@
 SCANNER_LOG_LEVEL={{log_level}}
-SCANNER_STORE_REDIS_URL=redis://redis:6379
+SCANNER_STORE_REDIS_URL={{redis_url_trivy}}
-SCANNER_JOB_QUEUE_REDIS_URL=redis://redis:6379
+SCANNER_STORE_REDIS_NAMESPACE=harbor.scanner.trivy:store
 SCANNER_JOB_QUEUE_REDIS_URL={{redis_url_trivy}}
 SCANNER_JOB_QUEUE_REDIS_NAMESPACE=harbor.scanner.trivy:job-queue
 SCANNER_TRIVY_CACHE_DIR=/home/scanner/.cache/trivy
 SCANNER_TRIVY_REPORTS_DIR=/home/scanner/.cache/reports
 SCANNER_TRIVY_VULN_TYPE=os,library
 SCANNER_TRIVY_SEVERITY=UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
 SCANNER_TRIVY_IGNORE_UNFIXED=false
--- a/make/photon/prepare/utils/configs.py
+++ b/make/photon/prepare/utils/configs.py
@ -318,7 +318,7 @@ def parse_yaml_config(config_file_path, with_notary, with_clair, with_trivy, wit
        config_dict['external_database'] = False
    # update redis configs
-    config_dict.update(get_redis_configs(configs.get("external_redis", None), with_clair))
+    config_dict.update(get_redis_configs(configs.get("external_redis", None), with_clair, with_trivy))
    # auto generated secret string for core
    config_dict['core_secret'] = generate_random_string(16)
@ -352,7 +352,7 @@ def get_redis_url(db, redis=None):
    return "redis://{host}:{port}/{db}".format(**kwargs)
-def get_redis_configs(external_redis=None, with_clair=True):
+def get_redis_configs(external_redis=None, with_clair=True, with_trivy=True):
    """Returns configs for redis
    >>> get_redis_configs()['external_redis']
@ -363,6 +363,8 @@ def get_redis_configs(external_redis=None, with_clair=True):
    'redis://redis:6379/2'
    >>> get_redis_configs()['redis_url_clair']
    'redis://redis:6379/4'
    >>> get_redis_configs()['redis_url_trivy']
    'redis://redis:6379/5'
    >>> get_redis_configs({'host': 'localhost', 'password': 'pass'})['external_redis']
    True
@ -372,9 +374,13 @@ def get_redis_configs(external_redis=None, with_clair=True):
    'redis://anonymous:pass@localhost:6379/2'
    >>> get_redis_configs({'host': 'localhost', 'password': 'pass'})['redis_url_clair']
    'redis://anonymous:pass@localhost:6379/4'
    >>> get_redis_configs({'host': 'localhost', 'password': 'pass'})['redis_url_trivy']
    'redis://anonymous:pass@localhost:6379/5'
    >>> 'redis_url_clair' not in get_redis_configs(with_clair=False)
    True
    >>> 'redis_url_trivy' not in get_redis_configs(with_trivy=False)
    True
    """
    configs = dict(external_redis=bool(external_redis))
@ -388,6 +394,7 @@ def get_redis_configs(external_redis=None, with_clair=True):
        'jobservice_db_index': 2,
        'chartmuseum_db_index': 3,
        'clair_db_index': 4,
        'trivy_db_index': 5,
    }
    # overwriting existing keys by external_redis
@ -407,4 +414,8 @@ def get_redis_configs(external_redis=None, with_clair=True):
        configs['redis_db_index_clair'] = redis['clair_db_index']
        configs['redis_url_clair'] = get_redis_url(configs['redis_db_index_clair'], redis)
    if with_trivy:
        configs['redis_db_index_trivy'] = redis['trivy_db_index']
        configs['redis_url_trivy'] = get_redis_url(configs['redis_db_index_trivy'], redis)
    return configs