jorikseldeslachts
commented
1 year ago What is the status of this? I am also realy interested in this feature.
Open phoenixadb opened 1 year ago
jorikseldeslachts
commented
1 year ago What is the status of this? I am also realy interested in this feature.
melba-lopez
commented
10 months ago its pending release for 4.9 @jorikseldeslachts
vanyagyosheva
commented
4 weeks ago What is the status of this? Seems it is still not implemented, it is important since we are managing the installation and configuration through automation. ALPINE_DEFAULT_ADMIN_NAME="admin" ALPINE_DEFAULT_ADMIN_PASSWORD="admin"
Current Behavior
The password for the admin account has to be update once the application starts for the first time. The different vulnerabilities datasources: NVD, GitHub advisories, OSS Index, Open Source Vulnerabilities, Sonatype OSS Index, Snyk need to be manually configured.
Proposed Behavior
To have properties inside the Docker Compose file to configure as code Dependency Track.
Example:
ALPINE_DEFAULT_ADMIN_NAME="admin" ALPINE_DEFAULT_ADMIN_PASSWORD="admin" ALPINE_DATASOURCE_NVD_MIRROR="http://hostname/mirror/nvd" ALPINE_DATASOURCE_GHSA_PAT="mypat" ALPINE_DATASOURCE_OSV_ENABLE=true ALPINE_DATASOURCE_OSV_BASE_URL="https://osv-vulnerabilities.storage.googleapis.com" ALPINE_DATASOURCE_OSV_ECOSYSTEM="JavaScript;Maven" ALPINE_DATASOURCE_SONATYPE_OSS_INDEX_ENABLE=true ALPINE_DATASOURCE_SONATYPE_OSS_INDEX_EMAIL="me@example.com" ALPINE_DATASOURCE_SONATYPE_OSS_INDEX_API_TOKEN="mytoken" ALPINE_DATASOURCE_SNYK_ENABLE=true ALPINE_DATASOURCE_SNYK_ORGANIZATION_ID="myid" ALPINE_DATASOURCE_SNYK_API_TOKEN="mytoken1;mytoken2" ALPINE_DATASOURCE_SNYK_API_VERSION="2022-11-14" ALPINE_DATASOURCE_VULNDB_ENABLE=true ALPINE_DATASOURCE_VULNDB_BASE_URL="https://vulndb.cyberriskanalytics.com" ALPINE_DATASOURCE_VULNDB_API_KEY="mykey" ALPINE_DATASOURCE_VULNDB_API_SECRET="mysecret"Checklist