search

DependencyTrack / dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
https://dependencytrack.org/
Apache License 2.0
2.72k stars 580 forks source link

Improve automated deployment with Docker #2443

Open phoenixadb opened 1 year ago

phoenixadb commented 1 year ago

Current Behavior

The password for the admin account has to be update once the application starts for the first time. The different vulnerabilities datasources: NVD, GitHub advisories, OSS Index, Open Source Vulnerabilities, Sonatype OSS Index, Snyk need to be manually configured.

Proposed Behavior

To have properties inside the Docker Compose file to configure as code Dependency Track.

Example: ALPINE_DEFAULT_ADMIN_NAME="admin" ALPINE_DEFAULT_ADMIN_PASSWORD="admin" ALPINE_DATASOURCE_NVD_MIRROR="http://hostname/mirror/nvd" ALPINE_DATASOURCE_GHSA_PAT="mypat" ALPINE_DATASOURCE_OSV_ENABLE=true ALPINE_DATASOURCE_OSV_BASE_URL="https://osv-vulnerabilities.storage.googleapis.com" ALPINE_DATASOURCE_OSV_ECOSYSTEM="JavaScript;Maven" ALPINE_DATASOURCE_SONATYPE_OSS_INDEX_ENABLE=true ALPINE_DATASOURCE_SONATYPE_OSS_INDEX_EMAIL="me@example.com" ALPINE_DATASOURCE_SONATYPE_OSS_INDEX_API_TOKEN="mytoken" ALPINE_DATASOURCE_SNYK_ENABLE=true ALPINE_DATASOURCE_SNYK_ORGANIZATION_ID="myid" ALPINE_DATASOURCE_SNYK_API_TOKEN="mytoken1;mytoken2" ALPINE_DATASOURCE_SNYK_API_VERSION="2022-11-14" ALPINE_DATASOURCE_VULNDB_ENABLE=true ALPINE_DATASOURCE_VULNDB_BASE_URL="https://vulndb.cyberriskanalytics.com" ALPINE_DATASOURCE_VULNDB_API_KEY="mykey" ALPINE_DATASOURCE_VULNDB_API_SECRET="mysecret"

Checklist

jorikseldeslachts commented 1 year ago

What is the status of this? I am also realy interested in this feature.

melba-lopez commented 1 year ago

its pending release for 4.9 @jorikseldeslachts

vanyagyosheva commented 5 months ago

What is the status of this? Seems it is still not implemented, it is important since we are managing the installation and configuration through automation. ALPINE_DEFAULT_ADMIN_NAME="admin" ALPINE_DEFAULT_ADMIN_PASSWORD="admin"

iman4000 commented 4 months ago

nice issue! Can you please Trivy configuration too please?

ALPINE_TRIVY_BASE_URL="<trivy-url>"
ALPINE_ANALYZER_TRIVY_ENABLE=true
ALPINE_TRIVY_API_TOKEN="<token>"
ALPINE_TRIVY_IGNORE_UNFIXED_VULNERABLITIES=true