improve docs for aggregator config behavior regarding update_interval

csaf-poc / csaf_distribution

Tools to download or provide CSAF (Common Security Advisory Framework) documents.

https://csaf.io

38 stars 22 forks source link

improve docs for aggregator config behavior regarding update_interval #317

Closed bernhardreiter closed 1 year ago

bernhardreiter commented 1 year ago

The current description for configuration of update_intevall can be improved:

If a provider's domain starts with https:// its considered a publisher.
These publishers are added to the csaf_publishers list instead of the csaf_providers list which was used before.

The mandatory value of update_interval can be configured for each publisher (provider) individually. If not given it falls back
to the global update_interval. If this is not given either the default is "on best effort".

the "before" should be removed or clarified
it is less clear which is a config options and which is a aggregator.json value. An which is mandatory.
inconsistency with "rate" which can also be given in each section, but is listed in the main section and the provider section.
useful would be a value in the example
needs a small test as UpdateInterval *string does not have a toml string, while Rate has in the code.

tschmidtb51 commented 1 year ago

Also clarify the three options:

for each entry
configured default
internal default

See the discussion in https://github.com/csaf-poc/csaf_distribution/pull/318#discussion_r1088711209

bernhardreiter commented 1 year ago

@s-l-teichmann from reading the code,why does https://github.com/csaf-poc/csaf_distribution/blob/05ad714619184a1d2a35000046ce1fafe7f731b6/cmd/csaf_aggregator/config.go#L90 not have a toml string for deserialisation?

bernhardreiter commented 1 year ago

@s-l-teichmann LockFile does not seem to have a default, which means that there is no locking in the default configuration, is that intentional?

s-l-teichmann commented 1 year ago

@s-l-teichmann from reading the code,why does

https://github.com/csaf-poc/csaf_distribution/blob/05ad714619184a1d2a35000046ce1fafe7f731b6/cmd/csaf_aggregator/config.go#L90

not have a toml string for deserialisation?

This is clearly an oversight. Should be fixed.

s-l-teichmann commented 1 year ago

@s-l-teichmann LockFile does not seem to have a default, which means that there is no locking in the default configuration, is that intentional?

This is intentional.

bernhardreiter commented 1 year ago

@s-l-teichmann LockFile does not seem to have a default, which means that there is no locking in the default configuration, is that intentional?

This is intentional.

Split out into #344

bernhardreiter commented 1 year ago

Resolved with #342 merged.