Closed DarthHater closed 4 years ago
csgillespie
commented
4 years ago In R, environment variables are generally set in .Renviron as this works everywhere. But it's easy to
Can you give an example of an .oss-index-config file?
csgillespie
commented
4 years ago @DarthHater ping - can you give an example?
DarthHater
commented
4 years ago Hey! Sure!!!
The file is yaml, and would have the following keys:
Username: username
Token: tokenPretty simple at time being.
csgillespie
commented
4 years ago What's the file name? Where would it be located?
On Mon, 26 Oct 2020 at 19:26, Jeffry Hesse notifications@github.com wrote:
Hey! Sure!!!
The file is yaml, and would have the following keys:
Username: username Token: token
Pretty simple at time being.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/sonatype-nexus-community/oysteR/issues/10#issuecomment-716771989, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAJVQI5CIHIJFECSLS4FYKLSMXENZANCNFSM4LP22X5A .
DarthHater
commented
4 years ago ~/.ossindex/.oss-index-config (in the original text of the issue :)
bhamail
commented
4 years ago FWIW, the latest flavor of the YAML config we use includes a "type", with indented "keys", e.g.:
ossi:
Username: username
Token: token@bhamail Thanks! The above config implies that other keys might be there. Could you give me an example config with more detail (out of interest)
bhamail
commented
4 years ago It's sort of a "future proof" attempt. For now the "other" config type would be for our iq product, but that config is actually in a different file/location (example below). We wanted to leave room to easily combine configs into a single file later if we decided that was worthwhile.
file: ~/.iqserver/.iq-server-config
content:
iq:
Server: http://localhost:8070
Username: admin
Token: admin123These keys were originally defined in nancy, but as we speak, are moving into the shared go-sona-types library: https://github.com/sonatype-nexus-community/go-sona-types/pull/12
Dir/Filename values are defined in types.
csgillespie
commented
4 years ago @bhamail So would I use any Username/Token or would it be under ossi only?
bhamail
commented
4 years ago @collinpeters For now you would only use the ossi credentials because oysteR only supports calling OSSIndex. So read file: ~/.ossindex/.oss-index-config
with yaml content in the format:
ossi:
Username: username
Token: tokenAt some point in the future, the ability to also check for vulnerabilities using our paid product (Lifecycle / IQ Server) could be added. For example, a new feature that would leverage new functions like get_iq_config_value = function(..., call_iq = function(purls, verbose). Lot's of ways to build it. It would be a "similar" path to calling ossi, but would read iq credentials/config.
collinpeters
commented
4 years ago Lol - I guess it is safe for me to ignore any @ mentions for community projects I'm not involved in :laughing:
Most of the OSS Index integrations now load config from a yaml file.
We should be able to:
The location of this file is by default:
~/.ossindex/.oss-index-configThis would prevent someone from having to have environment variables set, and also allows them to set config for all their tools using OSS Index.