Add vulnerability scanner and WebSocket manager for scan notifications
- Implemented VulnerabilityScanner class to scan images for vulnerabilities using Trivy and NVD API. - Added methods to parse and store vulnerability data in the database. - Created WebSocketManager class to handle real-time notifications for scan status updates. - Integrated WebSocket notifications for scan start, completion, and failure events.
This commit is contained in:
JSC
51
.env.template
Normal file
51
.env.template
Normal file
@@ -0,0 +1,51 @@
|
||||
# GitLab Configuration
|
||||
# Required: Your GitLab personal access token with API access
|
||||
GITLAB_TOKEN=gitlab-token
|
||||
|
||||
# Optional: GitLab instance URL (defaults to https://gitlab.com)
|
||||
GITLAB_URL=https://gitlab.popei.fr
|
||||
|
||||
# Optional: Comma-separated list of GitLab group IDs or paths to scan (if not set, scans all projects)
|
||||
# Examples: GITLAB_GROUPS=my-group,another-group or GITLAB_GROUPS=123,456
|
||||
# GITLAB_GROUPS=
|
||||
|
||||
# Database Configuration
|
||||
# Optional: SQLite database file path (defaults to ./gitlab_docker_tracker.db)
|
||||
DATABASE_URL=sqlite:///./gitlab_docker_tracker.db
|
||||
|
||||
# API Configuration
|
||||
# Optional: FastAPI host (defaults to 0.0.0.0)
|
||||
API_HOST=0.0.0.0
|
||||
|
||||
# Optional: FastAPI port (defaults to 5000)
|
||||
API_PORT=5000
|
||||
|
||||
# Optional: Enable debug mode (defaults to false)
|
||||
DEBUG=true
|
||||
|
||||
# Vulnerability Scanning Configuration
|
||||
# Optional: Trivy binary path (auto-detected if available)
|
||||
# TRIVY_PATH=/usr/local/bin/trivy
|
||||
|
||||
# Optional: CVE API base URL (defaults to NVD API)
|
||||
# CVE_API_BASE=https://services.nvd.nist.gov/rest/json/cves/2.0
|
||||
|
||||
# Optional: Request timeout for external APIs in seconds (defaults to 30)
|
||||
# REQUEST_TIMEOUT=30
|
||||
|
||||
# Scanning Configuration
|
||||
# Optional: Maximum number of repositories to scan in parallel (defaults to 5)
|
||||
# MAX_CONCURRENT_SCANS=5
|
||||
|
||||
# Optional: Scan timeout per repository in seconds (defaults to 300)
|
||||
# SCAN_TIMEOUT=300
|
||||
|
||||
# Optional: Branches to scan (comma-separated, defaults to main,master,develop)
|
||||
# TARGET_BRANCHES=main,master,develop
|
||||
|
||||
# Logging Configuration
|
||||
# Optional: Log level (DEBUG, INFO, WARNING, ERROR, CRITICAL)
|
||||
LOG_LEVEL=DEBUG
|
||||
|
||||
# Optional: Log file path (if not set, logs to stdout)
|
||||
# LOG_FILE=/var/log/gitlab-docker-tracker.log
|
||||
Reference in New Issue
Block a user