b1e78fe412
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
- Added VulnTokenSigner for signing JWT tokens with specified algorithms and keys. - Introduced VulnTokenUtilities for resolving tenant and subject claims, and sanitizing context dictionaries. - Created VulnTokenVerificationUtilities for parsing tokens, verifying signatures, and deserializing payloads. - Developed VulnWorkflowAntiForgeryTokenIssuer for issuing anti-forgery tokens with configurable options. - Implemented VulnWorkflowAntiForgeryTokenVerifier for verifying anti-forgery tokens and validating payloads. - Added AuthorityVulnerabilityExplorerOptions to manage configuration for vulnerability explorer features. - Included tests for FilesystemPackRunDispatcher to ensure proper job handling under egress policy restrictions.
25 lines
822 B
Plaintext
25 lines
822 B
Plaintext
IssuerDirectory:
|
|
# Override connection secrets via environment variables (ISSUERDIRECTORY__MONGO__*)
|
|
# rather than editing this file for production.
|
|
telemetry:
|
|
minimumLogLevel: Information
|
|
authority:
|
|
enabled: true
|
|
issuer: https://authority.example.com/realms/stellaops
|
|
requireHttpsMetadata: true
|
|
audiences:
|
|
- stellaops-platform
|
|
readScope: issuer-directory:read
|
|
writeScope: issuer-directory:write
|
|
adminScope: issuer-directory:admin
|
|
tenantHeader: X-StellaOps-Tenant
|
|
seedCsafPublishers: true
|
|
csafSeedPath: data/csaf-publishers.json
|
|
Mongo:
|
|
connectionString: mongodb://localhost:27017
|
|
database: issuer-directory
|
|
issuersCollection: issuers
|
|
issuerKeysCollection: issuer_keys
|
|
issuerTrustCollection: issuer_trust_overrides
|
|
auditCollection: issuer_audit
|