add trivy

metavige · May 27, 2021 · 1951dad · 1951dad
1 parent 2100c55
commit 1951dad
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 2 deletions.
diff --git a/harbor2/docker-compose.yml b/harbor2/docker-compose.yml
@@ -276,6 +276,37 @@ services:
       - 'traefik.http.routers.harbor.entrypoints=websecure'
       - 'traefik.http.services.harbor.loadbalancer.server.port=8080'
       - 'traefik.docker.network=devops'
+  trivy-adapter:
+    container_name: trivy-adapter
+    image: goharbor/trivy-adapter-photon:v2.2.2
+    restart: always
+    cap_drop:
+      - ALL
+    dns_search: .
+    depends_on:
+      - log
+      - redis
+    networks:
+      - devops
+    volumes:
+      - type: bind
+        source: ./harbor-data/trivy-adapter/trivy
+        target: /home/scanner/.cache/trivy
+      - type: bind
+        source: ./harbor-data/trivy-adapter/reports
+        target: /home/scanner/.cache/reports
+      - type: bind
+        source: ./common/config/shared/trust-certificates
+        target: /harbor_cust_cert
+    logging:
+      driver: "syslog"
+      options:
+        syslog-address: "tcp://127.0.0.1:1514"
+        tag: "trivy-adapter"
+    env_file:
+      ./common/config/trivy-adapter/env
+    labels:
+      - 'traefik.enable=false'
 
 networks:
   devops:

diff --git a/harbor2/harbor.yml b/harbor2/harbor.yml
@@ -44,7 +44,7 @@ database:
   max_open_conns: 1000
 
 # The default data volume
-data_volume: ./harbor-data
+data_volume: /Volumes/RamDisk/harbor-data
 
 # Harbor Storage settings by default is using /data dir on local filesystem
 # Uncomment storage_service setting If you want to using external storage
@@ -117,7 +117,7 @@ log:
     # are all valid.
     rotate_size: 20M
     # The directory on your host that store log
-    location: ./harbor-log
+    location: /Volumes/RamDisk/harbor-log
 
   # Uncomment following lines to enable external syslog endpoint.
   # external_endpoint: