-
Notifications
You must be signed in to change notification settings - Fork 509
/
Copy pathconfig.yaml
52 lines (48 loc) · 2.31 KB
/
config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# Copyright 2021 OpenSSF Scorecard Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
project-id: openssf
request-topic-url: gcppubsub://projects/openssf/topics/scorecard-batch-requests
request-subscription-url: gcppubsub://projects/openssf/subscriptions/scorecard-batch-worker
bigquery-dataset: scorecardcron
bigquery-table: scorecard-v2
completion-threshold: 0.99
shard-size: 10
webhook-url:
metric-exporter: stackdriver
metric-stackdriver-prefix: scorecard-cron
result-data-bucket-url: gs://ossf-scorecard-data2
# TODO temporarily leaving old variables until changes propagate to production
input-bucket-url: gs://ossf-scorecard-input-projects
# Can be used to specify directories within a bucket. Can be empty.
input-bucket-prefix:
additional-params:
input-bucket:
url: gs://ossf-scorecard-input-projects
# Optional prefix to limit files used as input files within a bucket (e.g. a specific file or directory)
prefix:
# Optional file to read a prefix from, instead of statically defining prefix above (note: prefix must be blank to use this option)
# This is good in situations where the prefix changes frequently (e.g. always using the most recent folder in a bucket)
prefix-file:
scorecard:
# API results bucket
api-results-bucket-url: gs://ossf-scorecard-cron-results
# TODO: Temporarily remove SAST and CI-Tests which require lot of GitHub API tokens.
# TODO(#859): Re-add Contributors after fixing inconsistencies.
# TODO: Dependency-Update-Tool and SAST are search heavy
# TODO: Vulnerabilities is slow on repos with lots of dependencies
blacklisted-checks: CI-Tests,Contributors,Dependency-Update-Tool,Webhooks
cii-data-bucket-url: gs://ossf-scorecard-cii-data
# Raw results.
raw-bigquery-table: scorecard-rawdata
raw-result-data-bucket-url: gs://ossf-scorecard-rawdata