config.toml

[server]
port = $PORT
secret_key = "$SECRET_KEY"
cookie_name = "$COOKIE_NAME"
cookie_domain = "$COOKIE_DOMAIN"
cookie_secure = false

[db]
connection_string = "host=$PG_HOST port=$PG_PORT user=$PG_USER dbname=$PG_NAME password=$PG_PASSWORD sslmode=$PG_SSLMODE"
log_mode = false

[log]
# Log level: ERROR, WARN, INFO or DEBUG (default INFO)
level = "$LOG_LEVEL"

[saml]
saml_metadata = "$SAML_MEATADATA"
saml_issuer = "$SAML_ISSUER"
saml_callback = "$SAML_CALLBACK"
saml_trusted_domains = $SAML_TRUSTED_DOMAINS

[defaults]
owners = $DEFAULT_OWNERS

[scanengine]
url = "$SCANENGINE_URL"

[scheduler]
url = "$SCHEDULER_URL"
# Minimum period time in minutes that a program can be scheduled to run
minimum_interval = 0.1

[reports]
sns_arn = "$REPORTS_SNS_ARN"
sns_endpoint = "$AWS_SNS_ENDPOINT"
vulcanui_url = "$VULCAN_UI_URL"

[vulcancore]
schema = "http"
host = "$PERSISTENCE_HOST"

[vulnerabilitydb]
url = "$VULNERABILITYDB_URL"
insecure_tls = true

[vulcantracker]
# leave the url empty if you don't want to configure the vulcan-tracker component.
url = "$VULCANTRACKER_URL"
insecure_tls = true
# comma separated list of teams ids
onboarded_teams = "$VULCANTRACKER_TEAMS"


[metrics]
enabled = $DOGSTATSD_ENABLED

[awscatalogue]
kind = "$AWSCATALOGUE_KIND"
url = "$AWSCATALOGUE_URL"
key = "$AWSCATALOGUE_KEY"
retries = $AWSCATALOGUE_RETRIES
retry_interval = $AWSCATALOGUE_RETRY_INTERVAL

[kafka]
user = "$KAFKA_USER"
pass = "$KAFKA_PASS"
broker = "$KAFKA_BROKER"
topics = $KAFKA_TOPICS

[assets]
dns_hostname_validation = $DNS_HOSTNAME_VALIDATION

# Leave this entry at the end so run.sh can fill dynamically
# global program policy configurations accordingly.
[globalpolicy]