Description of Problem / Feature Request

Currently configuration for Clair should be provided through the config.yml. This works, but it would be great to be able to specify the config via the ENV as it would remove the need to create volumes only for the config.

This would make deployments in AWS ECS easier in that we won't need a volume only for the config which is somewhat of an overkill.

Expected Outcome

All config to be specified via ENV.

Example:

INTROSPECTION_ADDR: ":8081"
HTTP_LISTEN_ADDR: ":6000"
MATCHER_INDEXER_ADDR: 'http://clair-traefik:6060/'
MATCHER_MIGRATIONS: true

Actual Outcome

Currently only database connection string can be passed in via the ENV

Environment

• Clair version/image: 4.4.1
• Clair client name/version:
• Host OS:
• Kernel (e.g. uname -a):
• Kubernetes version (use kubectl version):
• Network/Firewall setup:

I don't think this is a good idea.

Currently, there's precisely one way to configure Clair: via the configuration file. Respecting the libpq environment variables is a detail of the database driver, and if/when Clair gains other database support, that will still be subject to the configuration file.

I'll note that when using k8s, there's an easy built-in way to use configmaps or secrets as files.

I don't agree with you, but I suppose it's your product so you can do as you please. Not everyone uses Kubernetes so developing everything with tunnel vision around Kubernetes is limiting your product.

Not everyone uses Kubernetes so developing everything with tunnel vision around Kubernetes is limiting your product.

Requiring a configuration file has nothing to do with Kubernetes. It plays well with running on bare metal, any sandboxing scheme, a standalone podman/docker command, a derivative container, or a full container orchestration system.

As a concrete suggestion, if creating a volume is overkill I'd suggest creating a container tailored for your environment:

FROM quay.io/projectquay/clair:4.4.1
COPY local-config.yaml /config/config.yaml