For issue #83

cmd/csaf_provider/config.go

@@ -30,6 +30,12 @@ const (
 	defaultUploadLimit = 50 * 1024 * 1024                                                   // Default limit size of the uploaded file.
 )
 
+type providerMetadataConfig struct {
+	ListOnCSAFAggregators   *bool           `toml:"list_on_CSAF_aggregators"`
+	MirrorOnCSAFAggregators *bool           `toml:"mirror_on_CSAF_aggregators"`
+	Publisher               *csaf.Publisher `toml:"publisher"`
+}
+
 // configs contains the config values for the provider.
 type config struct {
 	Password                *string                 `toml:"password"`
@@ -44,11 +50,26 @@ type config struct {
 	NoValidation            bool                    `toml:"no_validation"`
 	NoWebUI                 bool                    `toml:"no_web_ui"`
 	DynamicProviderMetaData bool                    `toml:"dynamic_provider_metadata"`
-	Publisher               *csaf.Publisher `toml:"publisher"`
+	ProviderMetaData        *providerMetadataConfig `toml:"provider_metadata"`
 	UploadLimit             *int64                  `toml:"upload_limit"`
 	Issuer                  *string                 `toml:"issuer"`
 }
 
+func (pmdc *providerMetadataConfig) apply(pmd *csaf.ProviderMetadata) {
+	if pmdc == nil {
+		return
+	}
+	if pmdc.ListOnCSAFAggregators != nil {
+		pmd.ListOnCSAFAggregators = pmdc.ListOnCSAFAggregators
+	}
+	if pmdc.MirrorOnCSAFAggregators != nil {
+		pmd.MirrorOnCSAFAggregators = pmdc.MirrorOnCSAFAggregators
+	}
+	if pmdc.Publisher != nil {
+		pmd.Publisher = pmdc.Publisher
+	}
+}
+
 type tlp string
 
 const (
@@ -161,8 +182,12 @@ func loadConfig() (*config, error) {
 		cfg.OpenPGPURL = defaultOpenPGPURL
 	}
 
-	if cfg.Publisher == nil {
+	if cfg.ProviderMetaData == nil {
-		cfg.Publisher = &csaf.Publisher{
+		cfg.ProviderMetaData = &providerMetadataConfig{}
+	}
+
+	if cfg.ProviderMetaData.Publisher == nil {
+		cfg.ProviderMetaData.Publisher = &csaf.Publisher{
 			Category:  func(c csaf.Category) *csaf.Category { return &c }(csaf.CSAFCategoryVendor),
 			Name:      func(s string) *string { return &s }("ACME"),
 			Namespace: func(s string) *string { return &s }("https://example.com"),

cmd/csaf_provider/create.go

@@ -185,7 +185,7 @@ func createProviderMetadata(c *config, wellknownCSAF string) error {
 		return err
 	}
 	pm := csaf.NewProviderMetadataDomain(c.CanonicalURLPrefix, c.modelTLPs())
-	pm.Publisher = c.Publisher
+	c.ProviderMetaData.apply(pm)
 
 	// Set OpenPGP key.
 	key, err := c.loadCryptoKey()

docs/provider-setup.md

@@ -136,6 +136,9 @@ Provider has many config options described as following:
  - no_validation: Validate the uploaded CSAF document against the JSON schema. Default: `false`.
  - no_web_ui: Disable the web interface. Default: `false`.
  - dynamic_provider_metadata: Take the publisher from the CSAF document. Default: `false`.
- - publisher: Set the publisher. Default: `{"category"= "vendor", "name"= "Example", "namespace"= "https://example.com"}`.
+ - provider_metadata: Configure the provider metadata.
+ - provider_metadata.list_on_CSAF_aggregators: List on aggregators
+ - provider_metadata.mirror_on_CSAF_aggregators: Mirror on aggregators
+ - provider_metadata.publisher: Set the publisher. Default: `{"category"= "vendor", "name"= "Example", "namespace"= "https://example.com"}`.
  - upload_limit: Set the upload limit  size of the file. Default: `50 MiB`.
  - issuer: The issuer of the CA, which if set, restricts the writing permission and the accessing to the web-interface to only the client certificates signed with this CA.