* Creates an example config.toml and replaces csaf_providers example with the autodoc to said example.
Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
Co-authored-by: @mfd2007
* Moved direct loading of pmd from downloader to library,
so aggregator and checker gain the ability.
* Disabled some checks if we were given a direct PMD URL.
* Adds option to require Client Certificate and a Password to aquire write access in provider
* Removed unnecessary flavourtext from provider markdown file
* Fixed and simplified the auth middleware
Co-authored-by: Jan Höfelmeyer <Jan Höfelmeyer jhoefelmeyer@intevation.de>
Co-authored-by: Sascha L. Teichmann <sascha.teichmann@intevation.de>
* Simple tool to test the remote validation
* Added remote validator support to provider.
* Added remote validation to aggregator.
* Calm golint
* Removed csaf_remote_validator tool as it was only for dev.
* Re-added csaf_remote_validator tool. Testing is not done.
* Embed the document entirely
* Include testing the remote validator in the Itests
* Change permission of the script
* Remove code for Itests
* As these will be done in another branch
Co-authored-by: Fadi Abbud <fadi.abbud@intevation.de>
* Change nginx config to return 403 on unauthorized access to
the non-white TLP locations. We cannot hide the existence anyway,
as it is listed in the provider-metadata.json, even when restricted.
* Change checking to use client certs and verbose for html
as this is what can be displayed on a webbrowser.
* Rename the json result file to indicate why the result will differ
without using the access of the client certificate.
* Modify script to call checker twice with difference options,
including one with json and --verbose.
* Add json result as build artifact to be uploaded.
* Move the config variables which could be specified as tables in TOML
to the bottom of the documentation, to avoid that a regular toplevel
variable is used below them (which would be wrong in TOML).
* Be more specific about the value of the `upload_limit`.
* Do chgrp and chmod not recursively as we have just created the
directory and if taken as example the recursive chmod with the
s bit will produce unwanted results on files.
* Change comment to better indicate setting in nginx example conf
which serves the TLP != white locations of the prodiver.
We do advertise them in the provider-metadata.json, but we still
want to use 404 to not reveal more about the directory contents.
