You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
- document `zot schema` as the generated JSON Schema reference for
configuration files
- add a top-level configuration map to help users discover the major
config sections before reading examples
Fixes#2967
Signed-off-by: Akash Kumar <meakash7902@gmail.com>
@@ -34,6 +48,36 @@ Examples of working configurations for various use cases are available [here](..
34
48
-[Sync](#sync)
35
49
-[Search and CVE scanning (Trivy)](#search-and-cve-scanning-trivy)
36
50
51
+
## Generated JSON Schema
52
+
53
+
Use `zot schema` when you need a complete field-level reference instead of a
54
+
scenario-specific example file.
55
+
56
+
```
57
+
zot schema > zot-config-schema.json
58
+
zot verify config.json
59
+
60
+
```
61
+
62
+
The schema output includes nested options for storage drivers, authentication,
63
+
authorization, extensions, sync, events, retention, and clustering. It also
64
+
includes supported field aliases where the config loader accepts them.
65
+
66
+
## Top-level Configuration Map
67
+
68
+
| Key | Type | Purpose |
69
+
| --- | --- | --- |
70
+
|`distSpecVersion`| string | Distribution spec version declared by the config. zot warns if it differs from the supported version and then uses the supported version. |
|`goVersion`, `commit`, `releaseTag`, `binaryType`| string | Build metadata fields populated by zot; they are not normally set in user configuration files. |
78
+
79
+
The sections below describe the most common settings and point to working
80
+
example files for complete configurations.
37
81
38
82
## Network
39
83
@@ -1189,4 +1233,3 @@ To set those options explicitly (for example to mirror standalone Trivy’s `--v
1189
1233
-[config-cve-trivy.json](config-cve-trivy.json) — shows optional `dbRepository`, `javaDBRepository`, and `vulnSeveritySources`.
1190
1234
1191
1235
`vulnSeveritySources` is a list of source names in priority order (for example `auto`, `nvd`, or vendor IDs such as `redhat`, `alpine`). If omitted, zot defaults it to `["auto"]`, consistent with the Trivy CLI. See [Trivy: severity selection](https://trivy.dev/docs/latest/scanner/vulnerability/#severity-selection).
0 commit comments