Table of Contents

Using an External Database

By default, C2M uses an embedded SQLite database to store scan results - CodeWeTrust.data file is created next to the binary file.

An external Postgres database can be used instead.

Note that you can move data across instances and databases easily with Blind Audit (import/export) feature.

Requirements

  • Postgres 14.10 or later, accessible from the machine where C2M is running

C2M Configuration

C2M requires a connection string in the following format:

server=SERVER_IP_OR_HOSTNAME;uid=USERNAME;pwd=PASSWORD;database=DB_NAME;port=PORT

Provide the connection string to the application in one of the following ways:

  • Set ConnectionStrings__CodeWeTrustDb environment variable
  • Edit appsettings.json, add section "ConnectionStrings": { "CodeWeTrustDb": "CONN_STRING_HERE" }
  • Use command line argument ConnectionStrings:CodeWeTrustDb

The database and tables will be created automatically on first use.

Example

Run Postgres in Docker:

docker run -d -p 5432:5432 -e POSTGRES_PASSWORD=hunter2 --name code-we-trust-postgres postgres:9.6-alpine

Prepare the connection string:

server=localhost;uid=postgres;pwd=hunter2;database=code-we-trust-1;port=5432

Run the application with the connection string:

./CodeWeTrust --ConnectionStrings:CodeWeTrustDb="server=localhost;uid=postgres;pwd=hunter2;database=code-we-trust-1;port=5432"

Verify that the database and tables were created:

docker exec -it code-we-trust-postgres psql -U postgres code-we-trust-1 -c "\dt"