Skip to content

rbaccus/knote-devsecops

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

53 Commits
.admin
.admin
 
 
build
build
 
 
deploy
deploy
 
 
.gitignore
.gitignore
 
 
.prettierrc.js
.prettierrc.js
 
 
README.md
README.md
 
 
azure-pipelines.yml
azure-pipelines.yml
 
 
setupEnv_template
setupEnv_template
 
 

Repository files navigation

Explore devsecops with this sample application. Full explanation of application and how to deploy it to kubernetes: https://learnk8s.io/nodejs-kubernetes-guide

Application includes node based web service and connected mongodb database. Security scans depend on Prisma Cloud Compute server and twistcli from Prisma Cloud, see https://www.paloaltonetworks.com/resources/datasheets/prisma-cloud-at-a-glance

SETUP: copy setupEnv_template to setupEnv and fill in values for Prisma Cloud Compute
$ source setupEnv

STEP 1: Build insecurely $ cd build
$ insecureBuildAndShare

STEP 2: Deploy insecurely (you must be connected to a kubernetes cluster)
$ cd deploy
$ kubectl get nodes
$ deployApp

STEP 3: Build securely (use whatever thresholds you wish, <low, medium, high, critical>)
First threshold is for CVE's, second one is for compliance tolerance
$ cd build
$ secureBuildAndShare high high

STEP 4:
deploy again and see no security issues

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 50.8%
  • JavaScript 29.3%
  • HTML 16.5%
  • Roff 2.4%
  • Dockerfile 1.0%