Skip to content

andreainnocenti/demo-secure-coding

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

65 Commits

test

test

 
 

.DS_Store

.DS_Store

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

License.txt

License.txt

 
 

README.md

README.md

 
 

app.js

app.js

 
 

deployment.yml

deployment.yml

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

utils.js

utils.js

 
 

Repository files navigation

Secure Coding Demo

Simple "Hello World" application to demostrate how a DevSecOps approach can help to discover security issues.

Prerequisited

  • IBM Cloud account
  • Kubernetes cluster (free cluster is fine)

To get started, click this button:

Create toolchain

Then change the Source repository url in https://github.com/andreainnocenti/demo-secure-coding and select the Kubernetes cluster in the Delivery Pipeline tab.

image

It implements the following best practices:

  • sanity check the Dockerfile prior to attempting creating the image,
  • build container image on every Git commit, setting a tag based on build number, timestamp and commit id for traceability
  • use a private image registry to store the built image, automatically configure access permissions for target cluster deployment using API tokens than can be revoked,
  • check container image for security vulnerabilities,
  • insert the built image tag into the deployment manifest automatically,
  • use an explicit namespace in cluster to insulate each deployment (and make it easy to clear, by "kubectl delete namespace"),

Learn more

About

No description, website, or topics provided.

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

43 tags

Packages

No packages published

Languages

  • Dockerfile 49.0%
  • JavaScript 46.9%
  • Shell 4.1%