{"id":23527945,"url":"https://github.com/nerdingitout/hello-compliance-app","last_synced_at":"2025-10-10T05:02:00.561Z","repository":{"id":260431956,"uuid":"777719604","full_name":"nerdingitout/hello-compliance-app","owner":"nerdingitout","description":"Created for toolchain: https://cloud.ibm.com/devops/toolchains/4de65b8f-2f6b-4fc5-a22c-fd239e1013e6?env_id=ibm:yp:eu-de","archived":false,"fork":false,"pushed_at":"2024-03-26T11:40:38.000Z","size":2573,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-05-14T10:32:11.981Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"CSS","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nerdingitout.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"License.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-03-26T11:40:27.000Z","updated_at":"2024-03-26T11:41:02.000Z","dependencies_parsed_at":"2024-10-31T09:38:49.935Z","dependency_job_id":null,"html_url":"https://github.com/nerdingitout/hello-compliance-app","commit_stats":null,"previous_names":["nerdingitout/hello-compliance-app"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nerdingitout%2Fhello-compliance-app","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nerdingitout%2Fhello-compliance-app/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nerdingitout%2Fhello-compliance-app/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nerdingitout%2Fhello-compliance-app/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nerdingitout","download_url":"https://codeload.github.com/nerdingitout/hello-compliance-app/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254120983,"owners_count":22018081,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-25T20:18:56.967Z","updated_at":"2025-10-10T05:02:00.493Z","avatar_url":"https://github.com/nerdingitout.png","language":"CSS","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n    \u003ca href=\"https://cloud.ibm.com\"\u003e\n        \u003cimg src=\"https://cloud.ibm.com/media/docs/developer-appservice/resources/ibm-cloud.svg\" height=\"100\" alt=\"IBM Cloud\"\u003e\n    \u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n    \u003ca href=\"https://cloud.ibm.com\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/IBM%20Cloud-powered-blue.svg\" alt=\"IBM Cloud\"\u003e\n    \u003c/a\u003e\n    \u003cimg src=\"https://img.shields.io/badge/platform-nodejs-lightgrey.svg?style=flat\" alt=\"Node.js\"\u003e\n    \u003ca href=\"https://cloud.ibm.com/docs/devsecops\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/DevSecOps-enabled-blue.svg?style=flat\" alt=\"DevSecOps\"\u003e\n    \u003c/a\u003e\n\u003c/p\u003e\n\n# Create and deploy a Node.js Sample Application using IBM Cloud DevSecOps\n\n\u003e **DISCLAIMER**: This is a guideline sample application and is used for demonstrative and illustrative purposes of Node.js application deployed using IBM Cloud DevSecOps Continuous Integration (CI) and Continuous Deployment (CD) pipelines. This is not a production ready code.\n\n## Contents\n- [Scope](#scope)\n- [Run the sample](#run-the-sample)\n- [Create DevSecOps toolchains](#create-devsecops-toolchains)\n- [Additional information](#additional-information)\n\n## Scope\nThis sample contains a simple Node.js microservice that can be deployed to a Kubernetes cluster and provides a simple front-end.\n\n## Run the sample\n- Prerequisites:\n  - Node.js installed on your machine.\n- Download the source code\n  ```\n  git clone \u003cgit_url\u003e\n  cd hello-compliance-app\n  ```\n- Installing dependencies by running `npm install` from the root folder to install the app’s dependencies.\n- Run `npm start` to start the app.\n- Access the running app in a browser at http://localhost:8080\n\n## Create DevSecOps toolchains\n\n### Pre-requisites\n\n- An IBM Cloud account needs to be setup\n- A Kubernetes cluster exists to deploy the application\n\nMore information at [DevSecOps Tutorial - Set up prerequisites](https://cloud.ibm.com/docs/devsecops?topic=devsecops-tutorial-cd-devsecops)\n\n### Toolchains setup\n\nThe DevSecOps toolchains to create and deploy this Node.js sample to IBM Cloud with DevSecOps CI can be created using the following link: [DevSecOps CI toolchain](https://cloud.ibm.com/devops/setup/deploy?repository=https%3A%2F%2Fus-south.git.cloud.ibm.com%2Fopen-toolchain%2Fcompliance-ci-toolchain\u0026env_id=ibm:yp:us-south).\n\nThe DevSecOps CD can be created using the following link: [DevSecOps CD toolchain](https://cloud.ibm.com/devops/setup/deploy?repository=https%3A%2F%2Fus-south.git.cloud.ibm.com%2Fopen-toolchain%2Fcompliance-cd-toolchain\u0026env_id=ibm:yp:us-south).\n\n### Customized scripts for DevSecOps pipelines\nThe source code of the sample contains a [.pipeline-config.yaml](/.pipeline-config.yaml) file and scripts located in the [scripts](./scripts/) folder.\nThe `.pipeline-config.yaml` file is the core configuration file that is used by DevSecOps CI, CD and CC pipelines for all of the stages in the pipeline run processes.\nThose scripts can be customized if needed just like the `.pipeline-config.yaml` content.\n\n### Configuration of customized stages and scripts\nNote: default scripts invoked in various stages of the pipelines are provided by the [commons base image](https://us-south.git.cloud.ibm.com/open-toolchain/compliance-commons) and can be configured using specific properties, as described in the documentation [Pipeline parameters](https://cloud.ibm.com/docs/devsecops?topic=devsecops-cd-devsecops-pipeline-parm)\n\nThe sections below describe additional parameters (specific to these customized scripts) used to configure the [`scripts`](./scripts/) used in this sample.\n\n#### containerize stage\n| Property | Default | Description | Required |\n| -------- | :-----: | ----------- | :------: |\n| `registry-domain` | | the container registry URL domain that is used to build and tag the image. Useful when using private-endpoint container registry. | |\n\n#### deploy stage\n| Property | Default | Description | Required |\n| -------- | :-----: | ----------- | :------: |\n| `deployment-file` | `deployment_os.yml` or `deployment_iks.yml` according to the kind of Kubernetes cluster | Kubernetes deployment file to apply to the target kubernetes cluster | |\n| `cookie-secret` | `mycookiesecret` | cookie secret value for the deployment secret | |\n| `deploy-ibmcloud-api-key` | Default to the value of `ibmcloud-api-key` | specific IBM Cloud API key to be used for the deployment to the cluster. | |\n\n#### dynamic-scan stage\n| Property | Default | Description | Required |\n| -------- | :-----: | ----------- | :------: |\n| `opt-in-dynamic-scan` | | To enable the OWASP Zap scan. | |\n| `opt-in-dynamic-api-scan` | | To enable the OWASP Zap API scan. | |\n| `opt-in-dynamic-api-scan` | | To enable the OWASP Zap UI scan. | |\n\n#### release stage\n| Property | Default | Description | Required |\n| -------- | :-----: | ----------- | :------: |\n| `skip-inventory-update-on-failure` | | if set, the inventory update will be done only if there is no failure in the compliance checks | |\n\n### Detect secrets\n\nDetect secrets check is performed as part of the PullRequest pipeline and Continuous Integration pipelines so this repository includes a [.secrets.baseline](.secrets.baseline) to identify baseline for secrets check.\n\nMore information at [Configuring Detect secrets scans](https://cloud.ibm.com/docs/devsecops?topic=devsecops-cd-devsecops-detect-secrets-scans)\n\nNote: detect-secret is configured as a pre-commit hook for this sample repository. See [.pre-commit-config.yaml](.pre-commit-config.yaml)\n\n### CRA Scanning\n\nThis repository includes a [.cra/.cveignore](.cra/.cveignore) file that is used by Code Risk Analyzer (CRA) in IBM Cloud Continuous Delivery. This file helps address vulnerabilities that are found by CRA until a remediation is available, at which point the vulnerabilities will be addressed in the respective package versions. CRA keeps the code in this repository free of known vulnerabilities, and therefore helps make applications that are built on this code more secure. If you are not using CRA, you can safely ignore this file.\n\n## Additional information\n\n### Documentation\n- [DevSecOps tutorial - Set-up prerequites](https://cloud.ibm.com/docs/devsecops?topic=devsecops-tutorial-cd-devsecops)\n- [DevSecOps tutorial - Set-up a DevSecOps CI toolchain](https://cloud.ibm.com/docs/devsecops?topic=devsecops-tutorial-ci-toolchain)\n- [DevSecOps tutorial - Set-up a DevSecOps CD toolchain](https://cloud.ibm.com/docs/devsecops?topic=devsecops-tutorial-cd-toolchain)\n- [DevSecOps Continuous Integration pipeline](https://cloud.ibm.com/docs/devsecops?topic=devsecops-cd-devsecops-ci-pipeline)\n\n### Troubleshooting\nDocumentation can be found [here](https://cloud.ibm.com/docs/ContinuousDelivery?topic=ContinuousDelivery-troubleshoot-devsecops).\n\n### Report a problem or looking for help\nGet help directly from the IBM Cloud development teams by joining us on [Slack](https://join.slack.com/t/ibm-devops-services/shared_invite/zt-1znyhz8ld-5Gdy~biKLe233Chrvgdzxw).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnerdingitout%2Fhello-compliance-app","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnerdingitout%2Fhello-compliance-app","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnerdingitout%2Fhello-compliance-app/lists"}