{"id":31110645,"url":"https://github.com/statusneo/ssdlc-demo","last_synced_at":"2026-02-13T20:02:21.162Z","repository":{"id":310966582,"uuid":"1041939620","full_name":"StatusNeo/ssdlc-demo","owner":"StatusNeo","description":null,"archived":false,"fork":false,"pushed_at":"2025-09-04T16:02:52.000Z","size":30,"stargazers_count":0,"open_issues_count":22,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-09-04T18:07:28.587Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/StatusNeo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-08-21T08:36:03.000Z","updated_at":"2025-08-21T09:10:08.000Z","dependencies_parsed_at":"2025-08-21T10:42:58.692Z","dependency_job_id":"d36ebdf9-3a97-43fe-88e5-947b2103d01d","html_url":"https://github.com/StatusNeo/ssdlc-demo","commit_stats":null,"previous_names":["statusneo/ssdlc-demo"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/StatusNeo/ssdlc-demo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StatusNeo%2Fssdlc-demo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StatusNeo%2Fssdlc-demo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StatusNeo%2Fssdlc-demo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StatusNeo%2Fssdlc-demo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/StatusNeo","download_url":"https://codeload.github.com/StatusNeo/ssdlc-demo/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StatusNeo%2Fssdlc-demo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":275556857,"owners_count":25486041,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-17T02:00:09.119Z","response_time":84,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-09-17T07:52:26.255Z","updated_at":"2025-09-17T07:52:29.743Z","avatar_url":"https://github.com/StatusNeo.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SSDLC Demo\n\nA minimal FastAPI application demonstrating a Secure SDLC (SSDL) with multiple security controls integrated into CI/CD.\n\n## Features\n- Health and Echo endpoints (`/health`, `/echo`)\n- Structured JSON logging\n- Unit tests with `pytest` and coverage threshold (\u003e=80%)\n- Tooling via pre-commit: Black, isort, Flake8, Mypy, Bandit, detect-secrets\n- SCA: Dependabot for pip, Docker, Terraform, GitHub Actions\n- SAST: SonarCloud via GitHub Action\n- IaC: Terraform for ECR, ECS Fargate, ALB, Security Groups + Checkov scan\n- Container security: Trivy scan in pipeline\n- DAST: OWASP ZAP baseline scan workflow\n\n## Getting Started\n\n### Requirements\n- Python 3.11+\n- Docker (optional for container runs)\n\n### Install and Run\n```bash\npython -m pip install -U pip\npython -m pip install -e .[dev]\nmake run\n```\nOpen http://127.0.0.1:8000/docs\n\n### With Docker Compose\n```bash\ndocker compose up --build\n```\n\n### Tests and Quality\n```bash\nmake format\nmake lint\nmake type-check\nmake test\nmake security-scan\nmake precommit\n```\n\n## CI/CD and Security Gates\n- `ci.yml`: runs formatting, linting, typing, bandit, pip-audit, tests, coverage, SonarCloud\n- `deploy.yml`: on main, builds image, scans with Trivy, pushes to ECR, Terraform apply with OIDC\n- `dast-zap.yml`: nightly + PR ZAP baseline scan against ephemeral container\n- Checkov is run over `infra/` as part of CI\n\n## Terraform Deploy (AWS)\nVariables (see `infra/variables.tf`):\n- `region` (default `us-east-1`)\n- `name` (default `ssdlc-demo`)\n- `image_tag` (set to Docker tag pushed to ECR)\n\nApply:\n```bash\ncd infra\nterraform init\nterraform plan -var=\"image_tag=\u003ctag\u003e\"\nterraform apply -auto-approve -var=\"image_tag=\u003ctag\u003e\"\n```\n\n## Backlog\n- RASP integration placeholder\n- Application fuzzing hooks (e.g., `pytest` property-based tests / fuzzers) ","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstatusneo%2Fssdlc-demo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstatusneo%2Fssdlc-demo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstatusneo%2Fssdlc-demo/lists"}