https://github.com/ctfer-io/ctfd-packaged
Ready to use CTFd with ctfd-chall-manager plugin
https://github.com/ctfer-io/ctfd-packaged
ctfd ctfd-plugin
Last synced: 4 months ago
JSON representation
Ready to use CTFd with ctfd-chall-manager plugin
- Host: GitHub
- URL: https://github.com/ctfer-io/ctfd-packaged
- Owner: ctfer-io
- License: apache-2.0
- Created: 2025-01-16T20:26:47.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2025-12-31T14:42:09.000Z (5 months ago)
- Last Synced: 2026-01-04T22:41:05.857Z (5 months ago)
- Topics: ctfd, ctfd-plugin
- Language: Shell
- Homepage: https://ctfer.io
- Size: 79.1 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
README
CTFd-packaged
This repository is an internal tool to generate pre-packaged versions of CTFd.
Actually, it is used to publish the Docker image [`ctferio/ctfd`](https://hub.docker.com/r/ctferio/ctfd).
This image integrate our work for direct reuse, plus fits our security policies regarding traceability and auditability regarding Software Supply Chain.
It contains:
- [CTFd](https://github.com/ctfd/ctfd)
- [CTFd-Chall-Manager](http://github.com/ctfer-io/ctfd-chall-manager)
## Security
### Signature and Attestations
For deployment purposes (and especially in the deployment case of Kubernetes), you may want to ensure the integrity of what you run.
The Docker image is SLSA 3 and can be verified using [slsa-verifier](https://github.com/slsa-framework/slsa-verifier) using the following.
```bash
slsa-verifier slsa-verifier verify-image "ctferio/ctfd:@sha256:" \
--source-uri "github.com/ctfer-io/ctfd" \
--source-tag ""
```
Alternatives exist, like [Kyverno](https://kyverno.io/) for a Kubernetes-based deployment.
### SBOMs
A SBOM is generated for the Docker image in its manifest, and can be inspected using the following.
```bash
docker buildx imagetools inspect "ctferio/ctfd:" \
--format "{{ json .SBOM.SPDX }}"
```