Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/garethr/snykit
A simple vulnerable Ruby application deployed to Kubernetes, used for demonstration purposes.
https://github.com/garethr/snykit
kapp kbld snyk ytt
Last synced: about 2 months ago
JSON representation
A simple vulnerable Ruby application deployed to Kubernetes, used for demonstration purposes.
- Host: GitHub
- URL: https://github.com/garethr/snykit
- Owner: garethr
- License: other
- Created: 2020-02-21T11:48:06.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2024-09-21T07:43:12.000Z (3 months ago)
- Last Synced: 2024-10-11T11:25:16.666Z (2 months ago)
- Topics: kapp, kbld, snyk, ytt
- Language: Ruby
- Homepage:
- Size: 257 KB
- Stars: 1
- Watchers: 4
- Forks: 12
- Open Issues: 28
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Snykit
A simple vulnerable Ruby application deployed to Kubernetes, used for demonstration purposes.
![Ruby](https://github.com/garethr/snykit/workflows/Ruby/badge.svg) ![Docker Hub](https://github.com/garethr/snykit/workflows/Docker%20Hub/badge.svg) ![Template](https://github.com/garethr/snykit/workflows/Template/badge.svg)
This repository demonstrates using the [k14s](https://k14s.io/) toolchain for Kubernetes. Specifically using [YTT](https://get-ytt.io/) for templating the configuration, [kbld](https://get-kbld.io/) to build the image and store the SHA in the Kubernetes manifest and [kapp](https://get-kapp.io/) to deploy to Kubernetes.
GitHub Actions is used to automatically build the images and generate a Kubernetes configuration file populated with the image SHA. You can deploy the latest version of the application using `kubectl` like so:
```console
kubectl apply -f https://raw.githubusercontent.com/garethr/snykit/master/dist/snykit.yaml
```Alternatively you can use `kapp` here as well:
```console
kapp deploy -a snykit -f https://raw.githubusercontent.com/garethr/snykit/master/dist/snykit.yaml
```## Vulnerable?
The application, and the associated image, have a few known vulnerabilities. We can use [Snyk](https://snyk.io/) to detect them. Snyk can be used via the CLI, or integrated with your CI system (including with [Actions](https://github.com/garethr/snykit/actions)) but in this case we've imported directly from GitHub, Docker Hub and the running application in Kubernetes.
![Showing vulnerabilities in Snyk](assets/snyk.png)