https://github.com/nadyinky/devsecops-docker-flow
CI pipeline with Docker Scout and SAST scanning for an OWASP-based Python app
https://github.com/nadyinky/devsecops-docker-flow
Last synced: 3 months ago
JSON representation
CI pipeline with Docker Scout and SAST scanning for an OWASP-based Python app
- Host: GitHub
- URL: https://github.com/nadyinky/devsecops-docker-flow
- Owner: nadyinky
- Created: 2023-12-13T20:25:52.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2023-12-16T15:53:06.000Z (over 1 year ago)
- Last Synced: 2024-11-05T08:37:09.643Z (8 months ago)
- Language: HTML
- Homepage:
- Size: 549 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-docker-scout - CI pipeline with Docker Scout and SAST scanning for an OWASP-based Python app
README
# DevSecOps pipeline for PyGoat app
Using GitHub actions built a CI pipeline doing Static Application Security Testing (SAST) and then scanning the
Docker image with Docker Scout. The scan reports are saved in `.json` and `.sarif` formats so that they can be collected
and used with other Vulnerability Management Tools.
___
# PyGoat
[](#contributors-)
intentionally vuln web Application Security in django.
our roadmap build intentionally vuln web Application in django. The Vulnerability can based on OWASP top ten
Table of Contents
=================
* [pygoat](#pygoat)
* [Installation](#installation)
* [From Sources](#from-sources)
* [Docker Container](#docker-container)
* [Installation Video](#installation-video)
* [Uninstallation](#uninstallation)
* [Solutions](/Solutions/solution.md)
* [For Developers](/docs/dev_guide.md)
## Installation
### From Sources
To setup the project on your local machine:
First, Clone the repository using GitHub website or git in Terminal
```
git clone https://github.com/adeyosemanputra/pygoat.git
### To Download a specific branch
git clone -b https://github.com/adeyosemanputra/pygoat.git
```
#### Method 1
1. Install all app and python requirements using installer file - `bash installer.sh`
2. Apply the migrations `python3 manage.py migrate`.
3. Finally, run the development server `python3 manage.py runserver`.
4. The project will be available at
#### Method 2
1. Install python3 requirements `pip install -r requirements.txt`.
2. Apply the migrations `python3 manage.py migrate`.
3. Finally, run the development server `python3 manage.py runserver`.
4. The project will be available at
#### Method 3
1. Install all app and python requirements using `setup.py` file - `pip3 install .`
2. Apply the migrations `python3 manage.py migrate`.
3. Finally, run the development server `python3 manage.py runserver`.
4. The project will be available at
### Docker Container
1. Install [Docker](https://www.docker.com)
2. Run `docker pull pygoat/pygoat` or `docker pull pygoat/pygoat:latest`
3. Run `docker run --rm -p 8000:8000 pygoat/pygoat:latest`
4. Browse to
5. Remove existing image using `docker image rm pygoat/pygoat` and pull again incase of any error
### From Docker-Compose
1. Install [Docker](https://www.docker.com)
2. Run `docker-compose up` or `docker-compose up -d`
### Build Docker Image and Run
1. Clone the repository `git clone https://github.com/adeyosemanputra/pygoat.git`
2. Build the docker image from Dockerfile using `docker build -f Dockerfile -t pygoat .`
3. Run the docker image `docker run --rm -p 8000:8000 pygoat:latest`
4. Browse to or
### Installation video
1. From Source using `installer.sh`
- [Installing PyGoat from Source](https://www.youtube.com/watch?v=7bYBJXG3FRQ)
2. Without using `installer.sh`
- [](http://www.youtube.com/watch?v=rfzQiMeiwso "Installation Pygoat")
## Uninstallation
### On Debian/Ubuntu Based Systems
- On Debian/Ubuntu based systems, you can use the `uninstaller.sh` script to uninstall `pygoat` along with all it's dependencies.
- To uninstall `pygoat`, simply run:
```bash
$ bash ./uninstaller.sh
```
### On Other Systems
- On other systems, you can use the `uninstaller.py` script to uninstall `pygoat` along with all it's dependencies
- To uninstall `pygoat`, simply run:
```bash
$ python3 uninstaller.py
```
## Solutions
Solutions to all challenges
## Contributors ✨
Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/docs/en/emoji-key)):
pwned-17
💻
Aman Singh
💻
adeyosemanputra
💻 📖
gaurav618618
💻 📖
MajAK
💻
JustinPerkins
💻
Liu Peng
💻
Metaphor
💻
whokilleddb
💻
This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification. Contributions of any kind welcome!