Skip to content

Vulnerabilities detection for OpenShift images.

Notifications You must be signed in to change notification settings

RedHatInsights/vuln4shift-backend

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Tests codecov

vuln4shift-backend

Vulnerabilities detection for OpenShift images.

Development environment

docker-compose build         # Build images
docker-compose up --build    # Build images and run in foreground
docker-compose up --build -d # Build images and run in background
docker-compose down          # Stop and delete containers
docker-compose down -v       # Stop and delete containers + delete persistent volumes

# Sync CVE data
docker-compose run --rm vuln4shift_vmsync

# Sync Pyxis data
docker-compose run --rm vuln4shift_pyxis

# Sync Exploit data
docker-compose run --rm vuln4shift_expsync

# Run pg_repack job
docker-compose run --rm vuln4shift_repack

# psql console
docker-compose exec vuln4shift_database psql -U vuln4shift_admin vuln4shift

Manager swagger documentation is running at

http://localhost:8000/api/ocp-vulnerability/v1/openapi.json
http://localhost:8000/api/ocp-vulnerability/v1/openapi/index.html

Unit tests

You can run unit tests localy by using.

docker-compose run --rm vuln4shift_unit_tests

Deployment to ephemeral environment

Set following apps in ~/.config/bonfire/config.yaml:

apps:
- name: vuln4shift
  components:
  - name: backend
    host: github
    repo: RedHatInsights/vuln4shift-backend
    ref: master
    path: /deploy/clowdapp.yaml

- name: vuln4shift-local
  components:
  - name: backend-local
    host: local
    repo: ~/work/vuln4shift-backend
    path: /deploy/clowdapp.yaml

Reserve a namespace:

bonfire namespace reserve -d 4h

Deploy:

# Using the ClowdApp template from GitHub
bonfire deploy vuln4shift --namespace <reserved_namespace>

# Or using to ClowdApp template from local dir
bonfire deploy vuln4shift-local --namespace <reserved_namespace>

Note that the image tag must exist in the Quay, can be changed to different image by adding e.g.:

--set-image-tag quay.io/jdobes/vuln4shift-backend=bbbf78b