Skip to content

Implemented DevSecOps #55

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kiiru4reals wants to merge 92 commits into
base: master
Choose a base branch
from
Open

Implemented DevSecOps #55

kiiru4reals wants to merge 92 commits into from

Conversation

@kiiru4reals
Copy link

@kiiru4reals kiiru4reals commented Mar 14, 2025

  • Containerized application.
  • Secure build and push to Docker hub
  • Implemented SAST
  • Implemented an embarassing version of DAST (but hey I learnt)
  • Implemented IaC with deployment to Cloud Build (GCP).

@kiiru4reals
Pillow runs on the latest version.
b125c2c
@kiiru4reals
Added 0.0.0.0 and localhost to allowed hosts
ced8d33
@kiiru4reals
first commit
61f2ac8
@kiiru4reals
first commit
05d9b72
@kiiru4reals
Merge pull request #1 from kiiru4reals/docker-implementation
f7a30b6 
Docker implementation
@kiiru4reals
CircleCI Commit
c1edd16
@kiiru4reals
Merge pull request #2 from kiiru4reals/circleci-project-setup
b95fb6e 
CircleCI Commit
@kiiru4reals
Implemented circleci build
c8347b8
@kiiru4reals
Amended python version
fbd0f7c
@kiiru4reals
Redid build step
2b2cce5
@kiiru4reals
Updated python version
a2de54d
@kiiru4reals
Changed to pyhon 3.11
73b38ae
@kiiru4reals
revert to python 3.6
5a4cc8a
@kiiru4reals
Added snyk security workflow
072f6ea
@kiiru4reals
Removed hyphen on uses on line 37
e02f0c7
@kiiru4reals
Fixed indentation issue
0c85e0b
@kiiru4reals
Added hyphen on uses line 37
15757a4
@kiiru4reals
Added uses on line 36
d1cffcd
@kiiru4reals
Added true statement on the Snyk code test
5205d4d
@kiiru4reals
Authenticate with snyk
26ec2ca
@kiiru4reals
fixed indentation issue
758d090
@kiiru4reals
Added debug flag to see issues on open source monitoring.
0032882
@kiiru4reals
get python dependencies
702f4ca
@kiiru4reals
remove debug flag on open source monitor
45104f6
@kiiru4reals
Removed IaC implementation
fff3d90
@kiiru4reals
Changed image name
6d120c9
@kiiru4reals
Changed container name
6c20417
@kiiru4reals
Merge pull request #4 from kiiru4reals/snyk-security-implementation
a9bff2f 
Added snyk security workflow
@kiiru4reals
Merge pull request #3 from kiiru4reals/circleci-build
5b7f876 
Circleci build
@kiiru4reals
Docker image scan using Docker scout
1c5c27f
@kiiru4reals
Merge pull request #18 from kiiru4reals:implement-artifact-pinning
2652b96 
Implementation of artifact pinning in relation to ensuring secure build process see DevSecOps maturity model level 2.
@kiiru4reals
Add tags attribute twice
86b90ea
@kiiru4reals
Merge pull request #19 from kiiru4reals:implement-artifact-pinning
557552c 
Fix image tagging issue
@kiiru4reals
Removing extra tag attribute and made it a list on the first tag attr…
95e084d 
…ibute.
@kiiru4reals
Merge pull request #20 from kiiru4reals:implement-artifact-pinning
579989a 
Fix workflow bug to ensure pinning of artifacts.
@kiiru4reals
Generate SBOM on Docker security scan
16e6774
@kiiru4reals
Add buildx for caching
1b0ac8c
@kiiru4reals
Added context and Dockerfile
659bcf0
@kiiru4reals
Added tag
530a63e
@kiiru4reals
Made image name to be a tag
e31231b
@kiiru4reals
Remove checkout action as it is redundant.
ab3477b
@kiiru4reals
Undo checkout repo
397c298
@kiiru4reals
Change how image is labelled to reference Docker documentation
94a56bd
@kiiru4reals
Add image name
cb455b5
@kiiru4reals
fix image name on CVE step
f7f0fda
@kiiru4reals
Build docker image twice to use scout
dac8f21
@kiiru4reals
Merge pull request #21 from kiiru4reals:add-sbom-to-build-and-pr
1471071 
Add SBOM generation
@kiiru4reals
Made SBOM to be only production for efficiency
29062bc
@kiiru4reals
Merge pull request #22 from kiiru4reals:limit-sbom-to-production-buil…
2aa3a99 
…d-only

Moved SBOM to production
@kiiru4reals
bumped asgiref from 3.4.1 to 3.6.0, django from 3.2.7 to>=4.2 ,<5.0 a…
05cad49 
…nd djangorestframework from 3.12.4 to 3.15.2
@kiiru4reals
capitalized AS for conformance
6a95e6d
@kiiru4reals
Added traefik labels and network
c11ae15
@kiiru4reals
updated .dockerignore
e3b4c16
@kiiru4reals
Remove duplicate port entry and added entrypoint
4a3f98d
@kiiru4reals
Added test domain for local environment
aa14d3f
@kiiru4reals
Added running with Docker.
cc5cd01
@kiiru4reals
Merge pull request #23 from kiiru4reals:add-traefik-as-a-load-balancer
ee206c4 
Implement traefik as load balancer
@kiiru4reals
Enforce https on docker container
55b1f09
@kiiru4reals
updated domain name for local environment
da830a8
@kiiru4reals
Merge pull request #25 from kiiru4reals:updated-docker-to-accept-only…
33e7c5b 
…-port-443-requests

Updated-docker-to-accept-only-port-443-requests
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kiiru4reals