GithubHelp home page GithubHelp logo

somerset-inc / juice-shop-goof Goto Github PK

View Code? Open in Web Editor NEW

This project forked from juice-shop/juice-shop

0.0 0.0 97.0 138.89 MB

Vulnerable TypeScript Application

License: MIT License

Shell 0.08% JavaScript 30.39% Python 0.15% TypeScript 57.97% CSS 0.10% HTML 7.65% Handlebars 0.11% Dockerfile 0.05% Pug 0.42% SCSS 2.17% Solidity 0.81% HCL 0.10%
backend frontend payment pci pci-compliance

juice-shop-goof's Introduction

original Juice Shop readme

Snyk Juice Shop

This is a vulnerable by design repository for demonstrating Snyk Insights. Do not deploy this in production.

Step 0: Prepare Demo Environemnt

Install Tools

Fork & Import

Fork this repository and import it in a new or existing org.

git clone https://github.com/somerset-inc/juice-shop-goof.git
cd juice-shop

Deploy Juice Shop to EKS

In A Cloud Guru create an AWS sandbox environment, then add the following as GitHub Actions Variables:

AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
SNYK_ORG_ID
SNYK_TOKEN

Edit the _build_flag file to trigger EKS provisioning and Juice Shop deployment.

Step 1: Deploy the Kubernetes Connector

Create Snyk Service Acount with minimum scope: docs

Log into AWS CLI:

aws configure
aws eks update-kubeconfig --region us-east-1 --name juice-shop-cluster

Add the secret

kubectl create secret generic insights-secret --from-literal=snykServiceAccountToken=YOUR_SNYK_TOKEN

Add the Helm chart

helm repo add kubernetes-scanner https://snyk.github.io/kubernetes-scanner
helm repo update

Install the chart

helm install insights \
	--set "secretName=insights-secret" \
	--set "config.clusterName=juice-shop-cluster" \
	--set "config.routes[0].organizationID=YOUR_ORG_ID" \
	--set "config.routes[0].clusterScopedResources=true" \
	--set "config.routes[0].namespaces[0]=*"  \
	kubernetes-scanner/kubernetes-scanner

Run kubectl get pods to verify the pod is running.

Step 2: Scan and Tag Container projects

See full docs on tagging format. This is required to link Open Source and Code projects with Container projects.

Add tags to container images: see example workflow.

Examples:

snyk container monitor your/image:tag --tags="component=pkg:${{ github.repository }}@${{ github.ref_name }}"
snyk container monitor your/image:tag --tags="component=pkg:github/org/repo@branch"

Step 3: Tag Open Source and Code projects

Review script at insights/apply-tags.py.

pip install requests
python3 insights/apply-tags.py --org-id your-org-id --snyk-token your-snyk-token --origin github

juice-shop-goof's People

Contributors

aaryan01 avatar aashish683 avatar agrawalarpit14 avatar alejandrosaenz117 avatar bkimminich avatar bogminic avatar captainfreak avatar chinggg avatar cigar-galaxy82 avatar cnotin avatar dylansnyk avatar eric-nieuwland avatar freedisch avatar greenkeeper[bot] avatar j12934 avatar jamescullum avatar juiceshopbot avatar justinsmid avatar m4l1c3 avatar marcrler avatar paseaf avatar rishabhkeshan avatar rockydevnet avatar scar26 avatar shubhampalriwala avatar supra08 avatar tghosth avatar thavelock avatar the-pro avatar wurstbrot avatar

Forkers

jeremiahgrady snyk-cs-goof-org pdrakesnyk taylor-browntest123 amacsnyk snyk-japan asabushaban defenderk github-organization-1 dylansnyk-org appriskorg github-organization-2 alexisjtg deanna-lalo alidasef snykmathesorg jake-ghe-demo paige-test-org wendy-enterprise snyk-front-end-apps ghe-test123 varun-snyk antz-snyk1 jonchiapprisk strava-explorer fridl-snyk-test-org rharp reinerhaneburgersnyk identityteam tsrobsworld snyk-elvio robertnorrie assaforg rogerioenterprises joeshope puya310inc apynos swschmidt paymentsteam jaceorg 797-enterprises sandy-torres mathiasconradt jonathanatsnyk joeysnyk abertola123 michaelkuchyt fonstella cgibbs-snyk faithtarbertsnyk gcmurphy-snyk snyk-googol sladey01 weilunsnyk bi-team-org cgdent-snyk gwnlng apj-ctf lmaeda snyk-japan mkajitansnyk v-gor insightstest billy-snyk grantbroadleyinsights fk-snyk-org t-corp-ltd colinsimningsnyk jamieallensnyk emanfas snykjp-apprisk dollav sharmynsnyk csmonkee insightsmsmith e-corp-demo kartikdedhia csteeves01 irinamititica karenmatoke dylansnyk-org nathanroystest mark-snyk jordanmilessnyk almasnykinsightsorg markusweldonorg ioana08 shivamjindalsnyk matt-g-darin finbarfleming faceyacc exampleorgsnyk katiepistello1 iuriikogan-snyk cdobru snykdemoch karthiksnyk

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.