Skip to content

Nicole732/docker-image-scan-gitlabcicd

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

181 Commits
.dependabot
.dependabot
 
 
.github
.github
 
 
.gitlab
.gitlab
 
 
.zap
.zap
 
 
config
config
 
 
data
data
 
 
encryptionkeys
encryptionkeys
 
 
frontend
frontend
 
 
ftp
ftp
 
 
i18n
i18n
 
 
lib
lib
 
 
models
models
 
 
monitoring
monitoring
 
 
routes
routes
 
 
rsn
rsn
 
 
screenshots
screenshots
 
 
test
test
 
 
uploads/complaints
uploads/complaints
 
 
vagrant
vagrant
 
 
views
views
 
 
.DS_Store
.DS_Store
 
 
.codeclimate.yml
.codeclimate.yml
 
 
.devcontainer.json
.devcontainer.json
 
 
.dockerignore
.dockerignore
 
 
.eslintrc.js
.eslintrc.js
 
 
.gitignore
.gitignore
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
.gitleaks.toml
.gitleaks.toml
 
 
.gitpod.yml
.gitpod.yml
 
 
.imgbotconfig
.imgbotconfig
 
 
.mailmap
.mailmap
 
 
.npmrc
.npmrc
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
Dockerfile
Dockerfile
 
 
Gruntfile.js
Gruntfile.js
 
 
HALL_OF_FAME.md
HALL_OF_FAME.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
REFERENCES.md
REFERENCES.md
 
 
SECURITY.md
SECURITY.md
 
 
SOLUTIONS.md
SOLUTIONS.md
 
 
app.json
app.json
 
 
app.ts
app.ts
 
 
config.schema.yml
config.schema.yml
 
 
crowdin.yaml
crowdin.yaml
 
 
ctf.key
ctf.key
 
 
cypress.json
cypress.json
 
 
docker-compose.test.yml
docker-compose.test.yml
 
 
package.json
package.json
 
 
server.ts
server.ts
 
 
swagger.yml
swagger.yml
 
 
threat-model.json
threat-model.json
 
 
tsconfig.json
tsconfig.json
 
 
upload-reports.py
upload-reports.py
 
 

Repository files navigation

DevSecOps Bootcamp: Scan Docker Images using Trivy with GitLab CI/CD Pipeline

Project Details

Part 1: Update GitLab CI/CD pipeline to perform Docker image scanning using Trivy. Part 2: Update GitLab CI/CD pipeline to automate upload of Trivy image scan results to DefectDojo.

Table of contents

Technologies Used

Trivy, Git, GitLab CI, Docker, AWS ECR, Python, DefectDojo

Project Description:

Part 1

  • Create new job in GitLab CI/CD pipeline that :
    • Pulls the Docker image from private AWS ECR b.
    • Runs Trivy image scan on the image
    • Fails Trivy job only if high or critical level security findings are detected

Part 2

  • Update Trivy job to export image security findings report as pipeline artifact
  • Update Python script to automatically upload Trivy security findings to DefectDojo
  • Update Upload Reports job to execute Python upload script for Trivy scan reports

Initial Project

This project build on previous one: GitHub It uses OAWSP Juice Shop vulnerable application as the application code: Juice Shop Screenshot Slideshow

Contributors

The contributors to this project are:

Licensing

This program is free software: you can redistribute it and/or modify it under the terms of the MIT license.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

 
 
 

Contributors

Languages