Squashing changes associated with pg

2020-04-17 15:38:24 -04:00
parent 0dd2ed173c
commit 11819bf14c
7 changed files with 85 additions and 73 deletions
@@ -1,10 +1,10 @@
 FROM ruby:2.6.5
 RUN apt-get update -qq && apt-get install -y build-essential libpq-dev nodejs
 RUN mkdir /myapp
 WORKDIR /myapp
 ADD Gemfile /myapp/Gemfile
 ADD Gemfile.lock /myapp/Gemfile.lock
 RUN bundle install
 ADD . /myapp
 RUN chgrp -R 0 /myapp \
  && chmod -R g+rwX /myapp
 WORKDIR /myapp
 RUN bundle install
 ADD Gemfile /myapp/Gemfile
 ADD Gemfile.lock /myapp/Gemfile.lock
 ADD . /myapp
@@ -28,7 +28,6 @@ gem "therubyracer"
 gem "turbolinks"
 gem "uglifier"
 gem "unicorn"
 gem "pg"
 # Add SMTP server support using MailCatcher
 # NOTE: https://github.com/sj26/mailcatcher#bundler
@@ -199,7 +199,6 @@ GEM
    parallel (1.18.0)
    parser (2.6.5.0)
      ast (~> 2.4.0)
    pg (1.2.2)
    poltergeist (1.18.1)
      capybara (>= 2.1, < 4)
      cliver (~> 0.3.1)
@@ -365,7 +364,6 @@ DEPENDENCIES
  launchy
  minitest
  mysql2
  pg
  poltergeist
  powder
  pry
@@ -81,72 +81,6 @@ Exiting
 ```
 In this case, remove that server.pid file and try again. Note also that this file is in your current working directory, not inside the container.
 ## Openshift Deployment
 To deploy Railsgoat with Openshift you must first have a working [Openshift Cluster](https://docs.okd.io/latest/welcome/index.html) installed. The Railsgoat Openshift deployment currently supports Postgres on the native Openshift Postgres imagestream.
 ```bash
 $ oc new-project railsgoat --description="Railsgoat Openshift Deployment" --display-name="Railsgoat"
 ```
 ### Creating a Database Service
 Although Railsgoat in Openshift can be used with the development SQL Lite database, it also takes advantage of the PostgreSQL database image in Openshift for more creative demonstrations and an expansion of SQL attacks. To create the database service you will use the `oc new-app` command and will need to pass some environment variables. You can change these to anything you want.
 ```bash
 $ oc new-app postgresql -e POSTGRESQL_DATABASE=db_name -e POSTGRESQL_USER=username -e POSTGRESQL_PASSWORD=password
 ```
 You can also set the password for the database admin by appending the previous command with:
 ```bash
 -e POSTGRESQL_ADMIN_PASSWORD=admin_pw
 ```
 To deploy Railsgoat alongside the postgres database, you will need to run:
 ```bash
 $ oc new-app https://github.com/OWASP/railsgoat.git --name=railsgoat -e POSTGRESQL_USER=username -e POSTGRESQL_PASSWORD=password -e POSTGRESQL_DATABASE=db_name -e DATABASE_SERVICE_NAME=postgresql -e RAILS_ENV=openshift
 ```
 If you changed the database environment variables, make sure they match up.
 Enter the deployments of your new Railsgoat project and locate the railsgoat deployment config. Add the following to the config under the container object.
 ```
          command:
          - /bin/bash
          - '-c'
          args:
          - rails server -p 3000 -b 0.0.0.0
          ports:
            - containerPort: 3000
              protocol: TCP
 ```
 From the openshift console run the following where `<RAILSGOAT POD ID>` is the active pod (for example, `railsgoat-2-dkalf`):
 ```bash
 $ oc rsh <RAILSGOAT POD ID>
 ```
 From the terminal:
 ```bash
 $ rails db:migrate
 ```
 Create the railsgoat service using the template in the openshift-configs folder by either creating it in the openshift terminal window or pulling it directly from git.
 ```bash
 $ oc create -f https://raw.githubusercontent.com/relotnek/railsgoat/master/openshift-configs/railsgoatservice.yaml
 ```
 Expose the service
 ```bash
 $ oc expose service railsgoat
 ```
 Once the railgoat deployment is running navigate to the indicated route
 ## Capybara Tests
 RailsGoat now includes a set of failing Capybara RSpecs, each one indicating that a separate vulnerability exists in the application. To run them, you first need to install [PhantomJS](https://github.com/jonleighton/poltergeist#installing-phantomjs) (version 2.1.1 has been tested in Dev and on Travis CI), which is required by the Poltergeist Capybara driver. Upon installation, simply run the following task:
@@ -0,0 +1,10 @@
 $ANSIBLE_VAULT;1.1;AES256
 63303430303835393535616235383138383365363438363234316163373866616539353065343530
 3138626232306637323534343936383734363439376437620a383165366162623936613764336363
 61393232626465306139333339643531396338363631653361363562346237366534306539373938
 3135343835633239660a353038623433353364636264636633356538646431303234326437366138
 63336262376136386463653033643064616432623763626132353062646431333032353137393833
 61303832323139633831333932616565313762356233646663316636363663323166633466373066
 36663631393339633163643364613261326530363238333761306163363463623736333363323937
 30363865623132653730396235383862303439613762313163376365373464383364366333663637
 3066
@@ -0,0 +1,6 @@
 $ANSIBLE_VAULT;1.1;AES256
 35626437333463353464663839363636313435336332376561623031666263616263613638303031
 3064343638663837633934636537353736323335313663350a313338383464353231346661616563
 39353235353135323330653437333062653232366330316237656339383465653130636166346537
 6663373338366133610a383365303662306266303832326561646263363031666237303464663062
 3435
@@ -0,0 +1,65 @@
 ## Openshift Deployment
 To deploy Railsgoat with Openshift you must first have a working [Openshift Cluster](https://docs.okd.io/latest/welcome/index.html) installed. The Railsgoat Openshift deployment currently supports Postgres on the native Openshift Postgres imagestream.
 ```bash
 $ oc new-project railsgoat --description="Railsgoat Openshift Deployment" --display-name="Railsgoat"
 ```
 ### Creating a Database Service
 Although Railsgoat in Openshift can be used with the development SQL Lite database, it also takes advantage of the PostgreSQL database image in Openshift for more creative demonstrations and an expansion of SQL attacks. To create the database service you will use the `oc new-app` command and will need to pass some environment variables. You can change these to anything you want.
 ```bash
 $ oc new-app postgresql -e POSTGRESQL_DATABASE=db_name -e POSTGRESQL_USER=username -e POSTGRESQL_PASSWORD=password
 ```
 You can also set the password for the database admin by appending the previous command with:
 ```bash
 -e POSTGRESQL_ADMIN_PASSWORD=admin_pw
 ```
 To deploy Railsgoat alongside the postgres database, you will need to run:
 ```bash
 $ oc new-app https://github.com/OWASP/railsgoat.git --name=railsgoat -e POSTGRESQL_USER=username -e POSTGRESQL_PASSWORD=password -e POSTGRESQL_DATABASE=db_name -e DATABASE_SERVICE_NAME=postgresql -e RAILS_ENV=openshift
 ```
 If you changed the database environment variables, make sure they match up.
 Enter the deployments of your new Railsgoat project and locate the railsgoat deployment config. Add the following to the config under the container object.
 ```
          command:
          - /bin/bash
          - '-c'
          args:
          - rails server -p 3000 -b 0.0.0.0
          ports:
            - containerPort: 3000
              protocol: TCP
 ```
 From the openshift console run the following where `<RAILSGOAT POD ID>` is the active pod (for example, `railsgoat-2-dkalf`):
 ```bash
 $ oc rsh <RAILSGOAT POD ID>
 ```
 From the terminal:
 ```bash
 $ rails db:migrate
 ```
 Create the railsgoat service using the template in the openshift-configs folder by either creating it in the openshift terminal window or pulling it directly from git.
 ```bash
 $ oc create -f https://raw.githubusercontent.com/relotnek/railsgoat/master/openshift-configs/railsgoatservice.yaml
 ```
 Expose the service
 ```bash
 $ oc expose service railsgoat
 ```
 Once the railgoat deployment is running navigate to the indicated route