team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added openshift configs

Browse Source
This commit is contained in:
Ken Toler
2020-03-01 13:57:00 -05:00
parent e5a03e4da6
commit ad311cdda1
2 changed files with 105 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+54
View File
@@ -81,6 +81,60 @@ Exiting
``` ```
In this case, remove that server.pid file and try again. Note also that this file is in your current working directory, not inside the container. In this case, remove that server.pid file and try again. Note also that this file is in your current working directory, not inside the container.
## Openshift Deployment
To deploy Railsgoat with Openshift you must first have a working [Openshift Cluster](https://docs.okd.io/latest/welcome/index.html) installed. The Railsgoat Openshift deployment currently supports Postgres on the native Openshift Postgres imagestream.
```bash
$ oc new-project railsgoat --description="Railsgoat Openshift Deployment" --display-name="Railsgoat"
```
### Creating a Database Service
Although Railsgoat in Openshift can be used with the development SQL Lite database, it also takes advantage of the PostgreSQL database image in Openshift for more creative demonstrations and an expansion of SQL attacks. To create the database service you will use the `oc new-app` command and will need to pass some environment variables. You can change these to anything you want.
```bash
$ oc new-app postgresql -e POSTGRESQL_DATABASE=db_name -e POSTGRESQL_USER=username -e POSTGRESQL_PASSWORD=password
```
You can also set the password for the database admin by appending the previous command with:
```bash
-e POSTGRESQL_ADMIN_PASSWORD=admin_pw
```
To deploy Railsgoat alongside the postgres database, you will need to run:
```bash
$ oc new-app https://github.com/relotnek/railsgoat.git --name=railsgoat -e POSTGRESQL_USER=username -e POSTGRESQL_PASSWORD=password -e POSTGRESQL_DATABASE=db_name -e DATABASE_SERVICE_NAME=postgresql -e RAILS_ENV=openshift
```
If you changed the database environment variables, make sure they match up.
Enter the deployments of your new Railsgoat project and locate the railsgoat deployment config. Add the following to the config under the container object.
```
command:
- /bin/bash
- '-c'
args:
- rails server -p 3000 -b 0.0.0.0
ports:
- containerPort: 3000
protocol: TCP
```
From the openshift console run the following where `<RAILSGOAT POD ID>` is the active pod:
```bash
$ oc rsh <RAILSGOAT POD ID>
```
From the terminal:
```bash
$ rails db:migrate
```
Once the railgoat deployment is running
## Capybara Tests ## Capybara Tests
RailsGoat now includes a set of failing Capybara RSpecs, each one indicating that a separate vulnerability exists in the application. To run them, you first need to install [PhantomJS](https://github.com/jonleighton/poltergeist#installing-phantomjs) (version 2.1.1 has been tested in Dev and on Travis CI), which is required by the Poltergeist Capybara driver. Upon installation, simply run the following task: RailsGoat now includes a set of failing Capybara RSpecs, each one indicating that a separate vulnerability exists in the application. To run them, you first need to install [PhantomJS](https://github.com/jonleighton/poltergeist#installing-phantomjs) (version 2.1.1 has been tested in Dev and on Travis CI), which is required by the Poltergeist Capybara driver. Upon installation, simply run the following task:
config/environments/openshift.rb
+51
View File
@@ -0,0 +1,51 @@
# frozen_string_literal: true
Railsgoat::Application.configure do
# Settings specified here will take precedence over those in config/application.rb
config.hosts << '.svc.cluster.local'
# In the development environment your application's code is reloaded on
# every request. This slows down response time but is perfect for development
# since you don't have to restart the web server when you make code changes.
config.cache_classes = false
# Show full error reports and disable caching
config.consider_all_requests_local = true
config.action_controller.perform_caching = false
# Don't care if the mailer can't send
config.action_mailer.raise_delivery_errors = false
# Print deprecation notices to the Rails logger
config.active_support.deprecation = :log
# Only use best-standards-support built into browsers
config.action_dispatch.best_standards_support = :builtin
# Tired of caching causing issues
config.middleware.delete Rack::ETag
# Do not compress assets
config.assets.compress = false
# Expands the lines which load the assets
config.assets.debug = true
# ActionMailer settings for email support
config.action_mailer.delivery_method = :smtp
config.action_mailer.smtp_settings = { address: "127.0.0.1", port: 1025 }
config.action_mailer.default_url_options = { host: "127.0.0.1:3000" }
# config.middleware.insert_before(
# Rack::Lock, Rack::LiveReload,
# :min_delay => 500,
# :max_delay => 1000,
# :port => 35727,
# :host => 'railsgoat.dev',
# :ignore => [ %r{dont/modify\.html$} ]
# )
# For Rails 4.0+
# Do not eager load code on boot. This avoids loading your whole application
# just for the purpose of running a single test. If you are using a tool that
# preloads Rails for running tests, you may have to set it to true.
config.eager_load = false
end