This is a sample Web Application from DEVSECOPS#1 Introduction - Implementing Secure CI/CD Pipelines demo
mvn clean package #Leveraging Maven
Deploys JAVA application target/WebApp.war
on Tomcat Web Server. This is a jenkins CI/CD pipleine that has security checks. (DevSecOp)
- Jenkins - Pipeline
- Github - Source Code Manager
- TruffleHog - Secrets Scanner (docker)
- owasp/dependency-check - Software Composition Analysis (SCA)(bash script)
- Sonarqube - SAST (docker container)
- Maven - Build ( running on instance)
- Tomcat - Web HTTP server that run java code (running on instance)
- Zap - DAST (running on docker)