Skip to content

Latest commit

 

History

History
218 lines (148 loc) · 6.12 KB

README.md

File metadata and controls

218 lines (148 loc) · 6.12 KB

Welcome to DevSecOps Studio Project!

DevSecOps Studio is a virtual environment to learn and teach DevSecOps concepts. Its easy to get started and is mostly automatic.

It takes lots of efforts to setup a DevSecOps environment for training/demos and more often, its error prone when done manually.

This project aims to reduce the time to bootstrap the environment

Note:

  • If you wish to join our free course, please click on Join the course in the above link.

How do I get set up?

Summary of Setup

TL;DR

Install Vagrant, Virtualbox, Ansible and Follow the below steps.

# Download the code
$ git clone https://github.com/teacheraio/DevSecOps-Studio.git && DevSecOps-Studio

# Download the ansible dependency roles
$ ansible-galaxy install -r requirements.yml

# Setup the environment, takes an hour or less based on your internet speed.
$ vagrant up

Go grab some coffee while DevSecOps Studio does its job.

Yes, that's it, you just setup entire DevSecOps environment with three commands :)

Details

DevSecOps Studio uses vagrant, virtualbox and ansible to setup the lab environment. You can visit the vendor's website to download the above software for on Windows/Linux/macOS.

DevSecOps Studio simulates the environment presented below.

Software

Hardware

  • Atleast 4GB of RAM for the virtual machines.
  • 60GB of HDD Space.
  • Intel i3 Processor or above.

Dependencies

MacOS (optional)

Prerequisites can also be installed via homebrew on MAC OS X

Homebrew: Optional

 /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

Vagrant

brew cask install vagrant

Virtualbox

brew cask install virtualbox

Ansible

brew install ansible

Linux

Install dependencies using apt-get

Virtualbox

sudo sh -c 'echo "deb http://download.virtualbox.org/virtualbox/debian xenial contrib" >> /etc/apt/sources.list.d/virtualbox.list'

wget -q https://www.virtualbox.org/download/oracle_vbox_2016.asc -O- | sudo apt-key add -

sudo apt update

sudo apt install virtualbox

Vagrant

sudo apt-get install vagrant python2 python2-pip

Ansible

pip install ansible

Windows (optional)

Alternatively, Installation can be done using chocolatey by opening up command prompt and using the following command.

@"%SystemRoot%\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"

Install dependencies using choco

choco install vagrant virtualbox git

Install ansible via pip

choco install python --version 2.7.6
pip install ansible

Installation

  1. Clone this repo or download the zip

    $ git clone https://github.com/teacheraio/DevSecOps-Studio.git
  2. CD into the directory and check what boxes are available.

    $ cd DevSecOps-Studio && vagrant status
  3. Download requirement ansible dependencies.

    $ ansible-galaxy install -r requirements.yml
  4. Edit the machines.yml file to make any changes, if you are not sure please leave it as default. Meanwhile, go grab some coffee to enjoy :)

    vagrant up

How to use the setup

What's included in the environment?

The environment contains the following tools used in different stages of DevSecOps.

Technology Tools
PenTest Toolkit: Nmap, Metasploit
Static Analysis Tools: Brakeman, bandit, findbugs
Dynamic Analysis Tools: ZAP proxy, Gaunlt
Hardening: DevSec Ansible OS Hardening
Compliance: Inspec
Operating System : Ubuntu Xenial (16.04)
Programming Languages: Java, Python 2, Python 3, Ruby/Rails
Container Technology: Docker
Source Code Management: Gitlab (github like system)
CI Server: Gitlab CI/Jenkins
Configuration Management: Ansible
Monitoring and Log management: Elastic Search, LogStash and Kibana
Cloud Provider Utilities: AWS CLI
Utilities: Git, Vim, curl, wget,

Todo Features

  • Provision the stack on AWS using vagrant.
  • Build Images using Packer and upload to vagrant cloud.
  • Add Ansible Testing using molecule.
  • Add Container scanning using clair.
  • Add Inspec for compliance.

Contribution guidelines

  • Fork this repo.
  • Contribute (documentation/features)
  • Raise a Pull Request (PR)

Credits

DevSecOps Studio uses some of the ansible roles from Jeff

Who do I talk to?

  • If you have any questions regarding this repo, please contact Mohammed A. Imran @secfigo and Raghunath G @raseyon