diff --git a/Dep-def.yaml b/Dep-def.yaml new file mode 100644 index 0000000..bdd08bf --- /dev/null +++ b/Dep-def.yaml @@ -0,0 +1,21 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: sc-deployment + labels: + app: securitycheck + namespace: dev +spec: + replicas: 3 + template: + metadata: + name: sc-pod + labels: + app: securitycheck + spec: + containers: + - name: sc-container + image: us-central1-docker.pkg.dev/secure-air-461520-g7/juneserver/security-playground + selector: + matchLabels: + app: securitycheck \ No newline at end of file diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..c380686 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,16 @@ +pipeline{ + agent any + environment{ + PROJECT_ID= 'secure-air-461520-g7' + REGION= 'us-central1' + REPO= 'juneserver' + } + stages{ + stage('Build'){ + steps{ + echo 'Code is pushed' + } + + } + } +} diff --git a/Loadbalancer.yaml b/Loadbalancer.yaml new file mode 100644 index 0000000..797c921 --- /dev/null +++ b/Loadbalancer.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: sc-loadbalancer + namespace: dev + labels: + app: securitycheck +spec: + type: LoadBalancer + ports: + - port: 80 + targetPort: 8081 + selector: + app: securitycheck diff --git a/README.md b/README.md index 7f0fbd1..307c9b8 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ Deploy the docker image in your environment, and setup the probe health check to You can also run the image locally: ```bash -$ docker run --rm -p 8080:8080 sysdiglabs/security-playground +$ docker run --rm -p 8081:8080 sysdiglabs/security-playground ``` @@ -42,13 +42,13 @@ The health check endpoint is `/health` on port `8080` and returns the `200` HTTP You can retrieve a file's contents by sending a `GET` request to the application's URL. ```bash -$ curl :8080/ +$ curl :8081/ ``` For example: ```bash -$ curl localhost:8080/etc/shadow +$ curl localhost:8081/etc/shadow ``` This will return the content of the `/etc/shadow` file in the container running locally. @@ -60,13 +60,13 @@ This will return the content of the `/etc/shadow` file in the container running You can write data to a file by sending a `POST` request to the application's URL with the desired content. ```bash -$ curl -X POST :8080/ -d 'content=' +$ curl -X POST :8081/ -d 'content=' ``` For example: ```bash -$ curl -X POST localhost:8080/bin/hello -d 'content=hello-world' +$ curl -X POST localhost:8081/bin/hello -d 'content=hello-world' ``` This command writes the string hello-world to /bin/hello. @@ -78,13 +78,13 @@ This command writes the string hello-world to /bin/hello. To execute a command, send a `POST` request to the `/exec` endpoint with the command as the payload. ```bash -$ curl -X POST :8080/exec -d 'command=' +$ curl -X POST :8081/exec -d 'command=' ``` For example: ```bash -$ curl -X POST localhost:8080/exec -d 'command=ls' +$ curl -X POST localhost:8081/exec -d 'command=ls' ``` This will run the command and return its STDOUT output. diff --git a/resource- b/resource- new file mode 100644 index 0000000..e69de29 diff --git a/resource-limit.yaml b/resource-limit.yaml new file mode 100644 index 0000000..0c2ebdb --- /dev/null +++ b/resource-limit.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: LimitRange +metadata: + name: sc-limitrange + namespace: dev +spec: + limits: + - default: + cpu: "200m" + memory: "256Mi" + defaultRequest: + cpu: "100m" + memory: "128Mi" + type: Container diff --git a/resource-quota.yaml b/resource-quota.yaml new file mode 100644 index 0000000..cf49780 --- /dev/null +++ b/resource-quota.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ResourceQuota +metadata: + name: sc-resourcequota + namespace: dev +spec: + hard: + limits.cpu: "1200m" + requests.cpu: "600m" + limits.memory: "2000Mi" + requests.memory: "1000Mi" + pods: 10 + \ No newline at end of file