From 200cffbba491f24f372cf4be5efff34d53a9c6cb Mon Sep 17 00:00:00 2001 From: "prisma-cloud-devsecops[bot]" <89982750+prisma-cloud-devsecops[bot]@users.noreply.github.com> Date: Mon, 14 Nov 2022 14:25:21 +0000 Subject: [PATCH 1/9] Prisma Cloud has found BC_VUL_2 --- sca-package/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sca-package/requirements.txt b/sca-package/requirements.txt index 557fbc0..4f8c2ea 100644 --- a/sca-package/requirements.txt +++ b/sca-package/requirements.txt @@ -1,3 +1,3 @@ django==1.2 -flask==0.6 +flask==0.12.3 requests==2.26.0 From de29afebfe866ef6a968662ab82eb2a014a964a9 Mon Sep 17 00:00:00 2001 From: "prisma-cloud-devsecops[bot]" <89982750+prisma-cloud-devsecops[bot]@users.noreply.github.com> Date: Mon, 14 Nov 2022 14:49:08 +0000 Subject: [PATCH 2/9] Prisma Cloud has found BC_VUL_2 From 3610195f1c961816e57afaa6132c14574e981d38 Mon Sep 17 00:00:00 2001 From: "prisma-cloud-devsecops[bot]" <89982750+prisma-cloud-devsecops[bot]@users.noreply.github.com> Date: Mon, 21 Nov 2022 18:54:43 +0000 Subject: [PATCH 3/9] Prisma Cloud has found BC_AWS_GENERAL_3 --- terraform/main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/terraform/main.tf b/terraform/main.tf index 9fc7c4d..76cf7f7 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -69,4 +69,5 @@ module "instance" { resource "aws_ebs_volume" "i" { availability_zone = "${var.region}a" size = 40 + encrypted = true } \ No newline at end of file From 56c120f20d1983747c72a4e564b7a3fa62fe0318 Mon Sep 17 00:00:00 2001 From: Casey Walker Date: Sun, 27 Nov 2022 14:59:47 -0500 Subject: [PATCH 4/9] New commit README --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 114072b..52310fc 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,3 @@ # codegoat Sample repo of errors, misconfigurations, and vulnerabilities for Bridgecrew and Prisma Cloud Code Security +new change From 250cde25393da7ef22b1700fcbfaeb32e2b870c7 Mon Sep 17 00:00:00 2001 From: Casey Walker Date: Sun, 27 Nov 2022 15:13:01 -0500 Subject: [PATCH 5/9] secrets mod branch --- secrets/app.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/secrets/app.js b/secrets/app.js index 68d0341..d75846a 100644 --- a/secrets/app.js +++ b/secrets/app.js @@ -1,3 +1,4 @@ const SEC_1 = "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" +const SEC_3 = "dsapi45202d12abdce73c004a9e0be24a21b2" const SEC_2 = "eyJrIjoiNUwyZU7TMmRxQXNVcnR7UXB0ME4zYkhRaTk2STVhR0MiLCJuIjoidGVtcCIsImlkIjoxfQ==" -const SEC_3 = "dsapi45202d12abdce73c004a9e0be24a21b2" \ No newline at end of file +const SEC_3 = "dsapi45202d12abdce73c004a9e0be24a21b2" From 0167949d9524c07dc37d7c7a2d9d8f9f61613790 Mon Sep 17 00:00:00 2001 From: Casey Walker Date: Sun, 27 Nov 2022 15:14:24 -0500 Subject: [PATCH 6/9] newfile --- newfile.tf | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 newfile.tf diff --git a/newfile.tf b/newfile.tf new file mode 100644 index 0000000..a3f02d6 --- /dev/null +++ b/newfile.tf @@ -0,0 +1,31 @@ +resource "aws_ecs_task_definition" "service" { + family = "service" + container_definitions = jsonencode([ + { + name = "first" + image = "nginx" + cpu = 10 + memory = 512 + essential = true + portMappings = [ + { + containerPort = 80 + hostPort = 80 + } + ] + }, + { + name = "second" + image = "python:3.9-alpine" + cpu = 10 + memory = 256 + essential = true + portMappings = [ + { + containerPort = 443 + hostPort = 443 + } + ] + } + ]) +} From 2201fb518fb129e9944302898742f5f78cd9301c Mon Sep 17 00:00:00 2001 From: Casey Walker Date: Tue, 13 Dec 2022 11:10:37 -0500 Subject: [PATCH 7/9] fix --- sca-image/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sca-image/Dockerfile b/sca-image/Dockerfile index ca4cce8..fa9e8b8 100644 --- a/sca-image/Dockerfile +++ b/sca-image/Dockerfile @@ -4,5 +4,5 @@ RUN groupadd -r johnnycodev && useradd -r -s /bin/false -g johnnycodev johnnycod WORKDIR /app COPY . /app RUN chown -R johnnycodev:johnnycodev /app -USER johnnycodev -CMD node index.js +USER johnnycodevsasdf +CMD node index.js \ No newline at end of file From d5905d300aac42b75bf28289911a728b14729693 Mon Sep 17 00:00:00 2001 From: Casey Walker Date: Sat, 25 Feb 2023 14:07:51 -0500 Subject: [PATCH 8/9] new s3 --- terraform/ecs.tf | 1 + terraform/s3.tf | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 terraform/s3.tf diff --git a/terraform/ecs.tf b/terraform/ecs.tf index a3f02d6..cba65c3 100644 --- a/terraform/ecs.tf +++ b/terraform/ecs.tf @@ -29,3 +29,4 @@ resource "aws_ecs_task_definition" "service" { } ]) } +` \ No newline at end of file diff --git a/terraform/s3.tf b/terraform/s3.tf new file mode 100644 index 0000000..37c78ff --- /dev/null +++ b/terraform/s3.tf @@ -0,0 +1,33 @@ +resource "aws_ecs_task_definition" "service" { + family = "service" + container_definitions = jsonencode([ + { + name = "first" + image = "nginx" + cpu = 10 + memory = 512 + essential = true + portMappings = [ + { + containerPort = 80 + hostPort = 80 + } + ] + }, + { + name = "second" + image = "python:3.9-alpine" + cpu = 10 + memory = 256 + essential = true + portMappings = [ + { + containerPort = 443 + hostPort = 443 + } + ] + } + ]) +} +` + From 0dcb6e8458cc26be5e0c527539e8c94cc9ede85d Mon Sep 17 00:00:00 2001 From: Casey Walker Date: Sat, 25 Feb 2023 14:11:45 -0500 Subject: [PATCH 9/9] new README --- terraform/README | 1 + 1 file changed, 1 insertion(+) create mode 100644 terraform/README diff --git a/terraform/README b/terraform/README new file mode 100644 index 0000000..2127861 --- /dev/null +++ b/terraform/README @@ -0,0 +1 @@ +new readme change