aws-samples / devsecops-cicd

MIT No Attribution
87 stars 137 forks source link

Question on SonarQube URL and OWASP ZAP URL #1

Closed ahkai86 closed 3 years ago

ahkai86 commented 3 years ago

Hi ! have been able to launch Beanstalk architecture but i am missing the information of both 'SonarQube URL' and 'OWASP ZAP URL' , may i understand how to generate these 2 URLs?

I have launched a SonarQube portal is its hitting the URL of localhost:9000, is this the URL to set within the CloudFormation template under SonarQube SAST tool URL?

For OWASP ZAP URL, may i understand where to retrieve the URL?

Many thanks! =)

ahkai86 commented 3 years ago

Good Day Folks! Anyone tried to deploy the whole architecture yet?? =X

anupinder commented 3 years ago

same question as ahkai86.What is URL for OWASP ZAP URL

kuzirh commented 3 years ago

same question as ahkai86.What is URL for OWASP ZAP URL

bump +1

manepals commented 3 years ago

same question as ahkai86.What is URL for OWASP ZAP URL

bump +1

OWASP and SonarQube servers setup is outside the scope of this blog. It is assumed that you have these servers setup already. But I am working on a code to setup those as well using the CF template on an EC2 instance. Will publish that once ready.

ahkai86 commented 3 years ago

same question as ahkai86.What is URL for OWASP ZAP URL

bump +1

OWASP and SonarQube servers setup is outside the scope of this blog. It is assumed that you have these servers setup already. But I am working on a code to setup those as well using the CF template on an EC2 instance. Will publish that once ready.

Hey @manepals ! Appreciated, its been some time i touch the pipeline, hope a detailed explanation walkthrough will guide us through! Thanks and appreciated ! Cheers

manepals commented 3 years ago

same question as ahkai86.What is URL for OWASP ZAP URL

bump +1

OWASP and SonarQube servers setup is outside the scope of this blog. It is assumed that you have these servers setup already. But I am working on a code to setup those as well using the CF template on an EC2 instance. Will publish that once ready.

Hey @manepals ! Appreciated, its been some time i touch the pipeline, hope a detailed explanation walkthrough will guide us through! Thanks and appreciated ! Cheers

Here is the CF template I have added to the repo under workshop to install the open source sonarqube and owasp zap. It will install them on an EC2 instance and output the publicly accessible endpoints. Please adjust the CF as per your needs before deployment. https://github.com/aws-samples/devsecops-cicd/blob/main/workshop/templates/ec2-sonarqube-zap.yaml

ahkai86 commented 3 years ago

same question as ahkai86.What is URL for OWASP ZAP URL

bump +1

OWASP and SonarQube servers setup is outside the scope of this blog. It is assumed that you have these servers setup already. But I am working on a code to setup those as well using the CF template on an EC2 instance. Will publish that once ready.

Hey @manepals ! Appreciated, its been some time i touch the pipeline, hope a detailed explanation walkthrough will guide us through! Thanks and appreciated ! Cheers

Here is the CF template I have added to the repo under workshop to install the open source sonarqube and owasp zap. It will install them on an EC2 instance and output the publicly accessible endpoints. Please adjust the CF as per your needs before deployment. https://github.com/aws-samples/devsecops-cicd/blob/main/workshop/templates/ec2-sonarqube-zap.yaml

Encountered the following issues while running the CF, anyone also encountered this phenomenon?? tried to adjust the timing on the CreationPolicy but still doesnt work.

"Failed to receive 1 resource signal(s) within the specified duration"

EC2 logs: Aug 17 04:37:30 cloud-init[2929]: util.py[WARNING]: Failed running /var/lib/cloud/instance/scripts/part-001 [1] Aug 17 04:37:30 cloud-init[2929]: cc_scripts_user.py[WARNING]: Failed to run module scripts-user (scripts in /var/lib/cloud/instance/scripts) Aug 17 04:37:30 cloud-init[2929]: util.py[WARNING]: Running module scripts-user (<module 'cloudinit.config.cc_scripts_user' from '/usr/lib/python2.7/dist-packages/cloudinit/config/cc_scripts_user.pyc'>) failed

Updates: managed to fix this error by selecting the correct Linux AMI for my region. The region list is not updated to the latest linux AMI version 2

manepals commented 3 years ago

Great! closing the issue.