In this PR, I will tweak some resources and make basic changes related to a basic prod deployment in minikube. As I deploy it myself and scan a vast environment, I will apply changes here.
For now, this PR adds:
A script to install dependencies if you run Ubuntu Server. It most likely works on any Debian flavor that uses the apt package manager
A network tweak to allow connections from anywhere, not just localhost, in production
The ability to modify the bind address in the setup.sh script
The ability to negate a subscription condition. It was implemented right away to allow for a really basic filter of IP scanning to be done to avoid scanning basic useless IPs like 127.0.0.2.
An update mechanic for the jobs through Kafka. The orchestrator keeps a cache of the jobs. It greatly limits the amount of data sent through Kafka and kept in memory for the jobs manager.
A retry mechanic for kubernetes requests in the orchestrator
A bug fix for the jobs manager where there was a race condition for a mongo transaction that was not made properly.
The jobs output and final status are now reported through the orchestrator, reducing the load on the K8s API.
Fixes some UI bugs:
The "Took" in the job executions list
Feeding the nuclei finding handler template did not work, now it is fed
Fixed the secrets page title that was not set
Quick fixes for the different user UIs, mostly aligning stuff and making it not ugly
This PR will close:
230
257
TODO or, at the very least, if not implemented, issues should be created:
[x] Deleting a job from the orchestrator cache is not currently possible #254
[x] Ensuring that a job in the cache is no older than the job being ran with an updatedAt timestamp #254
[x] Updating the documentation
[x] Reporting a finding is no longer the same as printing to stdout, implementing jobs doc should be updated
[x] The jobs can now talk to the orchestrator, the network architecture doc should be updated
[x] More in depth validation of the parameters in the new Orchestrator controller
[x] Fix the custom handler template injection when creating a nuclei
In this PR, I will tweak some resources and make basic changes related to a basic prod deployment in minikube. As I deploy it myself and scan a vast environment, I will apply changes here.
For now, this PR adds:
Ubuntu Server. It most likely works on any Debian flavor that uses theaptpackage managersetup.shscriptThis PR will close:
230
257
TODO or, at the very least, if not implemented, issues should be created: