teodoran
commented
2 years ago Debatable if this still is desired. The XXS-flag would at least have to be changed somewhat, since it currently requires the workshop to be hosted from the workshop admins local machine.
During the workshop, the participants work on a separate instance of the application when hunting for flags. Previously, this instance has been hosted locally by the workshop host by using ngrok. It would make it easier to host the workshop if the challenge instance was hosted online somewhere.
If hosted online, then build and deploy automation should be set up, so a push to master triggers a new build and deploy. The build should inject the flags as secret configuration values. In addition, the database should be recreated from some dump-file, so that the state of the application is reset every time a new version is deployed.
GitHub Actions are suggested as a tool for setting up build and deploy.