Accompanying repository for the courses on Automated Security Testing on Pluralsight. Please note that these instructions can slightly differ from the ones being shown during the courses - this repository is leading.
- https://app.pluralsight.com/library/courses/approaching-automated-security-testing-devsecops/table-of-contents
- https://app.pluralsight.com/library/courses/performing-devsecops-automated-security-testing/table-of-contents
- https://app.pluralsight.com/library/courses/integrating-automated-security-testing-tools/table-of-contents
The files in this repository allow you to quickly spin up a lab, consisting of
- Jenkins, a build and automation server
- GitLab, a git server
- Sonarqube, a code quality server
- Docker registry, a Docker registry server
Ensure you have
docker
anddocker-compose
installed, and that you have the correct permissions to execute the binariesdocker version docker-compose version
Clone this repository
git clone https://github.com/PeterMosmans/devsecops-lab cd devsecops-lab
Find out the group ID of
docker
:getent group docker
Copy the file
docker-compose.override.example.yml
todocker-compose.override.yml
, and ensure that the group ID is the same as your localdocker
group ID. In the example, the group ID is999
:--- version: "3.5" services: jenkins: user: ":999"
That's it! Now you can execute docker-compose up --detach
in this
directory - this will spin up the servers in the background.
By default, Jenkins will listen on port 8080 (http), Gitlab on port 80 (http)
and 7722 (ssh), and Sonarqube on port 8080 (http). You can override the port
numbers in docker-compose.override.yml
. See the docker-compose.yml
file
for the correct syntax.
The default Jenkins password can be read from the jenkins container:
docker exec jenkins cat /var/jenkins_home/secrets/initialAdminPassword
The default GitLab password for user root
can be read from the gitlab
container:
docker exec gitlab cat /etc/gitlab/initial_root_password