FennECR

• Summary
• Key Features
• Setup for docker image version
• Setup for source version
• Meet the team

Summary

FennECR tracks and organizes vulnerability scans performed by AWS ECR, and provides a user-friendly interface to manage and respond to security findings effectively.

Key Features of FennECR

a. Centralized Dashboard:

A basic yet powerful dashboard that displays scan results in a unified view, as depicted in this demo. Detailed insights into the security status and vulnerability details of your container images, as shown in this demo. Easily toggle scan-on-push settings for your repositories directly from our interface, enhancing your workflow as demonstrated in this demo.

b. Local Environment Variable Integration

Secure Credential Management: Your credentials remain under your control. Security is our utmost priority, your local environment variables are managed with the highest level of security on your local environment.

c. Multi-Access Key Support

Are you managing multiple AWS accounts? FennECR seamlessly supports multi access keys, allowing you to track and manage vulnerabilities across various accounts with ease, as demonstrated in this demo.

d. Historical scan results secured in DynamoDB

Need to review past scan results? FennECR securely stores historical data in DynamoDB, making accessing and analyzing previous scan outcomes easy.

e. Dark Mode

Enjoy the flexibility of dark mode, designed to reduce eye strain and provide a visually pleasing interface for users who prefer a darker theme, as illustrated in this demo.

Setup

Docker Container

1. Install docker
2. Create a folder for the app mkdir FennECR
3. Go to the folder you just created cd FennECR
4. Create Docker compose file(run touch docker-compose.yml and paste in the below template or download here and put in the same folder)

• docker-compose.yml template

version: '3.8'

services:
  client:
    image: fennecr/insightecr-client
    ports:
      - '80:80'
    depends_on:
      - server
    env_file:
      - .env
    networks:
      - insightecr-network

  server:
    image: fennecr/insightecr-server
    ports:
      - '3000:3000'
    container_name: insightecr-server-1
    depends_on:
      - dynamodb
    env_file:
      - .env
    networks:
      - insightecr-network

  dynamodb:
    image: amazon/dynamodb-local
    container_name: dynamodb
    ports:
      - '8000:8000'
    volumes:
      - dynamodbdata:/data
    env_file:
      - .env
    networks:
      - insightecr-network

volumes:
  dynamodbdata:

networks:
  insightecr-network:
    driver: bridge

5. Setup environment variables

•   5.1 Create a .env file in the same folder using below template

  # AWS Credentials for Development Environment
  AWS_REGION_DEV="your_aws_region"
  AWS_ACCESS_KEY_ID_DEV="your_iam_access_key_id"
  AWS_SECRET_ACCESS_KEY_DEV="your_iam_secret_access_key"
  
  # AWS Credentials for Production Environment(e.g., for other aws roles or accounts, you can replace DEV or PROD with other string)
  AWS_REGION_PROD="your_aws_region"
  AWS_ACCESS_KEY_ID_PROD="your_iam_access_key_id"
  AWS_SECRET_ACCESS_KEY_PROD="your_iam_secret_access_key"
  
  # DynamoDB Configuration
  DYNAMODB_TABLE_NAME="ImagesTable"
  SCAN_RESULT_TABLE="SingleScanResult"
  DYNAMODB_ACCESS_KEY_ID="local"
  DYNAMODB_SECRET_ACCESS_KEY="local"
  
  # Use "http://localhost:8000" when running on localhost
  # Use "http://dynamodb:8000" when running the docker version
  DYNAMODB_ENDPOINT="http://dynamodb:8000"

•   5.2 Replace "your_aws_region", "your_iam_access_key_id", "your_iam_secret_access_key" with your own credentials

6. Run docker-compose up
7. Browse to http://localhost

From Sources

1. Install Node.js
2. Run git clone https://github.com/oslabs-beta/FennECR.git (or clone your own fork of the repository)
3. Go into the cloned folder with cd FennECR
4. Run npm install to install dependencies in the root folder
5. Run cd server && npm install && cd .. to install server side dependencies
6. Run cd client/insightecr && npm install && cd ../.. to install client side dependencies
7. Setup DynamoDB local

•   7.1 Install docker
•   7.2 Pull the DynamoDB docker image from docker Hub docker pull amazon/dynamodb-local
•   7.3 Run the image docker run -p 8000:8000 amazon/dynamodb-local and keep the terminal open

8. Setup environment variables

•   8.1 Create a .env file in the root of server folder using below template

  # AWS Credentials for Development Environment
  AWS_REGION_DEV="your_aws_region"
  AWS_ACCESS_KEY_ID_DEV="your_iam_access_key_id"
  AWS_SECRET_ACCESS_KEY_DEV="your_iam_secret_access_key"
  
  # AWS Credentials for Production Environment(e.g., for other aws roles or accounts, you can replace DEV or PROD with other string)
  AWS_REGION_PROD="your_aws_region"
  AWS_ACCESS_KEY_ID_PROD="your_iam_access_key_id"
  AWS_SECRET_ACCESS_KEY_PROD="your_iam_secret_access_key"
  
  # DynamoDB Configuration
  DYNAMODB_TABLE_NAME="ImagesTable"
  SCAN_RESULT_TABLE="SingleScanResult"
  DYNAMODB_ACCESS_KEY_ID="local"
  DYNAMODB_SECRET_ACCESS_KEY="local"
  
  # Use "http://localhost:8000" when running on localhost
  # Use "http://dynamodb:8000" when running the docker version
  DYNAMODB_ENDPOINT="http://localhost:8000"

•   8.2 Replace "your_aws_region", "your_iam_access_key_id", "your_iam_secret_access_key" with your own credentials

9. Run npm start
10. Browse to http://localhost

The FennECR Team

Developed By
Cyane Li
Jing Xia
Ricardo De los Reyes
Richard Araujo
Peter Gao