This is a small project made for learning purposes.
- Using Terraform to deploy infrastructure in Azure
- Using Jenkins to deploy Jenkins Pipeline
- Deploying Jenkins Pipeline in Kubernetes Cluster
- Using SonarQube to analyze this project
- Using Checkov to analyze this project
- Using OWASP ZAP to analyze running Application
7) More to come...
8) Plan to Scan docker image with Trivy/Hadolint/Clair/Anchore
9) SAST Scanner on GitHub project node
- Add id_rsa of azureuser on the BuildNode Jenkins. (ID: id_rsa)
- Add DockerHub credentials on the BuildNode Jenkins. (ID: docker-hub-credentials)
- Add SonarQube credentials on the BuildNode Jenkins. (ID: token)
- Add Azure Managed Credentials on the BuildNode Jenkins. (ID: azure-credentials)
- Docker Pipeline,
- SSH Agent,
- SonarQube Scanner,
- Azure Credentials plugins.
This is a simple train schedule app written using nodejs. It is intended to be used as a sample application for a series of hands-on learning activities.
It is not necessary to run this app locally in order to complete the learning activities, but if you wish to do so you will need a local installation of npm. Begin by installing the npm dependencies with:
npm install
Then, you can run the app with:
npm start
Once it is running, you can access it in a browser at http://localhost:3000