A sandbox project that uses react/nodejs project to demonstrate secure devops practices based on the highly successful react-boilerplate
- Seven principles of a Secure DevOps Pipeline
- Steps for Implementing Security in Your CI/CD Pipeline. These steps help address some common pipeline security practices and ensure that any vulnerabilities are identified and handled appropriately.
- Azure Devops
- Workflow that covers these step using Azure Devops
- Github Actions
- Workflow that covers these step using Github Actions
There’s also a fantastic video of the Webinar by Naci Dai which covers these principles with live actions.
Keywords: DevSecOps, DevOps, React.js, Azure, Azure DevOps, Github Actions, Pipelives
- Make sure that you have Node.js v8.15.1 and npm v5 or above installed.
- Clone this repo using
git clone --depth=1 https://github.com/eteration/secure-devops-sandbox.git <YOUR_PROJECT_NAME> - Move to the appropriate directory:
cd <YOUR_PROJECT_NAME>. - Run
npm installin order to install dependencies and clean the git repo.
At this point you can runnpm startto see the example app athttp://localhost:3000.
Now you're ready to rumble!
Please note that this boilerplate is production-ready and not meant for beginners! If you're just starting out with react or redux, please refer to https://github.com/petehunt/react-howto instead. If you want a solid, battle-tested base to build your next product upon and have some experience with react, this is the perfect start for you.
- The Hitchhiker's Guide to
react-boilerplate: An introduction for newcomers to this boilerplate. - Overview: A short overview of the included tools
- Commands: Getting the most out of this boilerplate
- Testing: How to work with the built-in test harness
- Styling: How to work with the CSS tooling
- Your app: Supercharging your app with Routing, Redux, simple asynchronicity helpers, etc.
This project is licensed under the MIT license, Copyright (c) 2020 Naci Dai. For more information see LICENSE.md.
