Skip to content
/ snykit Public

A simple vulnerable Ruby application deployed to Kubernetes, used for demonstration purposes.

License

Notifications You must be signed in to change notification settings

garethr/snykit

Repository files navigation

Snykit

A simple vulnerable Ruby application deployed to Kubernetes, used for demonstration purposes.

Ruby Docker Hub Template

This repository demonstrates using the k14s toolchain for Kubernetes. Specifically using YTT for templating the configuration, kbld to build the image and store the SHA in the Kubernetes manifest and kapp to deploy to Kubernetes.

GitHub Actions is used to automatically build the images and generate a Kubernetes configuration file populated with the image SHA. You can deploy the latest version of the application using kubectl like so:

kubectl apply -f https://raw.githubusercontent.com/garethr/snykit/master/dist/snykit.yaml

Alternatively you can use kapp here as well:

kapp deploy -a snykit -f https://raw.githubusercontent.com/garethr/snykit/master/dist/snykit.yaml

Vulnerable?

The application, and the associated image, have a few known vulnerabilities. We can use Snyk to detect them. Snyk can be used via the CLI, or integrated with your CI system (including with Actions) but in this case we've imported directly from GitHub, Docker Hub and the running application in Kubernetes.

Showing vulnerabilities in Snyk

About

A simple vulnerable Ruby application deployed to Kubernetes, used for demonstration purposes.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published