From 086e674bf4a2b385cd1b5776eb3d65ceaf19b227 Mon Sep 17 00:00:00 2001 From: "Nicholas J. Parks" Date: Sat, 22 Apr 2017 22:13:27 -0400 Subject: [PATCH] A Whole bunch of readme --- platformQuickStarts/AWS/README.md | 13 +++- .../AWS/codepipelinebuild/README.md | 64 +++++++++++++++++++ platformQuickStarts/GCP/README.md | 11 +++- platformQuickStarts/README.md | 10 +-- 4 files changed, 90 insertions(+), 8 deletions(-) create mode 100644 platformQuickStarts/AWS/codepipelinebuild/README.md diff --git a/platformQuickStarts/AWS/README.md b/platformQuickStarts/AWS/README.md index ebb486837..762bdda12 100644 --- a/platformQuickStarts/AWS/README.md +++ b/platformQuickStarts/AWS/README.md @@ -8,17 +8,24 @@ - Deploying to ECS +It is Assumed: +- You have an AWS Account +- You know what an S3 bucket is +- You have seen the IAM console and have permissions to create IAM Roles + + + ## Code Pipeline and Build -This Quickstart is for those that just want to perform builds with AWS. It uses CodeCommit but can be modified to use GitHub +This Quickstart is for those that just want to perform builds with AWS. It Triggers off of Github to perform builds of `webgoat-server` ## EC2 -This uses AWS CodePipeline, CodeBuild, and CodeDeploy to land WebGoat to Running EC2 instances +(WIP) This uses AWS CodePipeline, CodeBuild, and CodeDeploy to land WebGoat to Running EC2 instances ## ECS -This uses AWS CodePipeline, CodeBuild, CodeDeploy, ECR, to update an ECS cluster \ No newline at end of file +(WIP) This uses AWS CodePipeline, CodeBuild, ECR, to land a container onto an ECS cluster \ No newline at end of file diff --git a/platformQuickStarts/AWS/codepipelinebuild/README.md b/platformQuickStarts/AWS/codepipelinebuild/README.md new file mode 100644 index 000000000..93500af62 --- /dev/null +++ b/platformQuickStarts/AWS/codepipelinebuild/README.md @@ -0,0 +1,64 @@ += Serverless MVN builds Featuring AWS + +This Quick Start is the foundation where other of the AWS quickstarts begin. This quickstart only BUILDS the `webgoat-server` spring boot jar. If you want to also run it on AWS skip to the other AWS quickstarts + +Before you Begin +1. Do you have an AWS Account? +2. Can you create an S3 Bucket? +3. Can you create a KMS Key? +4. Do you know that Cloud Formation is? +5. Do you have enough permissions to do any real work in said AWS Account? + +If you said no to any of those...hope over to [docs](https://aws.amazon.com/documentation/) and learn (but don't do) how to create those. + + +You will also need: +1. A GitHub Account +2. Fork of WebGoat +3. Personal access Token with `Admin:repo_hook` and `repo` + + + +== Create Pre-requisites + +First pick and AWS region and stick with it for ALL the quickstarts. This one was mostly executed on US-east-1/2 but any region with KMS, CodePipeline, and CodeBuild will work. Eu-Central-1, ap-southeast-1 and sa-east-1 have reported success also. + + +1. Create an S3 bucket and call it something meaningfull like `webgoat-stash-username` or something or use an existing bucket you have access to. +2. Create a KMS Key. Make sure you are a key administrator so you can add key users later. + +== Deploy IAM role Cloud Formation Stacks + +In this folder there are two json cloudformation templates: +-`01_IAM_codebuild.json` +-`01_IAM_codepipeline.json` + +You will use the CloudFormation templates to create two roles. One for CodePipeline and the Other for CodeBuild. You will use the name of the bucket you just created as a parameter. + +== Update KMS Key + +Access the KMS key you created earlier...add the two IAM roles you just created and Key Users + +== Finally the Pipeline + +You will use the yaml cloudformation template `01_codepiplinebuild.yml` to create the code building pipeline. + +Some of the parameters you will need to pass: +1. The S3 bucket (twice) +2. The Github Branch name (master? develop? yourbranchname?) +3. The Github user (if you forked it would be your username) +4. You personal access token for GitHub +5. The name or the repo (WebGoat! ...unless you forked and rename and did a whole bunch of fancy git magic) +6. The ARN of the KMS key +7. The ARN of the role for the codebuild (qsCodeRoleArn) +8. The ARN for codepipeline (01_codepiplinebuild.yml) + +If this Stack successfully deploys a build will begin based on the lates commit automatically. You will have a funky named zip file (without the .zip) in a folder in the S3 bucket in a few minutes. + + + +Congratulations. You just Deployed a two step AWS Codepipeline that looks for codechanges and then performs a build. + +... ON to the next AWS Quickstart + + diff --git a/platformQuickStarts/GCP/README.md b/platformQuickStarts/GCP/README.md index 82a8021a9..deeb13f16 100644 --- a/platformQuickStarts/GCP/README.md +++ b/platformQuickStarts/GCP/README.md @@ -5,4 +5,13 @@ This folder contains sub folders for the various ways you could deploy WebGoat o It is assumed: 1. You have a Google Cloud Platform Account 2. You can use Git -3. You can use a Shell Linux/Mac/Google Cloud Shell \ No newline at end of file +3. You can use a Shell Linux/Mac/Google Cloud Shell + + +== GKE Docker + +Uses GKE to run the latest DockerHub version of WebGoat8 + +== AppEngine + +WIP \ No newline at end of file diff --git a/platformQuickStarts/README.md b/platformQuickStarts/README.md index 9f7b096c6..f647f3273 100644 --- a/platformQuickStarts/README.md +++ b/platformQuickStarts/README.md @@ -4,16 +4,18 @@ Want to Run WebGoat? Want to run WebGoat in the Cloud? Don't want to be cloud Ex Do we have a solution for you! -Through April to June 2017 Several IaaS (and a couple PaaSs) will be added to allow anyone to run WebGoat about anywhere. - -Additionally, Each IaaS/PaaS have their deployment steps broken down giving the *app-guy-new-to-cloud* an opportunity to learn how said platform works. +Additionally, Each IaaS/PaaS will have their deployment steps broken down giving the *app-guy-new-to-cloud* an opportunity to learn how said platform works. ## AWS -Multi-Part Quickstart. Starts with simple pipeline for code building to deploying to EC2/ECS continiously +Multi-Part Quickstart. Starts with simple pipeline that just builds code to a deploying onto EC2 instances and then containers using ECS/ECR + +## GCP + +Get WebGoat Running on GKE and AppEngine