Skip to content

Latest commit

 

History

History
172 lines (117 loc) · 9.79 KB

README.md

File metadata and controls

172 lines (117 loc) · 9.79 KB

Empowering DevOps Security: Capture the Flag Challenge in Development and Operations

This repository contains the necessary artifacts to deploy a virtualized CI/CD pipeline that is meant to be used as an exploration to develop DevOps CTF challenges.

The pipeline is composed of a source control version server (Gitea) and a continuous integration server DroneCI. Gitea supports the creation of GitHub-like actions that can be executed in DroneCI runners.

The deployment of the pipeline is fully automized and can be done if using bash sudo ./prerun.sh

How to run the project

Pre-requisites

  • Docker (See Docker installation guide)
  • Part of the sudoers group
  • Ubuntu or Kali linux, the project is not aimed towards any other Operating system for the time being.

If you dont want to run on your own machines run it through virtualbox. Kali Linux virtualbox image can be found at: https://cdimage.kali.org/kali-2024.1/kali-linux-2024.1-virtualbox-amd64.7z

prerun.sh

prerun is the script which is run to deploy the pipeline command to run the script is:

    sudo ./prerun.sh

First part of why the script needs sudo access is to run docker commands. Now there is multiple docker commands in the prerun script. But the two main onces are

    docker network create network_eds
    docker compose up -d

First docker command is the create the network where the containers will run. Second command is to spawn the containers, since the containers

Second command is to spawn the containers, since the containers

Now this script needs access to sudo because it needs access to /etc/hosts. Because it needs access to the hosts file on linux is to do the command:

	sudo echo -e "$GATEWAY_IP\tgit.devops.eds" >> /etc/hosts
	sudo echo -e "$GATEWAY_IP\tdrone.devops.eds" >> /etc/hosts
	sudo echo -e "$GATEWAY_IP\tregistry.devops.eds" >> /etc/hosts
    sudo echo -e "$GATEWAY_IP\tdevops.eds" >> /etc/hosts

This adds the DNS records in your local /etc/hosts with the IP of "$GATEWAY_IP" so that possible to access the four different URL's for the challenge

Run the project

  1. Clone the project
    git clone https://git.imada.sdu.dk/mojak18/Empowering_DevOps_Security.git
  1. Move into Empowering_DevOps_Security direct and inside the src/ folder
    cd Empowering_DevOps_Security/src

If you're an Kali Linux - Run the Command inside the src folder sudo ./install-docker-kali.sh 3. Start the pipeline and create DNS records inside /etc/hosts and certificate in /etc/ssl/certs/ca-certificates.crt

    sudo ./prerun.sh
  1. Explore git, drone, and registry
Username: Alice
Password: password
1. https://git.devops.eds
2. https://drone.devops.eds
3. https://registry.devops.eds