Skip to content

ZupIT/horusec-platform

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

566 Commits

.github

.github

 
 

analytic

analytic

 
 

api

api

 
 

assets

assets

 
 

auth

auth

 
 

core

core

 
 

deployments

deployments

 
 

e2e/cypress

e2e/cypress

 
 

manager

manager

 
 

messages

messages

 
 

migrations

migrations

 
 

vulnerability

vulnerability

 
 

webhook

webhook

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

.goreleaser.yml

.goreleaser.yml

 
 

.talismanrc

.talismanrc

 
 

BUILD.md

BUILD.md

 
 

CODE_OF_CONDUCT.md

CODE_OF_CONDUCT.md

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

NOTICE.md

NOTICE.md

 
 

README.md

README.md

 
 

copyright.txt

copyright.txt

 
 

renovate.json

renovate.json

 
 

Repository files navigation

logo_header

Horusec Platform

Table of contents

1. About

2. Usage

2.1. Requirements

2.2. Installation

3. Features

4. Documentation

5. Issues

6. Contributing

7. License

8. Community

About

Horusec Platform is a set of web services that integrate with Horusec-CLI to make it easier for you to see and manage the vulnerabilities.

Usage

Requirements

See below the requirements to install Horusec-Platform:

Installation

There are several ways to install the Horusec-Platform in your environment. In some of them, we use a make command to simplify the process. If you want to know everything that will be executed, take a look at the Makefile located at the project's root.

Choose what type of installation you want below, but remember to change the default environment variables values to new and secure ones.

1. Install with docker compose

Follow the steps:

Step 1: Run the command:

make install

Step 2: Start the docker compose file compose.yml. It has all services, migrations and the needed dependencies.

  • You can find the compose file in deployments/compose/compose.yaml;
  • You can find migrations in migrations/source.

Step 3: Now the installation is ready with all default values, the latest versions, and the user for tests, see below:

Username: dev@example.com
Password: Devpass0*

Docker compose file is configured to perform a standard installation by default.
In the production environments' case, make sure to change the values of the environment variables to new and secure ones.

⚠️ We do not recommend using docker-compose installation in a productive environment.

For more information about Docker compose, check out Docker compose installation section.

2. Install with Helm

Each release contains its own helm files for that specific version, you can find them in the repository and in the folder deployments/helm. In both cases, they will be separated by each service of the architecture.

For more information, check out the installing with Helm section.

3. Install with Horusec-Operator

Horusec-Operator manages Horusec web services and its Kubernetes cluster. It was created based on the community’s idea to have a simpler way to install the services in an environment using Kubernetes.

Features

Horusec-Platform provides several features, see some of them below.

MultiTenancy

It distributes only the necessary permissions according to each user:

multiTenancy

Dashboard

The dashboard shows you several metrics about your workspaces and repositories' vulnerabilities:

dashboard

Vulnerability Management

The vulnerability management screen allows you to identify false positives and accepted risks. You can modify a severity to an appropriate value to the reality of the vulnerability:

vuln-management

Tokens

It creates workspaces or repositories authentication tokens for your pipeline:

tokens

Authentication Types

You can choose which form of authentication you will use with Horusec-Platform.

There are three possibilities:

  • HORUSEC (native)
  • LDAP
  • KEYCLOAK

For more information about authentication types, check out our documentation.

Documentation

For more information about Horusec, please check out the documentation.

Issues

To open or track an issue for this project, in order to better coordinate your discussions, we recommend that you use the Issues tab in the main Horusec repository.

Contributing

If you want to contribute to this repository, access our Contributing Guide.

Developer Certificate of Origin - DCO

This is a security layer for the project and for the developers. It is mandatory.

Follow one of these two methods to add DCO to your commits:

1. Command line Follow the steps: Step 1: Configure your local git environment adding the same name and e-mail configured at your GitHub account. It helps to sign commits manually during reviews and suggestions.

git config --global user.name “Name”
git config --global user.email “email@domain.com.br”

Step 2: Add the Signed-off-by line with the '-s' flag in the git commit command:

$ git commit -s -m "This is my commit message"

2. GitHub website You can also manually sign your commits during GitHub reviews and suggestions, follow the steps below:

Step 1: When the commit changes box opens, manually type or paste your signature in the comment box, see the example:

Signed-off-by: Name < e-mail address >

For this method, your name and e-mail must be the same registered on your GitHub account.

License

Apache License 2.0.

Community

Do you have any question about Horusec? Let's chat in our forum.

This project exists thanks to all the contributors. You rock! ❤️🚀

About

Horusec Platform is a set of web services that integrate with the Horusec CLI to facilitate the visualization and management of found vulnerabilities.

horusec.io

Topics

react javascript css kubernetes golang ldap typescript sql keycloak email helm scss operator hacktoberfest message-broker operator-sdk

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

59 stars

Watchers

7 watching

Forks

23 forks
Report repository

Releases 26

v2.18.0 Latest
Mar 22, 2022
+ 25 releases

Contributors 16

+ 2 contributors

Languages