Skip to content

Releases: rcarrata/devsecops-demo

v1.2.0

22 Sep 19:01
48a2308
Compare
Choose a tag to compare

Fixed Secured Cluster.
Bump versions of Build Images
Fixed minor bugs

v1.1.0

17 Jul 13:19
f15f140
Compare
Choose a tag to compare

Extended Lab adding the following features:

  • Added ACS Policy for Signing Violation
  • Added Quay to store signed Artifacts
  • Added Tekton Chaining for build pipeline violation
  • Added Cosign Signing
  • Updated Readme to reflect feature changes

Big thank you @MoOyeg for this contribution to the lab!

v1.0.0

16 Jul 19:12
Compare
Choose a tag to compare

This first release of the devsecops demo includes:

  • Static application security testing (SAST) using SonarQube, and JUnit Testing
  • Software composition analysis (SCA) with Maven Dependency Report and Nexus
  • Interactive application security testing (IAST) and dynamic application security testing (DAST) using StackRox/RHACS
  • Configuration Management and Image Risk using StackRox/RHACS
  • Pentesting using OWASP Zap Proxy
  • Performance Tests using Gatling
  • Optional: Slack Notifications using Stackrox Notifications and Slack chanel
  • Ansible Automation for install, configure and prepare all the prerequisites and software needed during the demo