Skip to content
/ devsecops-fastapi Public

DevSecOps Project - GithubAction, Code Checking, Secret Scanning, Docker Image Scanning

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

enjangse88/devsecops-fastapi

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
.github/workflows
.github/workflows
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

FastAPI DevSecOps CI/CD Pipeline with GitHub Actions

Overview

This project demonstrates the implementation of a DevSecOps CI/CD pipeline using GitHub Actions for a FastAPI application. The pipeline includes various security checks such as SAST (Static Application Security Testing), code checker, container scanner, secret key checker, and DAST (Dynamic Application Security Testing). The entire workflow is orchestrated to automate the build, test, and deployment processes with a focus on security.

Features

  • Continuous Integration (CI):

    • Build and push Docker images to Docker Hub.
    • Static Application Security Testing (SAST) using Bandit.
    • Code checker for additional code quality assessments.
    • Container scanning using Docker Bench for Security.
    • Secret key checker to identify potential security risks.

  • Continuous Deployment (CD):

    • Automated deployment to a specified environment (e.g., staging or production).

  • Dynamic Application Security Testing (DAST):

    • Integration of Dynamic Application Security Testing for runtime security analysis.

Prerequisites

  • GitHub repository with a FastAPI application.
  • Docker installed locally.
  • Necessary security tools like Bandit for SAST, Docker Bench for container scanning, and Safety for checking dependencies.

Getting Started

  1. Workflow Configuration:

    • Define your CI/CD pipeline in the .github/workflows/main.yml file.
    • Configure security tools and commands in the workflow steps.

  2. Dockerfile:

    • Create a Dockerfile in the project root to define the Docker image for your FastAPI application.

  3. Security Tools Configuration:

    • Set up the configuration for security tools such as Bandit, code checker, and secret key checker.

  4. Secrets:

    • Add the DOCKER_PASSWORD secret in the GitHub repository settings for Docker Hub authentication.

  5. Commit and Push:

    • Commit the changes and push to the repository to trigger the GitHub Actions workflow.

  6. Monitor Workflow:

    • Visit the "Actions" tab in your GitHub repository to monitor the progress and logs of the workflow.

Customization

  • Customize the workflow and security checks based on your application and security requirements.
  • Adjust the Dockerfile and dependencies according to your project specifications.

License

This project is licensed under the MIT License.

About

DevSecOps Project - GithubAction, Code Checking, Secret Scanning, Docker Image Scanning

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages