From bb7eb34dd43769ea467787b532adbbb5ef65bb6e Mon Sep 17 00:00:00 2001 From: Andrew Steurer Date: Sun, 18 Aug 2024 12:02:25 -0600 Subject: [PATCH] renaming some things Signed-off-by: Andrew Steurer --- Dockerfile | 8 ++++++++ Makefile | 4 ++-- README.md | 2 +- app.Dockerfile | 13 ------------- chart/Chart.yaml | 4 ++-- chart/templates/client.yaml | 16 ++++++++-------- chart/templates/postgres.yaml | 24 ++++++++++++------------ chart/values.yaml | 2 +- go.mod | 2 +- 9 files changed, 35 insertions(+), 40 deletions(-) create mode 100644 Dockerfile delete mode 100644 app.Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..f5039b2 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,8 @@ +FROM golang + +COPY main.go go.mod go.sum ./ + +RUN go mod download && \ + go build -o main main.go + +ENTRYPOINT [ "./main" ] \ No newline at end of file diff --git a/Makefile b/Makefile index 5d6840e..a14a485 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ .PHONY: build push exec_db install uninstall # Builds the docker image of the database client and tags it build: - docker build . -f app.Dockerfile -t ghcr.io/kube-hack/sql-injection + docker build . -t ghcr.io/kube-hack/sql-injection # Pushes the docker image to a container registry push: @@ -9,7 +9,7 @@ push: # Execs user into the database to test SQL commands exec_db: - kubectl exec -it $$(kubectl get pods | awk '/postgres-db/ {print $$1}') -- psql -U postgres + kubectl exec -it $$(kubectl get pods | awk '/db-sql-injection/ {print $$1}') -- psql -U postgres # Installs the helm chart install: diff --git a/README.md b/README.md index 2987af3..ea290b5 100644 --- a/README.md +++ b/README.md @@ -47,7 +47,7 @@ helm install sql-injection kube-hack/sql-injection ### Port-forward the application ```sh -kubectl port-forward svc/postgres-client 3000:3000 +kubectl port-forward svc/client-sql-injection 3000:3000 ``` After the application is port-forwarded (accessible via localhost), you can run the below actions: diff --git a/app.Dockerfile b/app.Dockerfile deleted file mode 100644 index 20f19c7..0000000 --- a/app.Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -FROM golang:1.22 - -WORKDIR /app - -COPY main.go go.mod go.sum ./ - -RUN go mod download - -RUN go build -o main main.go - -EXPOSE 8080 - -ENTRYPOINT [ "./main" ] \ No newline at end of file diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 82e1342..5194321 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 name: sql-injection -description: A chart that installs a PostgreSQL database with a database client has SQL injection vulnerabilities. +description: A chart that deploys a PostgreSQL database with a database client that has SQL injection vulnerabilities. type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: 0.2.0 diff --git a/chart/templates/client.yaml b/chart/templates/client.yaml index 070c116..f66795c 100644 --- a/chart/templates/client.yaml +++ b/chart/templates/client.yaml @@ -1,39 +1,39 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: postgres-client + name: client-sql-injection spec: replicas: 1 selector: matchLabels: - app: postgres-client + app: client-sql-injection template: metadata: labels: - app: postgres-client + app: client-sql-injection spec: containers: - - name: postgres-client + - name: client-sql-injection image: ghcr.io/kube-hack/sql-injection:latest imagePullPolicy: Always ports: - containerPort: 8080 envFrom: - configMapRef: - name: postgres-secret + name: creds-db-sql-injection --- apiVersion: v1 kind: Service metadata: - name: postgres-client + name: client-sql-injection labels: - app: postgres-client + app: client-sql-injection spec: type: ClusterIP ports: - port: 3000 targetPort: 8080 selector: - app: postgres-client \ No newline at end of file + app: client-sql-injection \ No newline at end of file diff --git a/chart/templates/postgres.yaml b/chart/templates/postgres.yaml index bff5ff0..6a216dc 100644 --- a/chart/templates/postgres.yaml +++ b/chart/templates/postgres.yaml @@ -1,9 +1,9 @@ apiVersion: v1 kind: ConfigMap metadata: - name: postgres-secret + name: creds-db-sql-injection labels: - app: postgres + app: creds-db-sql-injection data: POSTGRES_USER: "{{ .Values.postgres.user }}" POSTGRES_PASSWORD: "{{ .Values.postgres.password }}" @@ -14,7 +14,7 @@ data: apiVersion: v1 kind: ConfigMap metadata: - name: postgres-sql-schema + name: schema-db-sql-injection data: schema.sql: {{ .Files.Get "files/schema.sql" | indent 4 }} @@ -23,26 +23,26 @@ data: apiVersion: apps/v1 kind: Deployment metadata: - name: postgres-db + name: db-sql-injection spec: replicas: 1 selector: matchLabels: - app: postgres-db + app: db-sql-injection template: metadata: labels: - app: postgres-db + app: db-sql-injection spec: containers: - - name: postgres-db + - name: db-sql-injection image: postgres imagePullPolicy: Always ports: - containerPort: 5432 envFrom: - configMapRef: - name: postgres-secret + name: creds-db-sql-injection volumeMounts: - mountPath: /docker-entrypoint-initdb.d/ name: schema-volume @@ -56,20 +56,20 @@ spec: volumes: - name: schema-volume configMap: - name: postgres-sql-schema + name: schema-db-sql-injection --- apiVersion: v1 kind: Service metadata: - name: postgres-db + name: db-sql-injection labels: - app: postgres-db + app: db-sql-injection spec: type: ClusterIP ports: - port: 5432 targetPort: 5432 selector: - app: postgres-db \ No newline at end of file + app: db-sql-injection \ No newline at end of file diff --git a/chart/values.yaml b/chart/values.yaml index 96232ae..ed2d4fe 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -2,4 +2,4 @@ postgres: user: postgres database: postgres password: postgres - host: postgres-db.default.svc.cluster.local:5432 \ No newline at end of file + host: db-sql-injection.default.svc.cluster.local:5432 \ No newline at end of file diff --git a/go.mod b/go.mod index 6948f91..4871bb2 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/asteurer/kh-sql-injection +module sql-injection go 1.22.4