COMP9447 Team 1 Repo
AddSec's configuration details can be found here: https://github.com/TirthParikh27/AddSec
- Slack App (CodeBuild-Bot) is added to the slack channel.
- "slackapi/[email protected]" action is added to the workflow.
- "channel-id" field need to be changed to the slack channel id from slack.
- Custom message can be inserted in the "slack-message" section.
- SLACK_BOT_TOKEN needs to be added to git secrets.
PR Environment's configuration details can be found here: https://github.com/TirthParikh27/Python_PR
- Developer creates .nix file containing base docker image and all project dependencies
- Image containing the application with a fixed set of reproducible dependencies is built automatically during a pipeline stage
- Image is scanned using Snyk
- Image is stored on ECR
- Application is deployed on ECS
- Add the required workflow actions to .pre-commit-config.yaml
- Follow these steps on your local machine
$ pip install pre-commit
$ pre-commit install
$ pre-commit run --all-filesWe didn't use CFN so getting the handle-slack-command lambda function to work for you will not be entirely simple. This lambda function was from a use case that focused on AWS CodeCommit / CodeBuild and was discarded due to taking lots of time to work on, but offering lackluster security improvements.
- You will need to make a new API that can trigger the lambda function
- You will have to add the TOKEN from CodeBuild Bot to your AWS secrets manager (So the API security works)
There is an additional feature we can't add to the repo that used AWS Macie, AWS Code Pipeline and AWS SNS Topics to send messages to Slack when a Pipeline failed.