From 5516c30f64f06c5cd86589ddb19e23e1d5b18cc7 Mon Sep 17 00:00:00 2001 From: Archisman Mridha Date: Sun, 28 Jan 2024 08:11:17 +0530 Subject: [PATCH] Adding Kubernetes `Application` resource manifests for microservices | Disabling `dorny paths filter` in Github Actions | Update Readme.md --- .github/workflows/main.yaml | 65 +++++++------- README.md | 8 +- compose.yaml | 88 ++++++++++++++----- .../application-controller/deployment.yaml | 2 +- .../feeds-microservice.application.yaml | 16 ++++ .../followships-microservice.application.yaml | 16 ++++ .../microservices/gateway.application.yaml | 16 ++++ .../posts-microservice.application.yaml | 16 ++++ .../profiles-microservice.application.yaml | 16 ++++ .../users-microservice.application.yaml | 16 ++++ .../application/sample.application.yaml | 2 +- ...ntroller.container-image-scan-result.sarif | 33 +++++++ ...oservice.container-image-scan-result.sarif | 33 +++++++ ...oservice.container-image-scan-result.sarif | 33 +++++++ .../gateway.container-image-scan-result.sarif | 33 +++++++ ...oservice.container-image-scan-result.sarif | 33 +++++++ ...oservice.container-image-scan-result.sarif | 33 +++++++ 17 files changed, 396 insertions(+), 63 deletions(-) create mode 100644 kubernetes/base/microservices/feeds-microservice.application.yaml create mode 100644 kubernetes/base/microservices/followships-microservice.application.yaml create mode 100644 kubernetes/base/microservices/gateway.application.yaml create mode 100644 kubernetes/base/microservices/posts-microservice.application.yaml create mode 100644 kubernetes/base/microservices/profiles-microservice.application.yaml create mode 100644 kubernetes/base/microservices/users-microservice.application.yaml create mode 100644 outputs/trivy/application-controller.container-image-scan-result.sarif create mode 100644 outputs/trivy/feeds-microservice.container-image-scan-result.sarif create mode 100644 outputs/trivy/followships-microservice.container-image-scan-result.sarif create mode 100644 outputs/trivy/gateway.container-image-scan-result.sarif create mode 100644 outputs/trivy/profiles-microservice.container-image-scan-result.sarif create mode 100644 outputs/trivy/users-microservice.container-image-scan-result.sarif diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 9ecb150..d49f4f5 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -6,9 +6,6 @@ name: Main on: push: branches: [main] - pull_request: - branches: [dev, main] - types: [opened, edited] ## Adding this allows us to trigger this workflow manually (Just for debugging purposes). workflow_dispatch: {} @@ -131,8 +128,8 @@ jobs: - go.work.sum - name: application-controller - path: backend/gateway - manifest: kubernetes/base/microservices/application-controller.application.yaml + path: kubernetes/operators/application + manifest: kubernetes/base/application-controller/deployment.yaml path_filters: | changed: - kubernetes/operators/application/** @@ -144,23 +141,23 @@ jobs: ## If sourcecode of the microservice has changed, only then we will rebuild, push, sign ## and scan the container image. - - name: Detect sourcecode change - uses: dorny/paths-filter@v2 - id: path-filter - with: - base: ${{ github.ref }} - filters: ${{ matrix.microservice.path_filters }} + ## - name: Detect sourcecode change + ## uses: dorny/paths-filter@v2 + ## id: path-filter + ## with: + ## base: ${{ github.ref }} + ## filters: ${{ matrix.microservice.path_filters }} - name: Set up QEMU - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' uses: docker/setup-qemu-action@v2 - name: Set up Docker Buildx - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' uses: docker/setup-buildx-action@v2 - name: Login to GitHub Container Registry - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' uses: docker/login-action@v2.1.0 with: registry: ghcr.io @@ -168,7 +165,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Restore cached Cargo dependencies (if exists) - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' uses: actions/cache/restore@v3 with: path: | @@ -177,7 +174,7 @@ jobs: key: ${{ runner.os }}-cargo-${{ matrix.microservice.name }}-${{ hashFiles('**/Cargo.lock') }} - name: Build and push AMD64 container image - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' uses: docker/build-push-action@v4 with: context: . @@ -194,7 +191,7 @@ jobs: cache-to: type=gha,mode=max - name: Cache Cargo dependencies - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' uses: actions/cache@v3 with: path: | @@ -203,20 +200,20 @@ jobs: key: ${{ runner.os }}-cargo-${{ matrix.microservice.name }}-${{ hashFiles('**/Cargo.lock') }} - name: Remove cached folders from local machine - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' run: | rm -rf /usr/local/cargo/registry/ target/ ## Cosign is a command line utility that can sign and verify software artifact, such as ## container images and blobs. - name: Install Cosign - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' uses: sigstore/cosign-installer@v3.1.1 with: cosign-release: v2.2.1 - name: Sign the published container image - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' env: COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} run: | @@ -228,11 +225,11 @@ jobs: ghcr.io/archisman-mridha/instagram-clone-${{ matrix.microservice.name }}:${{ github.sha }} -y - name: Create outputs directory - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' run: mkdir -p ./outputs/trivy - name: Scan container image for vulnerabilities - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' uses: aquasecurity/trivy-action@master with: image-ref: ghcr.io/archisman-mridha/instagram-clone-${{ matrix.microservice.name }}:${{ github.sha }} @@ -243,23 +240,23 @@ jobs: output: ./outputs/trivy/${{ matrix.microservice.name }}.container-image-scan-result.sarif - name: Upload the scan result as Github artifact - if: steps.path-filter.outputs.changed == 'true' + ## if: steps.path-filter.outputs.changed == 'true' uses: actions/upload-artifact@v3 with: name: trivy.${{ matrix.microservice.name }}-microservice.container-image-scan-result.sarif path: ./outputs/trivy/${{ matrix.microservice.name }}.container-image-scan-result.sarif - ## - name: Update container image tag in Kubernetes manifests - ## if: steps.path-filter.outputs.changed == 'true' - ## run: | - ## git config --global user.name "Archisman-Mridha" - ## git config --global user.email "archismanmridha12345@gmail.com" - ## git config --global pull.rebase false + - name: Update container image tag in Kubernetes manifests + ## if: steps.path-filter.outputs.changed == 'true' + run: | + git config --global user.name "Archisman-Mridha" + git config --global user.email "archismanmridha12345@gmail.com" + git config --global pull.rebase false - ## git pull origin main + git pull origin main -f - ## sed -i 's/instagram-clone-\(.*\):[[:alnum:]]\+/instagram-clone-\1:${{ github.sha }}/g' ${{ matrix.microservice.manifest }} + sed -i 's/instagram-clone-\(.*\):[[:alnum:]]\+/instagram-clone-\1:${{ github.sha }}/g' ${{ matrix.microservice.manifest }} - ## git add . - ## git commit -m "🤖 Update container image tag for ${{ matrix.microservice.name }} to ${{ github.sha }}" - ## git push --set-upstream origin main + git add . + git commit -m "🤖 Update container image tag for ${{ matrix.microservice.name }} to ${{ github.sha }}" + git push --set-upstream origin main diff --git a/README.md b/README.md index 853ae1a..4757f3d 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # Instagram Clone +![Main Workflow](https://github.com/Archisman-Mridha/instagram-clone/actions/workflows/main.yaml/badge.svg) + Welcome to the `Instagram Clone` project, which aims to replicate the core functionalities of the popular social media platform, **Instagram**, while demonstrating : > How to build and deploy fault tolerant distributed systems. @@ -16,9 +18,9 @@ If you encounter any bugs, have feature requests, or just want to discuss about ## References - [Microservices Patterns](https://www.oreilly.com/library/view/microservices-patterns/9781617294549/) book by Chris Richardson -- [Jordan has no life](https://www.youtube.com/@jordanhasnolife5163)'s [Youtube video](https://www.youtube.com/watch?v=S2y9_XYOZsg&pp=ygUqam9yZGFuIGhhcyBubyBsaWZlIGluc3RhZ3JhbSBzeXN0ZW0gZGVzaWdu) on how to design a social media platform like Instagram +- [Jordan has no life](https://www.youtube.com/@jordanhasnolife5163)'s Youtube video on [how to design a social media platform like Instagram](https://www.youtube.com/watch?v=S2y9_XYOZsg&pp=ygUqam9yZGFuIGhhcyBubyBsaWZlIGluc3RhZ3JhbSBzeXN0ZW0gZGVzaWdu) - The [Rust Book](https://doc.rust-lang.org/book/) - [Crust of Rust](https://youtube.com/playlist?list=PLqbS7AVVErFiWDOAVrPt7aYmnuuOLYvOa&si=-Y5Byig03EhhX0pi) Youtube playlist by [Jon Gjengset](https://www.youtube.com/@jonhoo) - Youtube channels - [Mario Carrion](https://www.youtube.com/@MarioCarrion/playlists) | [Viktor Farcic](https://www.youtube.com/@DevOpsToolkit) -- [Vivek Singh](https://www.youtube.com/@viveksinghggits)'s [Youtube playlist](https://www.youtube.com/playlist?list=PLh4KH3LtJvRTtFWz1WGlyDa7cKjj2Sns0) on how to write a custom Kubernetes controller -- [Heiko's Blogs](https://heikoseeberger.de/tags/opentelemetry/) on how to instrument Rust codebase for Distrbuted Tracing +- [Vivek Singh](https://www.youtube.com/@viveksinghggits)'s Youtube playlist on [how to write a custom Kubernetes controller](https://www.youtube.com/playlist?list=PLh4KH3LtJvRTtFWz1WGlyDa7cKjj2Sns0) +- [Heiko's Blogs](https://heikoseeberger.de) on [how to instrument Rust codebase for Distrbuted Tracing](https://heikoseeberger.de/tags/opentelemetry/) diff --git a/compose.yaml b/compose.yaml index 14f287d..a0b923b 100644 --- a/compose.yaml +++ b/compose.yaml @@ -1,7 +1,6 @@ -version: '3' +version: "3" services: - postgres: container_name: postgres image: postgres:alpine @@ -13,9 +12,28 @@ services: ports: - 5432:5432 ## 'wal_level = logical' is the highest level of WAL logging. - command: ["postgres", "-c", "wal_level=logical", "-c", "max_replication_slots=4", "-c", "max_wal_senders=4"] + command: + [ + "postgres", + "-c", + "wal_level=logical", + "-c", + "max_replication_slots=4", + "-c", + "max_wal_senders=4", + ] healthcheck: - test: ["CMD", "psql", "-U", "default", "-d", "instagram_clone", "-c", "SELECT 1"] + test: + [ + "CMD", + "psql", + "-U", + "default", + "-d", + "instagram_clone", + "-c", + "SELECT 1", + ] interval: 10s timeout: 5s retries: 5 @@ -25,7 +43,14 @@ services: image: migrate/migrate:latest volumes: - ./backend/sql/schema.sql:/migrations/000001_init.up.sql:ro - command: ["-path", "/migrations", "-database", "postgres://default:pass@postgres:5432/instagram_clone?sslmode=disable", "up"] + command: + [ + "-path", + "/migrations", + "-database", + "postgres://default:pass@postgres:5432/instagram_clone?sslmode=disable", + "up", + ] depends_on: postgres: condition: service_healthy @@ -65,7 +90,13 @@ services: - KAFKA_CFG_CONTROLLER_LISTENER_NAMES=CONTROLLER - KAFKA_CFG_INTER_BROKER_LISTENER_NAME=PLAINTEXT healthcheck: - test: ["CMD", "kafka-topics.sh", "--bootstrap-server=localhost:9092", "--list"] + test: + [ + "CMD", + "kafka-topics.sh", + "--bootstrap-server=localhost:9092", + "--list", + ] start_period: 15s interval: 10s @@ -73,7 +104,7 @@ services: container_name: kafka-migrate image: bitnami/kafka working_dir: /opt/bitnami/kafka/bin - entrypoint: [ "/bin/sh", "-c" ] + entrypoint: ["/bin/sh", "-c"] depends_on: kafka: condition: service_healthy @@ -133,7 +164,16 @@ services: VALUE_CONVERTER: org.apache.kafka.connect.json.JsonConverter ENABLE_DEBEZIUM_SCRIPTING: "true" healthcheck: - test: ["CMD", "curl", "--silent", "--fail", "-X", "GET", "http://localhost:8083/connectors"] + test: + [ + "CMD", + "curl", + "--silent", + "--fail", + "-X", + "GET", + "http://localhost:8083/connectors", + ] start_period: 10s interval: 10s timeout: 5s @@ -231,28 +271,28 @@ services: depends_on: - elasticsearch - ## prometheus: - ## container_name: prometheus - ## image: prom/prometheus - ## ports: - ## - 9090:9090 - ## volumes: - ## - ./prometheus.dev-config.yaml:/etc/prometheus/prometheus.yml:ro + prometheus: + container_name: prometheus + image: prom/prometheus + ports: + - 9090:9090 + volumes: + - ./prometheus.dev-config.yaml:/etc/prometheus/prometheus.yml:ro - ## autometrics: - ## container_name: autometrics - ## image: autometrics/am-proxy - ## environment: - ## - PROMETHEUS_URL=http://prometheus:9090 - ## ports: - ## - 6789:6789 + autometrics: + container_name: autometrics + image: autometrics/am-proxy + environment: + - PROMETHEUS_URL=http://prometheus:9090 + ports: + - 6789:6789 jaeger: container_name: jaeger image: jaegertracing/all-in-one:latest hostname: jaeger ports: - - 4317:4317 ## gRPC endpoint + - 4317:4317 ## gRPC endpoint - 16686:16686 ## UI dashboard endpoint environment: - COLLECTOR_OTLP_ENABLED=true @@ -461,4 +501,4 @@ services: driver: fluentd options: fluentd-address: localhost:24224 - tag: gateway \ No newline at end of file + tag: gateway diff --git a/kubernetes/base/application-controller/deployment.yaml b/kubernetes/base/application-controller/deployment.yaml index 87414a8..e211e28 100644 --- a/kubernetes/base/application-controller/deployment.yaml +++ b/kubernetes/base/application-controller/deployment.yaml @@ -16,7 +16,7 @@ spec: serviceAccountName: application-controller containers: - name: application-controller - image: ghcr.io/archisman-mridha/instagram-clone-application-controller:78cd2ead9ce9828ab6ec1265192df427eca05e90 + image: ghcr.io/archisman-mridha/instagram-clone-application-controller:9574f877a5a231dbab94fa621fac97734ad5227e resources: requests: memory: 128Mi diff --git a/kubernetes/base/microservices/feeds-microservice.application.yaml b/kubernetes/base/microservices/feeds-microservice.application.yaml new file mode 100644 index 0000000..89cbb05 --- /dev/null +++ b/kubernetes/base/microservices/feeds-microservice.application.yaml @@ -0,0 +1,16 @@ +apiVersion: instagramclone.io/v1alpha1 +kind: Application +metadata: + name: feeds-microservice + namespace: microservices + +spec: + image: ghcr.io/archisman-mridha/instagram-clone-feeds-microservice:9574f877a5a231dbab94fa621fac97734ad5227e + replicas: + min: 2 + max: 3 + resources: + cpu: 100m + memory: 100Mi + secretName: feeds-microservice + port: 4000 \ No newline at end of file diff --git a/kubernetes/base/microservices/followships-microservice.application.yaml b/kubernetes/base/microservices/followships-microservice.application.yaml new file mode 100644 index 0000000..39d4242 --- /dev/null +++ b/kubernetes/base/microservices/followships-microservice.application.yaml @@ -0,0 +1,16 @@ +apiVersion: instagramclone.io/v1alpha1 +kind: Application +metadata: + name: followships-microservice + namespace: microservices + +spec: + image: ghcr.io/archisman-mridha/instagram-clone-followships-microservice:9574f877a5a231dbab94fa621fac97734ad5227e + replicas: + min: 2 + max: 3 + resources: + cpu: 100m + memory: 100Mi + secretName: followships-microservice + port: 4000 \ No newline at end of file diff --git a/kubernetes/base/microservices/gateway.application.yaml b/kubernetes/base/microservices/gateway.application.yaml new file mode 100644 index 0000000..18b8d1a --- /dev/null +++ b/kubernetes/base/microservices/gateway.application.yaml @@ -0,0 +1,16 @@ +apiVersion: instagramclone.io/v1alpha1 +kind: Application +metadata: + name: gateway + namespace: microservices + +spec: + image: ghcr.io/archisman-mridha/instagram-clone-gateway:9574f877a5a231dbab94fa621fac97734ad5227e + replicas: + min: 2 + max: 3 + resources: + cpu: 100m + memory: 100Mi + secretName: gateway + port: 4000 \ No newline at end of file diff --git a/kubernetes/base/microservices/posts-microservice.application.yaml b/kubernetes/base/microservices/posts-microservice.application.yaml new file mode 100644 index 0000000..0a8105a --- /dev/null +++ b/kubernetes/base/microservices/posts-microservice.application.yaml @@ -0,0 +1,16 @@ +apiVersion: instagramclone.io/v1alpha1 +kind: Application +metadata: + name: posts-microservice + namespace: microservices + +spec: + image: ghcr.io/archisman-mridha/instagram-clone-posts-microservice:e9d1accbc629521bfa484a252a1f563dfff831de + replicas: + min: 2 + max: 3 + resources: + cpu: 100m + memory: 100Mi + secretName: posts-microservice + port: 4000 \ No newline at end of file diff --git a/kubernetes/base/microservices/profiles-microservice.application.yaml b/kubernetes/base/microservices/profiles-microservice.application.yaml new file mode 100644 index 0000000..9411692 --- /dev/null +++ b/kubernetes/base/microservices/profiles-microservice.application.yaml @@ -0,0 +1,16 @@ +apiVersion: instagramclone.io/v1alpha1 +kind: Application +metadata: + name: profiles-microservice + namespace: microservices + +spec: + image: ghcr.io/archisman-mridha/instagram-clone-profiles-microservice:9574f877a5a231dbab94fa621fac97734ad5227e + replicas: + min: 2 + max: 3 + resources: + cpu: 100m + memory: 100Mi + secretName: profiles-microservice + port: 4000 \ No newline at end of file diff --git a/kubernetes/base/microservices/users-microservice.application.yaml b/kubernetes/base/microservices/users-microservice.application.yaml new file mode 100644 index 0000000..9b5334a --- /dev/null +++ b/kubernetes/base/microservices/users-microservice.application.yaml @@ -0,0 +1,16 @@ +apiVersion: instagramclone.io/v1alpha1 +kind: Application +metadata: + name: users-microservice + namespace: microservices + +spec: + image: ghcr.io/archisman-mridha/instagram-clone-users-microservice:9574f877a5a231dbab94fa621fac97734ad5227e + replicas: + min: 2 + max: 3 + resources: + cpu: 100m + memory: 100Mi + secretName: users-microservice + port: 4000 \ No newline at end of file diff --git a/kubernetes/operators/application/sample.application.yaml b/kubernetes/operators/application/sample.application.yaml index b631ec9..e82997f 100644 --- a/kubernetes/operators/application/sample.application.yaml +++ b/kubernetes/operators/application/sample.application.yaml @@ -5,7 +5,7 @@ metadata: namespace: microservices spec: - image: archismanmridha/instagram-clone-users-microservice:0.0.1-alpha + image: ghcr.io/archisman-mridha/instagram-clone-users-microservice:e9d1accbc629521bfa484a252a1f563dfff831de replicas: min: 2 max: 3 diff --git a/outputs/trivy/application-controller.container-image-scan-result.sarif b/outputs/trivy/application-controller.container-image-scan-result.sarif new file mode 100644 index 0000000..2f95f64 --- /dev/null +++ b/outputs/trivy/application-controller.container-image-scan-result.sarif @@ -0,0 +1,33 @@ +{ + "version": "2.1.0", + "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", + "runs": [ + { + "tool": { + "driver": { + "fullName": "Trivy Vulnerability Scanner", + "informationUri": "https://github.com/aquasecurity/trivy", + "name": "Trivy", + "rules": [], + "version": "0.48.1" + } + }, + "results": [], + "columnKind": "utf16CodeUnits", + "originalUriBaseIds": { + "ROOTPATH": { + "uri": "file:///" + } + }, + "properties": { + "imageName": "ghcr.io/archisman-mridha/instagram-clone-application-controller:9574f877a5a231dbab94fa621fac97734ad5227e", + "repoDigests": [ + "ghcr.io/archisman-mridha/instagram-clone-application-controller@sha256:c3320ad65fe0f69d18a55c719ecfaecd0ae497e300254f3cefdf18bf19fc99da" + ], + "repoTags": [ + "ghcr.io/archisman-mridha/instagram-clone-application-controller:9574f877a5a231dbab94fa621fac97734ad5227e" + ] + } + } + ] +} \ No newline at end of file diff --git a/outputs/trivy/feeds-microservice.container-image-scan-result.sarif b/outputs/trivy/feeds-microservice.container-image-scan-result.sarif new file mode 100644 index 0000000..0066fac --- /dev/null +++ b/outputs/trivy/feeds-microservice.container-image-scan-result.sarif @@ -0,0 +1,33 @@ +{ + "version": "2.1.0", + "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", + "runs": [ + { + "tool": { + "driver": { + "fullName": "Trivy Vulnerability Scanner", + "informationUri": "https://github.com/aquasecurity/trivy", + "name": "Trivy", + "rules": [], + "version": "0.48.1" + } + }, + "results": [], + "columnKind": "utf16CodeUnits", + "originalUriBaseIds": { + "ROOTPATH": { + "uri": "file:///" + } + }, + "properties": { + "imageName": "ghcr.io/archisman-mridha/instagram-clone-feeds-microservice:9574f877a5a231dbab94fa621fac97734ad5227e", + "repoDigests": [ + "ghcr.io/archisman-mridha/instagram-clone-feeds-microservice@sha256:6536d33c1eb4e713191f50ef84ba33de7b3916bc2545ca4b6a89b222546ddb02" + ], + "repoTags": [ + "ghcr.io/archisman-mridha/instagram-clone-feeds-microservice:9574f877a5a231dbab94fa621fac97734ad5227e" + ] + } + } + ] +} \ No newline at end of file diff --git a/outputs/trivy/followships-microservice.container-image-scan-result.sarif b/outputs/trivy/followships-microservice.container-image-scan-result.sarif new file mode 100644 index 0000000..c2ecbbc --- /dev/null +++ b/outputs/trivy/followships-microservice.container-image-scan-result.sarif @@ -0,0 +1,33 @@ +{ + "version": "2.1.0", + "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", + "runs": [ + { + "tool": { + "driver": { + "fullName": "Trivy Vulnerability Scanner", + "informationUri": "https://github.com/aquasecurity/trivy", + "name": "Trivy", + "rules": [], + "version": "0.48.1" + } + }, + "results": [], + "columnKind": "utf16CodeUnits", + "originalUriBaseIds": { + "ROOTPATH": { + "uri": "file:///" + } + }, + "properties": { + "imageName": "ghcr.io/archisman-mridha/instagram-clone-followships-microservice:9574f877a5a231dbab94fa621fac97734ad5227e", + "repoDigests": [ + "ghcr.io/archisman-mridha/instagram-clone-followships-microservice@sha256:7c781847d543a2117109e8529b1a45de3b26741e4398e3a9602a83e3b073ddcc" + ], + "repoTags": [ + "ghcr.io/archisman-mridha/instagram-clone-followships-microservice:9574f877a5a231dbab94fa621fac97734ad5227e" + ] + } + } + ] +} \ No newline at end of file diff --git a/outputs/trivy/gateway.container-image-scan-result.sarif b/outputs/trivy/gateway.container-image-scan-result.sarif new file mode 100644 index 0000000..7ca5aaa --- /dev/null +++ b/outputs/trivy/gateway.container-image-scan-result.sarif @@ -0,0 +1,33 @@ +{ + "version": "2.1.0", + "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", + "runs": [ + { + "tool": { + "driver": { + "fullName": "Trivy Vulnerability Scanner", + "informationUri": "https://github.com/aquasecurity/trivy", + "name": "Trivy", + "rules": [], + "version": "0.48.1" + } + }, + "results": [], + "columnKind": "utf16CodeUnits", + "originalUriBaseIds": { + "ROOTPATH": { + "uri": "file:///" + } + }, + "properties": { + "imageName": "ghcr.io/archisman-mridha/instagram-clone-gateway:9574f877a5a231dbab94fa621fac97734ad5227e", + "repoDigests": [ + "ghcr.io/archisman-mridha/instagram-clone-gateway@sha256:2124084a45c568410415a3242696af1ed70a145253a5dffd39113e4ac5469a6a" + ], + "repoTags": [ + "ghcr.io/archisman-mridha/instagram-clone-gateway:9574f877a5a231dbab94fa621fac97734ad5227e" + ] + } + } + ] +} \ No newline at end of file diff --git a/outputs/trivy/profiles-microservice.container-image-scan-result.sarif b/outputs/trivy/profiles-microservice.container-image-scan-result.sarif new file mode 100644 index 0000000..dbeb5f3 --- /dev/null +++ b/outputs/trivy/profiles-microservice.container-image-scan-result.sarif @@ -0,0 +1,33 @@ +{ + "version": "2.1.0", + "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", + "runs": [ + { + "tool": { + "driver": { + "fullName": "Trivy Vulnerability Scanner", + "informationUri": "https://github.com/aquasecurity/trivy", + "name": "Trivy", + "rules": [], + "version": "0.48.1" + } + }, + "results": [], + "columnKind": "utf16CodeUnits", + "originalUriBaseIds": { + "ROOTPATH": { + "uri": "file:///" + } + }, + "properties": { + "imageName": "ghcr.io/archisman-mridha/instagram-clone-profiles-microservice:9574f877a5a231dbab94fa621fac97734ad5227e", + "repoDigests": [ + "ghcr.io/archisman-mridha/instagram-clone-profiles-microservice@sha256:efe839615de92471dd8d5c02b53cbaf4e6a07e36679c7c9bada5b7d4b2923664" + ], + "repoTags": [ + "ghcr.io/archisman-mridha/instagram-clone-profiles-microservice:9574f877a5a231dbab94fa621fac97734ad5227e" + ] + } + } + ] +} \ No newline at end of file diff --git a/outputs/trivy/users-microservice.container-image-scan-result.sarif b/outputs/trivy/users-microservice.container-image-scan-result.sarif new file mode 100644 index 0000000..6009067 --- /dev/null +++ b/outputs/trivy/users-microservice.container-image-scan-result.sarif @@ -0,0 +1,33 @@ +{ + "version": "2.1.0", + "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", + "runs": [ + { + "tool": { + "driver": { + "fullName": "Trivy Vulnerability Scanner", + "informationUri": "https://github.com/aquasecurity/trivy", + "name": "Trivy", + "rules": [], + "version": "0.48.1" + } + }, + "results": [], + "columnKind": "utf16CodeUnits", + "originalUriBaseIds": { + "ROOTPATH": { + "uri": "file:///" + } + }, + "properties": { + "imageName": "ghcr.io/archisman-mridha/instagram-clone-users-microservice:9574f877a5a231dbab94fa621fac97734ad5227e", + "repoDigests": [ + "ghcr.io/archisman-mridha/instagram-clone-users-microservice@sha256:9b3c46d69a831d365ccc982afe09aa7815d6f94696c1e562911a2562818770dc" + ], + "repoTags": [ + "ghcr.io/archisman-mridha/instagram-clone-users-microservice:9574f877a5a231dbab94fa621fac97734ad5227e" + ] + } + } + ] +} \ No newline at end of file