FennECR

Summary
Key Features
Setup for docker image version
Setup for source version
Meet the team

Summary

FennECR tracks and organizes vulnerability scans performed by AWS ECR, and provides a user-friendly interface to manage and respond to security findings effectively.

Key Features of FennECR

a. Centralized Dashboard:

A basic yet powerful dashboard that displays scan results in a unified view, as depicted in this demo. Detailed insights into the security status and vulnerability details of your container images, as shown in this demo. Easily toggle scan-on-push settings for your repositories directly from our interface, enhancing your workflow as demonstrated in this demo.

b. Local Environment Variable Integration

Secure Credential Management: Your credentials remain under your control. Security is our utmost priority, your local environment variables are managed with the highest level of security on your local environment.

c. Multi-Access Key Support

Are you managing multiple AWS accounts? FennECR seamlessly supports multi access keys, allowing you to track and manage vulnerabilities across various accounts with ease, as demonstrated in this demo.

d. Historical scan results secured in DynamoDB

Need to review past scan results? FennECR securely stores historical data in DynamoDB, making accessing and analyzing previous scan outcomes easy.

e. Dark Mode

Enjoy the flexibility of dark mode, designed to reduce eye strain and provide a visually pleasing interface for users who prefer a darker theme, as illustrated in this demo.

Setup

Docker Container

Install docker
Create a folder for the app mkdir FennECR
Go to the folder you just created cd FennECR
Create Docker compose file(run touch docker-compose.yml and paste in the below template or download here and put in the same folder)

docker-compose.yml template

version: '3.8'

services:
  client:
    image: fennecr/insightecr-client
    ports:
      - '80:80'
    depends_on:
      - server
    env_file:
      - .env
    networks:
      - insightecr-network

  server:
    image: fennecr/insightecr-server
    ports:
      - '3000:3000'
    container_name: insightecr-server-1
    depends_on:
      - dynamodb
    env_file:
      - .env
    networks:
      - insightecr-network

  dynamodb:
    image: amazon/dynamodb-local
    container_name: dynamodb
    ports:
      - '8000:8000'
    volumes:
      - dynamodbdata:/data
    env_file:
      - .env
    networks:
      - insightecr-network

volumes:
  dynamodbdata:

networks:
  insightecr-network:
    driver: bridge

Setup environment variables

5.1 Create a .env file in the same folder using below template

# AWS Credentials for Development Environment
AWS_REGION_DEV="your_aws_region"
AWS_ACCESS_KEY_ID_DEV="your_iam_access_key_id"
AWS_SECRET_ACCESS_KEY_DEV="your_iam_secret_access_key"

# AWS Credentials for Production Environment(e.g., for other aws roles or accounts, you can replace DEV or PROD with other string)
AWS_REGION_PROD="your_aws_region"
AWS_ACCESS_KEY_ID_PROD="your_iam_access_key_id"
AWS_SECRET_ACCESS_KEY_PROD="your_iam_secret_access_key"

# DynamoDB Configuration
DYNAMODB_TABLE_NAME="ImagesTable"
SCAN_RESULT_TABLE="SingleScanResult"
DYNAMODB_ACCESS_KEY_ID="local"
DYNAMODB_SECRET_ACCESS_KEY="local"

# Use "http://localhost:8000" when running on localhost
# Use "http://dynamodb:8000" when running the docker version
DYNAMODB_ENDPOINT="http://dynamodb:8000"

5.2 Replace "your_aws_region", "your_iam_access_key_id", "your_iam_secret_access_key" with your own credentials

Run docker-compose up
Browse to http://localhost

From Sources

Install Node.js
Run git clone https://github.com/oslabs-beta/FennECR.git (or clone your own fork of the repository)
Go into the cloned folder with cd FennECR
Run npm install to install dependencies in the root folder
Run cd server && npm install && cd .. to install server side dependencies
Run cd client/insightecr && npm install && cd ../.. to install client side dependencies
Setup DynamoDB local
Run npm install to install dependencies in the root folder
Run cd server && npm install && cd .. to install server side dependencies
Run cd client/insightecr && npm install && cd ../.. to install client side dependencies
Setup DynamoDB local

11.1 Install docker
11.2 Pull the DynamoDB docker image from docker Hub docker pull amazon/dynamodb-local
11.3 Run the image docker run -p 8000:8000 amazon/dynamodb-local and keep the terminal open

Setup environment variables

12.1 Create a .env file in the root of server folder using below template

# AWS Credentials for Development Environment
AWS_REGION_DEV="your_aws_region"
AWS_ACCESS_KEY_ID_DEV="your_iam_access_key_id"
AWS_SECRET_ACCESS_KEY_DEV="your_iam_secret_access_key"

# AWS Credentials for Production Environment(e.g., for other aws roles or accounts, you can replace DEV or PROD with other string)
AWS_REGION_PROD="your_aws_region"
AWS_ACCESS_KEY_ID_PROD="your_iam_access_key_id"
AWS_SECRET_ACCESS_KEY_PROD="your_iam_secret_access_key"

# DynamoDB Configuration
DYNAMODB_TABLE_NAME="ImagesTable"
SCAN_RESULT_TABLE="SingleScanResult"
DYNAMODB_ACCESS_KEY_ID="local"
DYNAMODB_SECRET_ACCESS_KEY="local"

# Use "http://localhost:8000" when running on localhost
# Use "http://dynamodb:8000" when running the docker version
DYNAMODB_ENDPOINT="http://localhost:8000"

12.2 Replace "your_aws_region", "your_iam_access_key_id", "your_iam_secret_access_key" with your own credentials

Run npm start
Browse to http://localhost

The FennECR Team

Developed By
Cyane Li
Jing Xia
Ricardo De los Reyes
Richard Araujo
Peter Gao

oslabs-beta / FennECR