Skip to content

jobayer12/repoScanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

51 Commits
.idea
.idea
 
 
.vscode
.vscode
 
 
auth-service
auth-service
 
 
email-service
email-service
 
 
scanner-service
scanner-service
 
 
.env.sample
.env.sample
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

RepoScanner

RepoScanner is a project composed of three microservices that work together to authenticate users, scan GitHub repositories, and send notifications based on scan results. This setup enables secure access control, automated scanning, and email notifications to streamline repository management and security analysis.

Table of Contents

Prerequisites

Before setting up the project, ensure the following are installed on your local machine:

  • Trivy: A vulnerability scanner for containers and other artifacts, required to perform security scans.
  • ZeroMQ: A high-performance messaging library, required for inter-service communication.

Microservices Overview

  1. Auth Service - Developed using NestJS, this service handles user authentication and provides JWT tokens for secure access to other services.
  2. Scan Service - Built with Golang, this service is responsible for scanning GitHub repositories using Trivy. It communicates with the Auth and Email services to perform secure scans and notify users of the results.
  3. Email Service - Another NestJS service, this service sends email notifications based on scan results, utilizing the results from the Scan Service.

Setup Instructions

1. Clone the Repository

To get started, clone the repoScanner repository to your local machine:

git clone https://github.com/jobayer12/repoScanner.git
cd repoScanner

2. Auth Service

The Auth Service handles user registration, login, and JWT authentication.

Steps to Set Up

  • Navigate to the auth-service directory:

    cd auth-service

  • Rename .env.sample to .env and configure the environment variables.

  • Install the dependencies:

    npm install

  • Start the Auth Service:

    npm run start

3. Scan Service

The Scan Service performs repository scans using Trivy and interacts with other services via ZeroMQ.

Steps to Set Up

  • Navigate to the scan-service directory:

    cd scan-service

  • Rename .env.sample to .env and configure any necessary environment variables.

  • Install any required Go dependencies:

    go mod download

  • Ensure Trivy and ZeroMQ are properly installed, as they are required to run this service.

  • Start the Scan Service:

    make run

4. Email Service

The Email Service handles email notifications, alerting users based on scan results.

Steps to Set Up

  • Navigate to the email-service directory:

    cd email-service

  • Rename .env.sample to .env and configure any necessary environment variables.

  • Install the dependencies:

    npm install

  • Start the Email Service:

    npm run start

Usage

  • Go to http://localhost:3000/api#/ to see the list of available Auth Service endpoints.

  • Use the pre-created user:

  • Log in to retrieve a JWT token, which can then be used to authorize requests to the services.

  • Perform a Scan: Send a scan request through the Scan Service using the JWT token from the Auth Service.

  • Receive Email Notification: Once a scan completes, the Email Service will automatically send a notification based on the results.

Contributing

Contributions are welcome! Please fork the repository and create a pull request for review.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages