Integrates is the product responsible for Fluid Attacks' platform and its API.
Retrieves
, a Visual Studio Code extensionForces
, a Docker containerProduction
: The production environment used by end users.Ephemerals
: A testing environment for each developer accessible via the Internet.Local
: A testing environment developers can run on their machine. Instructions for this can be found here.Tasks
application that performs out-of-band processing for cloning client repositories.Cloudflare
.Production
environmentEphemeral
environmentsTasks
applicationCloudWatch
is used for storing production logs.CloudWatch
alerts are used to check the queue size of Tasks
. If the queue size goes beyond a given limit, email alerts are sent to developers.Production
and one for each Ephemeral
environment.Main
for storing all current information.Historic
for storing historical states of entities.client-repositories
stores source code repositories from clients.storage
stores blobs upload by users (evidences, example files, etc.).machine-executions
stores results of Skims executions and provided configuration files.DynamoDB
database is backed up using Backup
Vaults by Amazon Web Services (AWS) as promised in 1 and 2.Jobs
like ZTNA repository cloning and machine executions are performed by AWS Batch.Twilio
to send SMS OTPs.Mailchimp
to send email notifications to end users.ephemeral
or production
).app.fluidattacks.com
(Production
) or branch.app.fluidattacks.com
(Ephemeral
) are accessed.Please read the Contributing page first.
Follow the steps in the Development Environment section of our documentation.
When prompted for an AWS role, choose dev
, and when prompted for a Development Environment, pick integratesBack
.
Two approaches for deploying a local environment of Integrates are described below. Either of them will launch a replica of app.fluidattacks.com and app.fluidattacks.com/api
on localhost:8001
.
You can use mprocs for handling all components in a single terminal:
m . /integrates
.r
.x
.Run each of the following commands within the universe
repository in different terminals:
m . /integrates/back dev
m . /integrates/db
m . /integrates/front
m . /integrates/storage/dev
Each terminal will serve a key component of Integrates.
Go to https://localhost:3000
and accept the self-signed certificates offered by the server.
This will allow the back-end to fetch the files to render the UI.
Go to https://localhost:8001
and, again, accept the self-signed certificates offered by the server.
Now you should see the login portal of the application.
Once you upload your local changes to your remote branch in GitLab, a pipeline will begin and run some verifications on your branch.
Some of those verifications require a complete working environment to test against. This environment can be found at https://<branch_name>.app.fluidattacks.com
, and it will be available once the pipeline stage deploy-app
finishes.
In order to login to your ephemeral environment, SSO needs to be set up for it. You can write to help@fluidattacks.com with the URL of your environment so it can be configured.
/not-set
file (with root permissions):touch /not-set
chmod a+rw /not-set
Once this file has the required permissions, you can run deployment from your machine:
m . /integrates/back/deploy/dev
This requires you to have access to the Fluid Attacks organization on Google Cloud.
Access the Google Cloud Console.
Choose the project Integrates
.
On the left sidebar, choose APIs & Services > Credentials
.
On the Credentials dashboard, under OAuth 2.0 Client IDs
, choose the client ID not created by Google Services.
Finally, under Authorized redirect URIs
, add the URI of the ephemeral environment you want to enable SSO on, https://<branch_name>.app.fluidattacks.com/authz_google
.