Bugshop is heavily WIP and still more of a PoC, but stay tuned for new updates (using new Argo Server directly instead of Events). :-)
- Working Kubernetes cluster (preferably on GKE due to IAP setup)
- Functional
kubectl
andargo
CLI communicating with your cluster. - 2 GitLab repositories (targets-data, targets-alerts) with a write deploy key.
- Install all manifests located in
manifests
folder.for f in manifests/*; do kubectl apply -f $f; done
If something is not working during the install, please refer to the official Argo installation guide located at https://argoproj.github.io/. - Create 3 GCS buckets and replace the template name with the name of your bucket.
perma
for the mirroring of wordlists from the Bugshop repositoryworkflowconfigs
for the mirroring of workflows from the Bugshop repositoryartifacts
for the artifacts from Argo Workflows
- Configure
artifacts
as the Argo storage according to the https://github.com/argoproj/argo/blob/master/ARTIFACT_REPO.md - Setup desired configs (amass / fingerprints.json)
- Setup k8 secrets
minio-secrets
with legacy GCS storage secretsgitlab-ssh
withssh-private-key
deploy key to GitLab repositoriesconfig
- Overwrite
http://argo-gateway.domain.com:12000/secret-webhook-endpoint
with your Argo HTTP gateway port and endpoint (specified inwebhook-event-source.yml
). - Add GCS secrets to GitLab CI according to the
.gitlab-ci.yml
- Add
GCS_ACCESS_KEY_ID
andGCS_SECRET_ACCESS_KEY
secrets to the Bugtab GitLab CI secrets. - Setup periodic schedules with the desired intervals
- Setup hourly schedule for the public programs
- Setup daily schedule (13:00) for the private hackerone invites.
- Expose service as a NodePort (
kubectl patch svc argo-ui -n argo -p '{"spec": {"type": "NodePort"}}
) ) - Delete LB and apply ingress.yaml resource
- Add
beta.cloud.google.com/backend-config: '{"default": "config-default"}'
to theargo-ui
Service. (kubectl edit svc argo-ui --namespace argo
)