Skip to content

Distributed certificate transparency log harvester

License

Notifications You must be signed in to change notification settings

cisagov/admiral

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

admiral 👩‍✈️🚢⚓️

GitHub Build Status CodeQL Coverage Status Known Vulnerabilities

This project implements a distributed certificate transparency log harvester.

Requirements

This project requires a Docker installation.

Installation and Execution

  • Build the docker image:
    • docker-compose build
  • Change the credentials in the following configuration files:
    • secrets/admiral.yml
    • secrets/redis.conf
    • docker-compose.yml
  • Start the composition:
    • docker-compose up
    • alternately it can be started in swarm mode: docker stack deploy admiral --compose-file docker-compose.yml
  • Monitor the system:
  • Optional: Run the code tests
    • docker-compose -f docker-compose-dev.yml run test

Development and Debugging

A separate docker-compose-dev.yml file is provided to support development and testing. Using this composition, a container can be started in a few different modes:

To start up an IPython session with a configured Celery app:

docker-compose -f docker-compose-dev.yml run celery-shell

To start up a development container with a bash shell:

docker-compose -f docker-compose-dev.yml run bash

To run all unit and system tests:

docker-compose -f docker-compose-dev.yml run test

Additional arguments can be passed to pytest when creating the container:

docker-compose -f docker-compose-dev.yml run test -vs tests/scan_test.py

To access a mongo shell:

docker-compose exec mongo mongo admin -u root -p

To get a shell in a stopped or crashed container:

docker run -it --rm --entrypoint=sh admiral

To protect against inadvertent commit of secrets to the repository:

git update-index --assume-unchanged secrets/*

Monitoring

The following web services are started for monitoring the underlying components:

Contributing

We welcome contributions! Please see CONTRIBUTING.md for details.

License

This project is in the worldwide public domain.

This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.

All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.