Quickstart
In this tutorial we will set up Dracon locally and run a pipeline to scan Golang repositories for vulnerabilities. Along the way we will encounter Kubernetes, Tekton and Dracon components.
Requirements
You will need to have the following tools installed in your system:
Installation
There are two main ways to run Dracon: Either you install the latest release, or you build it from the source. For both options you'll just need to run a single command.
Option 1: Install Latest Release
make install
Option 2: Build from Source
make dev-deploy
And that's it! Dracon is now up and running on your cluster and you can start using it.
Running a Pipeline
Now that Dracon is installed we can run a pipeline. Luckily, Dracon comes with a few example pipelines. Let's choose the Go pipeline: It takes a .git repository as an input, and then runs both Go Nancy for SCA and Gosec for SAST on the repository. You can deploy the pipeline as follows:
make cmd/draconctl/bin
bin/cmd/draconctl pipelines deploy ./examples/pipelines/golang-project
This deploys the pipeline to Dracon. You can see that the pipeline was created by taking a look at the Tekton dashboard. You can access the dashboard by running:
kubectl -n tekton-pipelines port-forward svc/tekton-dashboard 9097:9097
# Then open your browser at http://localhost:9097
You should see the pipeline in the dashboard:
Then you can run an instance of the pipeline as follows:
kubectl create \
-n dracon \
-f ./examples/pipelines/golang-project/pipelinerun.yaml
And that's it! You've just run your first pipeline with Dracon. 🎉
To see the pipeline running, head to PipelineRuns in the Tekton dashboard. You can also take a look at the Elastic Search dashboard that comes with Dracon to check out the vulnerabilities that Dracon found.
To learn more, check out these resources: