forked from Netflix/security_monkey
-
Notifications
You must be signed in to change notification settings - Fork 3
/
contributing.rst
193 lines (123 loc) · 6.19 KB
/
contributing.rst
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
************
Contributing
************
Contributions to Security Monkey are welcome! Here are some tips to get you started
hacking on Security Monkey and contributing back your patches.
Development Setup OS X
======================
<<<<<<< HEAD
Install Brew (http://brew.sh)
Requirement - Xcode Command Line Tools (Popup - Just click Install)::
ruby -e "$(curl -fsSL https://raw.github.com/Homebrew/homebrew/go/install)"
Install Pip
A tool for installing and managing Python packages::
sudo easy_install pip
Virtualenv
A tool to create isolated Python environments::
sudo pip install virtualenv
VirtualenvWrapper
virtualenvwrapper is a set of extensions to Ian Bicking’s virtualenv tool. The extensions include wrappers for creating and deleting virtual environments and otherwise managing your development workflow, making it easier to work on more than one project at a time without introducing conflicts in their dependencies.::
sudo pip install virtualenvwrapper
Configure VirtualEnvWrapper
Configure VirtualEnvWrapper so it knows where to store the virtualenvs and where the virtualenvwerapper script is located.::
cd ~
mkdir virtual_envs
vi ~/.bash_profile
Add these two lines to your ~/.bash_profile::
export WORKON_HOME="$HOME/virtual_envs/"
source "/usr/local/bin/virtualenvwrapper.sh"
You'll need to open a new terminal (or run ``source ~/.bash_profile``) before you can create the virtualenv::
mkvirtualenv security_monkey
workon security_monkey
Clone
Clone the security monkey code repository.::
git clone https://github.com/Netflix/security_monkey.git
cd security_monkey
SECURITY_MONKEY_SETTINGS
Set the environment variable in your current session that tells Flask where the configuration file is located.::
export SECURITY_MONKEY_SETTINGS=`pwd`/env-config/config-local.py
Note - I like to append this to the virtualenv activate script::
vi $HOME/virtual_envs/security_monkey/bin/activate
export SECURITY_MONKEY_SETTINGS=$HOME/security_monkey/env-config/config-local.py
Postgres
Install Postgres. Create a database for security monkey and add a role. Set the timezone to GMT.::
brew install postgresql
Start the DB in a new shell::
postgres -D /usr/local/var/postgres
Create the database and users and set the timezone.::
psql -d postgres -h localhost
CREATE DATABASE "securitymonkeydb";
CREATE ROLE "securitymonkeyuser" LOGIN PASSWORD 'securitymonkeypass';
CREATE SCHEMA securitymonkeydb
GRANT Usage, Create ON SCHEMA "securitymonkeydb" TO "securitymonkeyuser";
set timezone to 'GMT';
select now();
Exit the Postgres CLI tool::
CTRL-D
Install Pip Requirements
Pip will install all the dependencies into the current virtualenv.::
pip install -r requirements.txt
Init DB
Run Alembic/FlaskMigrate to create all the database tables.::
python manage.py db upgrade
Start the API
This starts the REST API that the Angular application will communicate with.::
python manage.py runserver
Install Dart
Download the Dartlang and Editor from ( http://www.dartlang.org/ )
Compile the web-app Dart code
$ pushd ~/security_monkey/dart
$ /Applications/dart/dart-sdk/bin/pub build
$ mkdir security_monkey/static
$ cp -R dart/build/web/* security_monkey/static/
Launch Dart Editor
Edit dart/lib/util/constants.dart and set API_HOST to this value::
final String API_HOST = 'http://127.0.0.1:5000/api/1';
In the Dart Editor, right click on dart/web/ui.html and select "Run in Dartium" from the dropdown menu.
Register a user
Chromium/Dartium will launch and will redirect to the login page. Select the Register link ( http://127.0.0.1/register ) to create an account.
Setup an account
After you have registered an account, proceed to login ( http://127.0.0.1/login ). Once logged in, click on Settings and on the *+* to add a new account.
Obtaining instance credentials
You'll need to obtain AWS credentials to execute the watchers. See the boto documentation for more information.
http://boto.readthedocs.org/en/latest/boto_config_tut.html
Manually Run the Watchers
Run the watchers to put some data in the database.::
cd ~/security_monkey/
python manage.py run_change_reporter all
You can also run an individual watcher::
python manage.py find_changes -a all -m all
python manage.py find_changes -a all -m iamrole
python manage.py find_changes -a "My Test Account" -m iamgroup
You can run the auditors against the items currently in the database::
python manage.py audit_changes -a all -m redshift --send_report=False
=======
Please review the `Mac OS X Development Setup Instructions <dev_setup_osx.rst>`_ to set up your Mac for Security Monkey development.
>>>>>>> 89266a33712d96df1375ee1e7252d8bdc502b1f8
Development Setup Ubuntu
========================
Please review the `Ubuntu Development Setup Instructions <dev_setup_ubuntu.rst>`_ to set up your Ubuntu installation for Security Monkey Development.
Development Setup Windows
========================
Download VirtualBox, install Ubuntu, and then review the `Ubuntu Development Setup Instructions <dev_setup_ubuntu.rst>`_ to set up your Ubuntu VM for Security Monkey Development.
Submitting changes
==================
- Code should be accompanied by tests and documentation. Maintain our excellent
test coverage.
- Follow the existing code style, especially make sure ``flake8`` does not
complain about anything.
- Write good commit messages. Here's three blog posts on how to do it right:
- `Writing Git commit messages
<http://365git.tumblr.com/post/3308646748/writing-git-commit-messages>`_
- `A Note About Git Commit Messages
<http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html>`_
- `On commit messages
<http://who-t.blogspot.ch/2009/12/on-commit-messages.html>`_
- One branch per feature or fix. Keep branches small and on topic.
- Send a pull request to the ``v1/develop`` branch. See the `GitHub pull
request docs <https://help.github.com/articles/using-pull-requests>`_ for
help.
Additional resources
====================
- `Issue tracker <https://github.com/netflix/security_monkey/issues>`_
- `GitHub documentation <https://help.github.com/>`_