Merge branch 'master' into issue-613-secret-gitignore-ssh

.eslintrc.js

@@ -6,13 +6,19 @@ module.exports = {
     commonjs: true,
     es2021: true
   },
-  extends: 'standard',
+  extends: [
+    'standard',
+    'plugin:chai-friendly/recommended'
+  ],
   overrides: [
   ],
   parserOptions: {
     ecmaVersion: 'latest'
   },
   rules: {
   },
-  plugins: ['cypress']
+  plugins: [
+    'cypress',
+    'chai-friendly'
+  ]
 }

.github/scripts/.bash_history

@@ -347,7 +347,7 @@ rm -rf jdk-18_linux-x64_bin.deb
 git rebase -i main
 git rebase -i master
 git stash
-export tempPassword="26IagEVOg3dsQ9AwAS5yU8gpit4iOIYOR8sUuOgYVpU="
+export tempPassword="ayZXl0wxDxF1lsDzNOq5brjLG7R20LxRidT5+98ZtdU="
 mvn run tempPassword
 k6
 npx k6

.github/workflows/link_checker.yml

@@ -18,7 +18,7 @@ jobs:
 
       - name: Link Checker
         id: lychee
-        uses: lycheeverse/[email protected].1
+        uses: lycheeverse/[email protected].3
         with:
           args: --exclude-all-private --exclude-path "src/main/resources/templates/about.html" --exclude-path ".lycheeignore" -r 2 './**/*.md' './**/*.html'
           fail: true

.github/workflows/minikube-vault-test.yml

@@ -21,7 +21,7 @@ jobs:
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       - uses: actions/checkout@v4
-      - uses: eLco/[email protected].2
+      - uses: eLco/[email protected].3
       - name: Start minikube
         uses: medyagh/setup-minikube@master
         with:
@@ -34,3 +34,28 @@ jobs:
       - name: test script
         run: |
           ./k8s-vault-minkube-start.sh && sleep 5 && curl http://localhost:8080/spoil/challenge-7 && minikube delete
+
+  cypress-tests:
+    name: Cypress Test for Challenges
+    runs-on: ubuntu-latest
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      - uses: actions/checkout@v4
+      - uses: eLco/[email protected]
+      - name: Start minikube
+        uses: medyagh/setup-minikube@master
+        with:
+          minikube-version: 1.31.2
+          driver: docker
+          kubernetes-version: v1.28.1
+      - name: Setup helm
+        uses: azure/[email protected]
+        id: install
+      - name: test script
+        run: |
+          ./k8s-vault-minkube-start.sh && sleep 5 && curl http://localhost:8080/spoil/challenge-7
+
+      - name: Run Tests
+        run: |
+          npm install cypress
+          npx cypress run --config-file src/test/K8s-tests/cypress.config.js && minikube delete

.github/workflows/pre-commit.yml

@@ -60,7 +60,7 @@ jobs:
           chmod +x tfsec
           mv tfsec /usr/local/bin/
       - name: Pre-commit checks
-        uses: pre-commit/[email protected].0
+        uses: pre-commit/[email protected].1
       - name: pre-commit-ci-lite
-        uses: pre-commit-ci/[email protected].1
+        uses: pre-commit-ci/[email protected].2
         if: always()

Dockerfile

@@ -1,7 +1,7 @@
-FROM amazoncorretto:21.0.1-alpine
+FROM amazoncorretto:21.0.2-alpine
 
 ARG argBasedPassword="default"
-ARG argBasedVersion="1.8.2"
+ARG argBasedVersion="1.8.3"
 ARG spring_profile=""
 ENV SPRING_PROFILES_ACTIVE=$spring_profile
 ENV ARG_BASED_PASSWORD=$argBasedPassword

Dockerfile.web

@@ -1,11 +1,11 @@
-FROM jeroenwillemsen/wrongsecrets:1.8.2-no-vault
-ARG argBasedVersion="1.8.2-no-vault"
+FROM jeroenwillemsen/wrongsecrets:1.8.3-no-vault
+ARG argBasedVersion="1.8.3-no-vault"
 ARG CANARY_URLS="http://canarytokens.com/terms/about/s7cfbdakys13246ewd8ivuvku/post.jsp,http://canarytokens.com/terms/about/y0all60b627gzp19ahqh7rl6j/post.jsp"
 ARG CTF_ENABLED=false
 ARG HINTS_ENABLED=true
 ARG CHALLENGE_ACHT_CTF_HOST_VALUE="not_set"
 ARG CHALLENGE_THIRTY_HOST_VALUE="not_set"
-ARG $CHALLENGE_RANDO_KEY_CTF_TO_PROVIDE_TO_HOST="not_set"
+ARG CHALLENGE_RANDO_KEY_CTF_TO_PROVIDE_TO_HOST="not_set"
 #ONLY OVERRIDE THE ARGS BELOW WHEN YOU ARE SETTING UP A CTF!
 ARG CTF_KEY=TRwzkRJnHOTckssAeyJbysWgP!Qc2T
 ARG CHALLENGE_5_VALUE=if_you_see_this_please_use_k8s

README.md

@@ -284,21 +284,21 @@ Contributors:
 - [Osama Magdy @osamamagdy](https://www.github.com/osamamagdy)
 - [Divyanshu Dev @Novice-expert](https://www.github.com/Novice-expert)
 - [Tibor Hercz @tiborhercz](https://www.github.com/tiborhercz)
+- [za @za](https://www.github.com/za)
 - [Chris Elbring Jr. @neatzsche](https://www.github.com/neatzsche)
 - [Diamond Rivero @diamant3](https://www.github.com/diamant3)
 - [Norbert Wolniak @nwolniak](https://www.github.com/nwolniak)
 - [Adarsh A @adarsh-a-tw](https://www.github.com/adarsh-a-tw)
 - [Filip Chyla @fchyla](https://www.github.com/fchyla)
-- [Turjo Chowdhury @turjoc120](https://www.github.com/turjoc120)
-- [Vineeth Jagadeesh @djvinnie](https://www.github.com/djvinnie)
 - [Dmitry Litosh @Dlitosh](https://www.github.com/Dlitosh)
+- [Vineeth Jagadeesh @djvinnie](https://www.github.com/djvinnie)
+- [Turjo Chowdhury @turjoc120](https://www.github.com/turjoc120)
 - [Josh Grossman @tghosth](https://www.github.com/tghosth)
 - [alphasec @alphasecio](https://www.github.com/alphasecio)
 - [CaduRoriz @CaduRoriz](https://www.github.com/CaduRoriz)
 - [Madhu Akula @madhuakula](https://www.github.com/madhuakula)
 - [Mike Woudenberg @mikewoudenberg](https://www.github.com/mikewoudenberg)
 - [Spyros @northdpole](https://www.github.com/northdpole)
-- [za @za](https://www.github.com/za)
 - [RubenAtBinx @RubenAtBinx](https://www.github.com/RubenAtBinx)
 - [Alex Bender @alex-bender](https://www.github.com/alex-bender)
 - [Nicolas Humblot @nhumblot](https://www.github.com/nhumblot)
@@ -322,6 +322,7 @@ Special thanks:
 - [Xiaolu Dai @saragluna](https://www.github.com/saragluna)
 - [Jonathan Giles @jonathanGiles](https://www.github.com/jonathanGiles)
 
+
 ### Sponsorships
 
 We would like to thank the following parties for helping us out:

aws/README.md

@@ -111,15 +111,15 @@ The documentation below is auto-generated to give insight on what's created via
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.1 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.31.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.34.0 |
 | <a name="requirement_http"></a> [http](#requirement\_http) | ~> 3.4.0 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | ~> 3.6.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.31.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.34.0 |
 | <a name="provider_http"></a> [http](#provider\_http) | 3.4.1 |
 | <a name="provider_random"></a> [random](#provider\_random) | 3.6.0 |
 
@@ -129,7 +129,7 @@ The documentation below is auto-generated to give insight on what's created via
 |------|--------|---------|
 | <a name="module_ebs_csi_irsa_role"></a> [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | ~> 5.5 |
 | <a name="module_eks"></a> [eks](#module\_eks) | terraform-aws-modules/eks/aws | 19.21.0 |
-| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 5.4.0 |
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 5.5.1 |
 
 ## Resources
 

aws/k8s/secret-challenge-vault-deployment.yml

@@ -41,7 +41,7 @@ spec:
             volumeAttributes:
               secretProviderClass: "wrongsecrets-aws-secretsmanager"
       containers:
-        - image: jeroenwillemsen/wrongsecrets:1.8.2-k8s-vault
+        - image: jeroenwillemsen/wrongsecrets:1.8.3-k8s-vault
           imagePullPolicy: IfNotPresent
           name: secret-challenge
           securityContext:

aws/main.tf

@@ -40,7 +40,7 @@ data "aws_availability_zones" "available" {}
 
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
-  version = "~> 5.4.0"
+  version = "~> 5.5.1"
 
   name                 = "${var.cluster_name}-vpc"
   cidr                 = local.vpc_cidr

aws/versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 5.31.0"
+      version = "~> 5.34.0"
     }
     random = {
       source  = "hashicorp/random"

azure/README.md

@@ -106,15 +106,15 @@ The documentation below is auto-generated to give insight on what's created via
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.1 |
-| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | ~> 3.85.0 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | ~> 3.89.0 |
 | <a name="requirement_http"></a> [http](#requirement\_http) | ~> 3.4.0 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | ~> 3.6.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | 3.85.0 |
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | 3.89.0 |
 | <a name="provider_http"></a> [http](#provider\_http) | 3.4.1 |
 | <a name="provider_random"></a> [random](#provider\_random) | 3.6.0 |
 

azure/k8s/secret-challenge-vault-deployment.yml.tpl

@@ -41,7 +41,7 @@ spec:
             volumeAttributes:
               secretProviderClass: "azure-wrongsecrets-vault"
       containers:
-        - image: jeroenwillemsen/wrongsecrets:1.8.2-k8s-vault
+        - image: jeroenwillemsen/wrongsecrets:1.8.3-k8s-vault
           imagePullPolicy: IfNotPresent
           name: secret-challenge
           securityContext:

azure/versions.tf

@@ -8,7 +8,7 @@ terraform {
     }
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "~> 3.85.0"
+      version = "~> 3.89.0"
     }
     http = {
       source  = "hashicorp/http"

fly.toml

@@ -8,7 +8,7 @@ app = "wrongsecrets"
 primary_region = "ams"
 
 [build]
-  image = "docker.io/jeroenwillemsen/wrongsecrets:1.8.2-no-vault"
+  image = "docker.io/jeroenwillemsen/wrongsecrets:1.8.3-no-vault"
 
 [env]
   K8S_ENV = "Fly(Docker)"