Skip to content

Forces

Forces is the product responsible for the client-side part of the DevSecOps agent. It uses the Integrates API to communicate with the back-end.

Contributing

Please read the contributing page first.

Internals

  1. Forces is written in Python, with the rich library providing colors, tables and formatting, an image is built from the code with makes which is then deployed to the Fluid Attacks DockerHub page.

Getting Started

  1. Configure your Development Environment.

  2. When prompted for an AWS role, choose dev, and when prompted for a Development Environment, pick integratesForces.

  3. Run this command within the universe repository:

    Terminal window
    m . /integrates/forces

    This will build and run the Forces CLI application, including the changes you’ve made to the source code. Most of the time you’ll be running Forces this way.

Linting and testing

To invoke the linter, run the following command with makes:

Terminal window
m . /lintPython/module/forces

To lint the tests use:

Terminal window
m . /lintPython/module/forcesTests

To run the tests, use:

Terminal window
m . /integrates/forces/test

Building the container locally

Most of the time you’ll be running Forces via makes. But in case you want to manually build and check the container, follow these steps:

  1. Build the container image (a tarball)

    Terminal window
    m . /integrates/forces/container
  2. Load the tarball into the local Docker repository

    Terminal window
    docker load < ~/.cache/makes/out-integrates-forces-container
  3. Run the container image

    Terminal window
    docker run --rm container-image:latest forces

Checking the output

Forces can be pointed to your local or ephemeral Integrates instances, to do this, you can set the API_ENDPOINT variable:

  • Local environment:

    Terminal window
    export API_ENDPOINT=http://localhost:8001/api
  • Ephemeral environment:

    Terminal window
    export API_ENDPOINT=http://<youruseratfluid>.app.fluidattacks.com/api

The output can be seen in the DevSecOps table of the group in the instance you pointed Forces to.