Hello! My name is Timur Gilmullin, I work in the technology and development process department at Positive Technologies. Informally, our department is called the DevOps department, we are engaged in the automation of various processes and help developers and testers in our company.
, PT Application Inspector (PT AI) . , PT AI CI, . PT AI .
. , PT AI , CI-. DevOps- (DevSecOps). PT AI CI-: , , PT AI . , PT AI .
PT Application Inspector
DevOps- Positive Technologies
DevOps , . Positive Technologies 18 , DevOps- , . , .
, CI/CD- . CI/CD , DevOps- .
15 . — 500++ . , , . — PT Application Inspector, .
CI/CD- :
GitLab ( ), 9.5K ;
GitLab CI ( CI-), 2.7M ;
Artifactory ( ), 8.2Tb ;
, high, med low , . 40 , vSphere.
2014 CI-, CI-, .
" : Continuous Integration" (2016).
" : Positive Technologies DevOps" (2017).
" -" (2018).
" : " (2019).
PT Application Inspector DevSecOps-
PT Application Inspector — , . PT AI , (SAST, DAST IAST), .
PT AI - , , , , — .
: java, php, c#, vb, objective-c, c++, sql, swift, python, javascript, go, kotlin.
DevSecOps. DevSecOps CI/CD-. , , , CI/CD-.
PT Application Inspector . DevSecOps . , .
, PT AI :
. .
. PT AI , , , .
. 3rd-party .
. PT AI Security Gate .
DevOps — (- -, CPU, RAM, Disk). — . CI-, , .
. , :
;
;
;
Artifactory;
GUS;
FUS-;
.
: PT Application Inspector. DevOps-, PT AI — — "" CI- :
( Promoting);
( Publishing);
( Testing);
( Building, );
, ( Building, Artifactory).
. , . . , CI-.
DevOps-Tools ( , ), (job) GitLab CI, .
, DevOps . .
PT Application Inspector Enterprise Server
, , PT AI . AIE-:
CI- , ;
-, CI- , ;
, , .
, CI-, . , AIE - . , AIE Windows Server, Linux-.
, .
AIE ( Server.AIE.Agent) .
(source code) GitLab (DevOps.GitLab) (DevOps.BuildAgent) (workingDirectory), AIE Application Inspector Shell Agent AISA (AIE.LightweightClient). API AIE. AISA - (Docker.Windows/Linux.AISA-client), "" .
AIE- GitLab-, ("" source code AIE.Server), , AISA .
- AISA (DevOps.GitLab-CI), CI- DevOps-. docker registry Artifactory (Docker.Registry). .
- AISA.
:
, AIE, .
AIE , .
API: AISA AIE-.
( ) , , Codacy SonarQube. GitLab, Code Quality .
.
:
, . CI- . , , AIE- -.
, .
, AIE-.
.
PT AI , .
PT AI
, . AIE , AISA, "" .
CI- GitLab CI, .gitlab-ci.yml. CI-, , .
PT AI
, -, GitLab.
- .
build-on-server (bash batch), . CI-. build-on-server , , CI- CI-.
AISA, : AIE, , , , .
AISA- AIE . — .
, 5, , AISA AIE ( , hash ), . AIE GitLab- , . .
AIE- . : , , , -.
(exit code) . , . CI- : , , , . AIE- .
, - , .
, Artifactory.
Artifactory snapshot- , , .
PT AI CI
CI- , CI PT AI. : , AISA, AIE- CI-.
PT AI CI
, : Application Inspector Enterprise . , , , -. AISA, "" , . , AIE- -.
: AISA "" -, CI-. CI- AISA- — docker registry . , , AISA latest -.
, PT AI . CI- , , , PT AI .
PT Application Inspector CI- .
: , GitLab CI
PT Application Inspector Enterprise
PT Application Inspector Enterprise Server — Windows, . (workers), , CI- TeamCity, GitLab CI Jenkins. .
. - Application Inspector Viewer.
( ).
PT AI Enterprise Server |
Intel Core i7 3,2 |
8 |
|
200 |
|
10 / |
|
64- Windows Server 2012 R2 |
|
Windows PowerShell 5.0 |
|
PT AI Enterprise Agent |
Intel Core i7 3,2 |
8 |
|
10 / |
|
: Microsoft Edge, Mozilla Firefox 46 , Google Chrome 50 |
CI- AISA-
AISA, PT AI, 3rd-party — . , CI- , , . .
AISA - Linux Windows, AISA docker registry Artifactory. - AISA - . , 3.6.1.4931-7 , -, AISA 3.6.1.4931.
— - latest. , "" (promoting) snapshot- release- . , docker pull docker registry, AIE-. - , , "" .
AISA-
: AISA ( ).
|
|
? |
--project-name |
(), . AIE . : DevOpsSandbox |
, --project-settings-file |
--project-settings-file |
: Test.aiproj |
, --project-name |
--policies-path |
. : ./policy.json |
|
--scan-target |
. : source/folder |
|
--reports-folder |
, . : .ptai |
|
--reports |
, . : HTML, PDF, JSON, WAF : "HTML,JSON" |
|
--no-wait |
, |
|
--scan-off |
AIE , ( --project-settings-file) |
|
PT AI GitLab CI
AIE- , . CI-. GitLab CI.
GitLab CI (job) .gitlab-ci.yml. CI-. , , Linux Windows - AISA.
aisa-set-settings. .aiproj , AISA . , beforescript.
aisa . , AIE- , --project-name . , , --project-settings-file . AISA . .
, HTML JSON. , --no-wait, AISA . , - AIE-.
. git-. , , — aisa-set-settings. .
— . , .
— , , CI-. . .
. : , , , aisa-codequality - GitLab .
, , — " ". : include , , . GitLab.
PT AI , PT Application Inspector. CI- — " ".
PT AI CI- TeamCity . PT AI Linux Windows python- - AISA .
Open Source dohq-ai-best-practices
, CI dohq-ai-best-practices MIT-.
:
PT AI CI;
PT Application Inspector Enterprise;
dockerfile AISA- Windows Linux;
AISA:
job- GitLab CI,
TeamCity,
CLI AISA.
- DevOps-, PT Application Inspector , , , CI-. .
2020 CI-, DevSecOps PT Application Inspector. , PT AI ( 39:45).
: PT Application Inspector " ", , , Application Inspector Enterprise AISA. DevSecOps- AIE- AISA. , PT Application Inspector .
:
PT Application Inspector :ptsecurity.com/ru-ru/products/ai/
Positive Technologies:
PT Application Inspector:ptsecurity.com/ru-ru/research/webinar/pt-application-inspector-obzor-novoy-versii-i-roadmap/
PT Application Inspector CI-:ptsecurity.com/ru-ru/research/webinar/devsecops-vnedrenie-v-produktovyj-konvejer-i-ehkspluataciya-pt-application-inspector/
GitLab CI:github.com/devopshq/dohq-ai-best-practices
, PT Application Inspector . PT AI CI.
, "" AISA -, Application Inspector Enterprise AISA-. . - CI- , , . , , , PT AI CI- .
, . , , PT Application Inspector.
, , PT AI: