jordan-wright / ossmalware Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
Right now, this system runs on AWS which was fine for the initial experiment. As this project moves under the umbrella of the OpenSSF, we'll want to move it to GCP to better provide funding and support.
This involves both updating the service components to support GCP (ref #8), as well as updating our Terraform configs.
Right now EC2 instances are manually provisioned instead of using Terraform. This is from my inexperience with Terraform, but I'd like to take the time to change this.
I'm also ok if we hold off on this until we move to a workload based solution.
For some reason, hosts would occasionally have defunct sysdig processes laying around. And more generally I saw the occasional package processing weirdness result in a major stalling of the workers.
If we want this to be a long term solution, we should try to clean up the processing workflow as much as possible to fail gracefully.
Right now we need to maintain EC2 worker instances for processing which isn't ideal since weird errors that occur during processing can propagate to cause the entire host to stall.
Ideally, we would move to a workload based solution like Fargate so that each package is installed in a totally isolated environment. Most seem to support SYS_PTRACE
which is required for sysdig to work. It'll just be a matter of figuring out how to make it work.
Hey,
Any chance you could add a license to this repo? Many employers (including mine) only allow us to contribute to repos with an allowed license.
While we're still using persistent hosts (EC2 instances) as workers instead of something like Fargate, we should make the setup of workers easy.
Right now, users have to manually run setup.sh and start.sh. Ideally we could bootstrap both of these from the EC2 user data so new hosts are automatically setup and start running.
To handle continuous monitoring for PyPI, we should create a lambda that runs on an interval to request PyPI's RSS feed and process new packages by pushing them up to the queue (currently SQS).
how to run the project, are there more specific steps we can follow, thanks~
Right now the S3 and SQS names are hard coded. We should make these proper variables.
I'm not a terraform expert so I'm not sure what else we can do to make this more robust, so let me know if you have ideas!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.