In this section, we will compromise a container by gaining 'exec' access and generate violation alerts on CBC Cloud Console.
49. Compromising a Container
Apply the compromised container yaml file:
kubectl apply -f https://raw.githubusercontent.com/octarinesec/security-demo/master/compromised-container/installation.yaml
50. Create Local Proxy
Create a local proxy to reach the exposed dashboard service:
kubectl port-forward -n myapp service/dashboard 8080:8080
51. Launch myapp UI
Visit the dashboard by opening http://localhost:8080 on your browser from within the VMware Tanzu Horizon Desktop
52. List myapp Pod
Hit Ctrl + C twice to exit out of the running proxy.
List the myapp pod. Copy the App name (Highlighted in screenshot below) by using Right Click or Ctrl + C
kubectl get pods -n myapp
53. Access myapp Container
Replace <dashboard-name> in the below command with the App name copied in previous step
kubectl exec -it <dashboard-name> -n myapp -c dashboard -- bash