Code Insurance

Screenshots

Problem Statement

The main aim of the project is to demonstrate the creation of proof of code deployment.As open source and constant code changes are reality of software development. Software deployed in production environments use many open source projects. These projects can introduce security vulnerabilities which can affect companies extensively.Most companies have insurance w.r.t security, but it is difficult to prove that as a company you have not introduced bugs.Thus the project demonstrates creating proof of deployment using Witness for Docker Compose.

Solution

The technology used is nodejs to create the demo that using command line options deploys a provided docker-compose file.It also allows end customers to supply a environment file as wellThe project uses https://witness.co/ to create proofs.The Witness Client is applied to create hash of the contents of both the docker-compose & environment file. These hashes are then posted to the chain & logged to the screen.You can run the client to verify the deployment as well by providing both the hashes.