Robust Tjänst is a test tool for web sites with the intention of making the internet a better place.

We aim to establish a minimum level of requirements, a de facto standard, for all websites to be considered reliable. We will do this by creating a collection of tests written as docker images and a test runner with accompaning site for testing a site. We encourage everyone to be involved in this process and we have just started building the basic building blocks.

To make it easier to use we are also planning to create a live badge you can show off when you have reached the minimum level. The badge will keep track of changes so you and your visitors can be sure everything is still OK.

We are just getting started. These are some milestones that we think will be important.

• Basic site
• Scheduling tests running safely in Kubernetes
• Name of the project: Robust Tjänst
• Template for test runners
• Logotype and badge design
• Build an open source community
• Implement basic tests for minimum requirements
• Register and run tests in background <- we/you are here ❤️
• Launch 🎉
• Continue developing as open source
• Spread the word

We are looking for general feedback of the idea and input on minimum tests/requirements. We would love your help to produce tests. Look at the example tests to get started.

If you find any bugs or have ideas we are super happy for issues or even pull requests.

All code is released under the BSD 3-Clause License.

A good minimum level is what is an acceptable level of security. Passing should be easy, and failing should be bad.

When the minimum level for a site is not reached we want it to be very easy to understand:

1. Why it is bad in words that can be understood by those who are not experts.
2. What to do to fix it
3. Why it is a good idea to invest in fixing the problems
4. A carrot when they are fixed (the ❤️ badge)

We want to help people reach the minimum acceptable level by giving clear instructions.

We have designed the solution so that you can use the tests separately when you want to test your domain/website without leaking any information to anyone else. The isolation model with the tests run in a isolated namespace with limited access to both Internet and the rest of the environment. This way we can make sure we both secure your and our data and infrastructure.

The project consists of a web frontend and test-runner in node.js and tests which run as separate isolated containers in Kubernetes. Tests containers are instanced on demand for each test run and destroyed afterwards, and can use any language or tools.

The different parts communicate using BullMQ running on Redis. Results are stored in PostgreSQL.

For more information see the architecture documentation.

To run the project you will need Skaffold installed and Kubernetes cluster running somewhere. The cluster could be a local one such as Minikube, MicroK8s or Docker Desktop, a cloud environment such as GKE, EKS, AKS or some other cluster.

To deploy the solution you will need Skaffold and kubectl and make sure you are in the right Kubernetes context and run:

kubectl apply -f k8s/namespaces.yaml
kubectl create --namespace='dev' secret generic signed-cookie-keys --from-literal=SIGNED_COOKIE_KEYS=$(dd if=/dev/urandom bs=48 count=1 | base64)

skaffold run

Press tab to use tab completion to get the name of the pod.

If tab completion doesn't work use kubectl -n dev get pods and find the web- pod

kubectl exec -n dev web-[TAB] -- sh setup.sh

Now everything is running.

But if you don't have ingress controller set up (like when using Minikube) you must forward a port to reach the web service using

kubectl port-forward -n dev [NAME OF web- POD] 3000:3000

then you can reach the site at http://localhost:3000

See test README

If you have changed tests and want to push updated images to Dockerhub use skaffold

cd packages/tests
skaffold build

This assumes that you have the cluster running as described in How to run the code

nvm use
npm install -g yarn
yarn

All k8s commands should run in the dev namespace

kubectl port-forward postgresql-postgresql-0 5432
kubectl port-forward redis-master-0 6379

cp packages/web/.env.template packages/web/.env

Edit this new file and insert values from you get kubernetes (see below)

kubectl exec [NAME OF web- POD] -- 'sh' '-c' 'echo $DATABASE_URL'

Replace @postgresql with @localhost and put this value in the .env file after DATABASE_URL=

Do the same thing but for REDIS_URL, replacing @redis-master with @localhost

kubectl exec [NAME OF web- POD] -- 'sh' '-c' 'echo $REDIS_URL'

yarn css:build

cd packages/web
yarn dev

(c) Copyright 2021 Netnod AB - All code is released under the BSD 3-Clause License.