Quick Start
This guide is intended to get you up and running with Codeburner as quickly as possible. It assumes a basic level of experience working with Docker containers.
The resulting image should be fully functional to test Codeburner in your environment. However, it uses public docker images with known rails keys and has not been secured in any way or tuned for optimal performance (for example by having the static content served by something like nginx). It should not be considered production ready in an enterprise environment.
That said if you'd like to make it ready yourself, the included Dockerfile and docker-compose.yml should get you most of the way there.
Docker#
You'll need Docker installed with the docker-compose command available.
See instructions to accomplish this for your specific OS here: https://docs.docker.com/compose/install/
Warning
A bug in older docker versions (1.9.1) on OSX can cause the build to hang installing ca-certificates-java. Upgrade to 1.10+ if you run into problems.
Download#
You can download the latest release of Codeburner here: https://github.com/groupon/codeburner/releases
The rest of this guide assumes you're inside the directory created by unpacking a release tarball or cloning the repository:
git clone https://github.com/groupon/codeburner
Build#
To build the container to run Codeburner and the scanning tools, you'll need to run the provided script:
sh ./docker-build.sh
Note
The Codeburner application and all the supported scanning tools have many dependencies. This build process can take quite a while.
Start Burning!#
Once the container image is built, you can start the Codeburner application and all the dependent containers with docker-compose:
docker-compose up
You can then bring up Codeburner in a web browser by pointing it at your docker IP on port 3000.
Note
If you're running docker under docker-machine, you can get the docker IP with the command docker-machine ip
Configure#
Generate Tokens#
To configure GitHub API access you'll need to generate both a personal access token for Codeburner to use for scanning and an OAuth key pair for authentication/authorization use. GitHub publishes a handy guide on creating tokens if you need help:
https://help.github.com/articles/creating-an-access-token-for-command-line-use/
You'll also need to register Codeburner as an OAuth Application here:
https://github.com/settings/applications/new
Make sure to copy both your personal access token and Client ID/Client Secret from the above steps to a secure location for entering in the Codeburner interface later.
Required Configuration#
Once you have an access token and client id/secret, you can configure Codeburner by clicking the "System Settings" link in the top menu bar.
First you'll want to configure GitHub access using the tokens generated above. After you do that, you should sign-in to GitHub using the link on the far right of the top menu.
When you return to the system settings interface, you can visit "Administrator Access" to configure Codeburner administrators.
Note
Settings are initially visible to any user. Once you've specified administrator users however, only those users can view the settings page going forward.
Optional Configuration#
After configuring authentication and admin access, you can proceed to make any other config changes you need to. We just switched over to the GUI-based configuration, but you can roughly follow the existing Configuration Guide if you need pointers... just put the appropriate values in to the UI instead of app.yml.