Getting Started

Securing your Red Hat OpenShift workloads


This workshop will take you through a series of exercises created with one purpose in mind: to provide you with hands-on examples that demonstrate how you can integrate Snyk into your Red Hat workflows in order to identify and fix potential vulnerabilities in your applications.


The examples presented in these modules will require some supporting infrastructure deployed and available for you to use. This will consist of a Red Hat OpenShift cluster, a Red Hat private registry, a Snyk account, and some supporting sample code available in our GitHub repository.
It is NOT recommended that you use production systems for this workshop.

Red Hat OpenShift cluster

The recommended deployment method for this workshop is to install Red Hat OpenShift 4 in your account on any of the supported public cloud providers. Detailed guidance on the steps needed to do this are available on Red Hat's Get started with OpenShift site.

Red Hat private container registry

There are a few ways to deploy Quay. While functionally the steps contained in these modules will be the same irrespective of how you deploy this registry, we have opted for the cloud.

Snyk controller with OpenShift 4

To get vulnerability details about your Kubernetes workloads running on OpenShift, you must first install the Snyk controller onto your cluster. The Snyk monitor requires some minimal configuration items in order to work correctly. The necessary steps are detailed in Snyk's Knowledge Center.

Microsoft Visual Studio Code with Dependency Analytics extension

If you do not already have VSCode, you should download it for free. We will leverage Red Hat Dependency Analytics extension available in the Visual Studio Marketplace. Dependency Analytics is powered by Snyk Intel Vulnerability DB, it is the most advanced and accurate open source vulnerability database in the industry. That adds value with the latest, fastest and more number of vulnerabilities derived from numerous sources.

Sample application and supplemental resources

In our examples, we will build a container image for Snyk's vulnerable demo app, Goof. You will need to git clone the repository in order to complete these exercises.
Export as PDF
Copy link
Edit on GitHub