Scans:

Size:

This is the Python code and Docker configuration for a link shortening web app

• Running demonstration available at cubel.ink

• DockerHub image repository

I am using this to learn:

• Docker & Web App Hosting
• Python Development
• DevSecOps Automation

• For the database, sign up for a free Turso account, and create database with a table called 'urls' in with the follwing SQL statement:

CREATE TABLE
  urls (
    hashsum VARCHAR(64) PRIMARY KEY,
    url BLOB,
    salt BLOB,
    CONSTRAINT unique_hash UNIQUE (hashsum)
  );

To avoid cluttering up your database while testing locally, it is recommended you create 2 databases: One for testing and one for production

• For the captcha, sign up for a freee Cloudflare acccount, and setup a turnstile widget for your TLD and localhost domains.

Read the Cloudflare Turnstile docs to learn how to get the feature set up.

• Create a file in the /app directory called .env, with the following contents, setting the appropriate values with your own substitutions:

ENDPOINT="<your-turso-url>"
TOKEN="<your-turso-token>"
CF_SECRET="<your-cloudflare-secret-key>"
TLD=localhost

! WARNING !

The docker-compose.yaml and .env files must reference the same variable names where applicable, also make sure the variable names are not set elsewhere in your testing environment.

If you made separate testing and production databases, make sure to use the test database token and endpoint url in your .env file, and the production ones in your hosting environment variables.

From the root directory of this repository, run:

docker compose up -d --build

[+] Running (2/2)
 ✔ Network linkshort_ls-net   Created
 ✔ Container linkshort-app-1  Started

If succesful, app will be running at http://localhost, it will connect to your Turso database over the internet.

You can re-run this command whenever you make changes to rebuild the container.

To shut down the service, run this command:

docker compose down

• Shortens URLs with unique extensions
• Encrypts stored URLs along with random with salts
• Extensions are stored as hashsums in the DB
• Sanitisation of input from user for both URLs and extensions on requests
• Checks on user shared URLs, to ensure they begin with HTTPS
• Uses minimal scratch image for runtime security
• Checks submitted URLs against spam lists, rejects known spam domains
• Generates QR codes for users to download and share
• A frontend with reactive CSS & HTML
• 400 and 500 HTTP error handling with pages
• Static content served through CDN
• Captcha on main page
• Custom URLs users enter in the main form
• Statistics page for URLs to see how many clicks links have got

This has been set up via statically.io

• Demonstration application set up:

This has been set up on cloud.run via it's repository integration

Code Linting:

• Super Linter

Static & Software Composition Analysis:

• CodeQL
• Snyk

Container Image Scanning:

• Grype
• Docker Scout
• Trivy

Automated Dependency Upgrades:

• Renovate

Commit Standardisation:

• Conventional Commits Commit title standardisation