Finally, the Dockerfile creates an image that runs Railsgoat. This file is pretty straightforward; it defines the use of the rails onbuild image, a pre-built Docker image meant for use with Rails apps. Once we have that image, we set up a start script and start the application. With the Vagrant setup, you won’t need to build the Docker image as we’ve pre-built an image and pushed it to Docker Hub.
Now, a simple ‘vagrant up’ in the Railsgoat directory installs all dependencies and boots Railsgoat on port 3000 of our local host.
Railsgoat development is continuing; we’re looking for new ways to make learning about Rails security easier and more approachable than ever. We’ll have more vulnerabilities, write-ups, unit tests, and more in the near future. Also, if you’re interested in Docker, come out to BSidesDC where Patrick Cooley and I will give a presentation on using Docker as a security tool.
Railsgoat on Github