installation-and-troubleshooting

As UnSAFE Bank is an unmaintained and undocumented legacy project, deploying the application in a modern environment posed several challenges. This section outlines the steps taken to overcome build failures, adapt legacy dependencies, and ultimately achieve a functional testing environment.

Initial Setup

The project was cloned and deployed using Docker Compose:

git clone https://github.com/lucideus-repo/UnSAFE_Bank.git
cd UnSAFE_Bank/Backend
docker-compose up -d

However, the initial build process failed due to a suppressed error originating from the frontend’s Dockerfile:

yarn -s

Debugging the Frontend Build

To gain visibility into the failure, I modified the web/Dockerfile by removing the —silent flag from the yarn command. This exposed the underlying issue more clearly:

The error stemmed from a failed dependency build using node-gyp, which typically requires native compilation tools.

Fixing node-gyp Environment Errors

To resolve the compilation errors, I modified the Dockerfile to include system dependencies required by node-gyp, such as Python, Make, and g++:

# Install Python, make, g++ for node-gyp support
RUN apk add --no-cache python3 make g++ \
    && ln -sf python3 /usr/bin/python

Resolving node-sass Compatibility Issues

After fixing the build environment, the next failure involved an incompatible version of node-sass. The project was attempting to use a version (^7.0.0) that was not compatible with the underlying Node version in the container.

To address this, I manually downgraded the node-sass dependency in web/package.json:

"node-sass": "^4.14.1"

This version aligned with the legacy build toolchain and successfully compiled without errors.

Final Deployment

After applying both fixes, I rebuilt the containers. The application launched successfully, and the web interface became accessible at http://localhost:3000/:


Takeaway

This multi-stage troubleshooting process highlights the challenges of maintaining vulnerable legacy applications, especially those with outdated toolchains and poor documentation. By applying targeted environment patches and dependency downgrades, I was able to restore full functionality — providing a solid foundation for black-box assessment.