1. wallarm/fast@1.2.0

wallarm/fast@1.2.0

Partner
Sections
Wallarm's Framework for Automated Security Testing (FAST) is a tool for automatically generating and running security tests. This Orb allows to execute security tests based on the baselines that have been previously recorded. To start using this Orb, you have to setup the WALLARM_API_TOKEN at your project's enviroment variables settings (you get the token at https://us1.my.wallarm.com/nodes). More on how to use FAST read here: https://docs.fast.wallarm.com/en/.
Created: October 15, 2019Version Published: May 6, 2020Releases: 5
Org Usage:
< 25

Orb Quick Start Guide

Use CircleCI version 2.1 at the top of your .circleci/config.yml file.

1 version: 2.1

Add the orbs stanza below your version, invoking the orb:

1 2 orbs: fast: wallarm/fast@1.2.0

Use fast elements in your existing workflows and jobs.

Opt-in to use of uncertified orbs on your organization’s Security settings page.

Usage Examples

fast-example-rails

Example using Wallarm's FAST to run tests against simple Ruby on Rails application. In this example parameter app_port is used. Taken from https://github.com/wallarm/fast-example-rails.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 jobs: build: machine: image: ubuntu-1604:201903-01 steps: - checkout - run: command: > docker run -d --name app-test -p 3000:3000 wallarm/fast-example-rails name: Run application - fast/run_security_tests: app_port: '3000' test_record_id: <test_record_id> orbs: fast: wallarm/fast@dev:x.y.z version: 2.1

Commands

run_security_tests

Start FAST container in testing mode.

Show command Source
PARAMETER
DESCRIPTION
REQUIRED
DEFAULT
TYPE
app_host
Hostname of application without port. Defaults to internal ip. Examples: 127.0.0.1 or example.com
No
$(hostname -i | grep -o -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | head -n1)
string
app_port
Application port. Can be used when app_uri is not specified directly.
No
'80'
string
policy_id
Policy id. You can find it at https://my.wallarm.com/testing/policies/?check=all With an empty value test run will be use the default policy.
No
''
string
stop_on_first_fail
Stop Wallarm test run when first vulnerability is found.
No
false
boolean
test_record_id
Test record id. You can find it at https://my.wallarm.com/testing/?status=all
Yes
-
string
test_run_desc
Description of Wallarm test run. Default value is the name of the related test record.
No
''
string
test_run_name
Name of Wallarm test run. Default value example: "TestRun Oct 22 13:08 UTC".
No
''
string
test_run_rps
Maximum value of RPS (requests per second) for Wallarm test run. Unlimited by default.
No
''
string
wallarm_api_host
Wallarm API host.
No
us1.api.wallarm.com
string
wallarm_fast_port
Wallarm FAST port.
No
'8080'
string
wallarm_version
Wallarm FAST version
No
latest
string

Orb Source

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 # This code is licensed from CircleCI to the user under the MIT license. # See here for details: https://circleci.com/developer/orbs/licensing commands: run_security_tests: description: | Start FAST container in testing mode. parameters: app_host: default: $(hostname -i | grep -o -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | head -n1) description: | Hostname of application without port. Defaults to internal ip. Examples: 127.0.0.1 or example.com type: string app_port: default: "80" description: | Application port. Can be used when app_uri is not specified directly. type: string policy_id: default: "" description: | Policy id. You can find it at https://my.wallarm.com/testing/policies/?check=all With an empty value test run will be use the default policy. type: string stop_on_first_fail: default: false description: | Stop Wallarm test run when first vulnerability is found. type: boolean test_record_id: description: | Test record id. You can find it at https://my.wallarm.com/testing/?status=all type: string test_run_desc: default: "" description: | Description of Wallarm test run. Default value is the name of the related test record. type: string test_run_name: default: "" description: | Name of Wallarm test run. Default value example: "TestRun Oct 22 13:08 UTC". type: string test_run_rps: default: "" description: | Maximum value of RPS (requests per second) for Wallarm test run. Unlimited by default. type: string wallarm_api_host: default: us1.api.wallarm.com description: | Wallarm API host. type: string wallarm_fast_port: default: "8080" description: | Wallarm FAST port. type: string wallarm_version: default: latest description: | Wallarm FAST version type: string steps: - run: command: | echo WALLARM_API_TOKEN=$WALLARM_API_TOKEN \>> fast.env echo WALLARM_API_HOST=<<parameters.wallarm_api_host>> \>> fast.env echo CI_MODE=testing \>> fast.env echo TEST_RECORD_ID=<<parameters.test_record_id>> \>> fast.env echo TEST_RUN_URI=http://<<parameters.app_host>>:<<parameters.app_port>> \>> fast.env if [ <<parameters.policy_id>> ] ; then echo "TEST_RUN_POLICY_ID=<<parameters.policy_id>>" \>> fast.env ; fi if [ <<parameters.test_run_name>> ] ; then echo "TEST_RUN_NAME=<<parameters.test_run_name>>" \>> fast.env ; fi if [ <<parameters.test_run_desc>> ] ; then echo "TEST_RUN_DESC=<<parameters.test_run_desc>>" \>> fast.env ; fi if [ <<parameters.test_run_rps>> ] ; then echo "TEST_RUN_RPS=<<parameters.test_run_rps>>" \>> fast.env ; fi <<# parameters.stop_on_first_fail >> echo "TEST_RUN_STOP_ON_FIRST_FAIL=<<parameters.stop_on_first_fail>>" \>> fast.env <</ parameters.stop_on_first_fail >> name: Setup fast.env file - run: command: | docker run --name fast --env-file=fast.env -p <<parameters.wallarm_fast_port>>:8080 wallarm/fast:<<parameters.wallarm_version>> name: Run security tests. description: "Wallarm's Framework for Automated Security Testing (FAST) is a tool for automatically generating and running security tests. \nThis Orb allows to execute security tests based on the baselines that have been previously recorded. \nTo start using this Orb, you have to setup the WALLARM_API_TOKEN at your project's enviroment variables settings (you get the token at https://us1.my.wallarm.com/nodes).\nMore on how to use FAST read here: https://docs.fast.wallarm.com/en/.\n" display: home_url: https://wallarm.com/products/fast. source_url: https://github.com/wallarm/fast-orb. examples: fast-example-rails: description: | Example using Wallarm's FAST to run tests against simple Ruby on Rails application. In this example parameter app_port is used. Taken from https://github.com/wallarm/fast-example-rails. usage: jobs: build: machine: image: ubuntu-1604:201903-01 steps: - checkout - run: command: | docker run -d --name app-test -p 3000:3000 wallarm/fast-example-rails name: Run application - fast/run_security_tests: app_port: "3000" test_record_id: <test_record_id> orbs: fast: wallarm/fast@dev:x.y.z version: 2.1 version: 2.1
Developer Updates
Get tips to optimize your builds
Or join our research panel and give feedback
By submitting this form, you are agreeing to ourTerms of UseandPrivacy Policy.