Use CircleCI version 2.1 at the top of your .circleci/config.yml file.
1
version: 2.1
Add the orbs
stanza below your version, invoking the orb:
1
2
orbs:
fast: wallarm/fast@1.2.0
Use fast
elements in your existing workflows and jobs.
Opt-in to use of uncertified orbs on your organization’s Security settings page.
Example using Wallarm's FAST to run tests against simple Ruby on Rails application. In this example parameter app_port is used. Taken from https://github.com/wallarm/fast-example-rails.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
jobs:
build:
machine:
image: ubuntu-1604:201903-01
steps:
- checkout
- run:
command: >
docker run -d --name app-test -p 3000:3000
wallarm/fast-example-rails
name: Run application
- fast/run_security_tests:
app_port: '3000'
test_record_id: <test_record_id>
orbs:
fast: wallarm/fast@dev:x.y.z
version: 2.1
Start FAST container in testing mode.
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
app_host | Hostname of application without port. Defaults to internal ip. Examples: 127.0.0.1 or example.com
| No | $(hostname -i | grep -o -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | head -n1) | string |
app_port | Application port. Can be used when app_uri is not specified directly.
| No | '80' | string |
policy_id | Policy id. You can find it at https://my.wallarm.com/testing/policies/?check=all With an empty value test run will be use the default policy.
| No | '' | string |
stop_on_first_fail | Stop Wallarm test run when first vulnerability is found.
| No | false | boolean |
test_record_id | Test record id. You can find it at https://my.wallarm.com/testing/?status=all
| Yes | - | string |
test_run_desc | Description of Wallarm test run. Default value is the name of the related test record.
| No | '' | string |
test_run_name | Name of Wallarm test run. Default value example: "TestRun Oct 22 13:08 UTC".
| No | '' | string |
test_run_rps | Maximum value of RPS (requests per second) for Wallarm test run. Unlimited by default.
| No | '' | string |
wallarm_api_host | Wallarm API host.
| No | us1.api.wallarm.com | string |
wallarm_fast_port | Wallarm FAST port.
| No | '8080' | string |
wallarm_version | Wallarm FAST version
| No | latest | string |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
# This code is licensed from CircleCI to the user under the MIT license.
# See here for details: https://circleci.com/developer/orbs/licensing
commands:
run_security_tests:
description: |
Start FAST container in testing mode.
parameters:
app_host:
default: $(hostname -i | grep -o -E "([0-9]{1,3}[\.]){3}[0-9]{1,3}" | head
-n1)
description: |
Hostname of application without port. Defaults to internal ip. Examples: 127.0.0.1 or example.com
type: string
app_port:
default: "80"
description: |
Application port. Can be used when app_uri is not specified directly.
type: string
policy_id:
default: ""
description: |
Policy id. You can find it at https://my.wallarm.com/testing/policies/?check=all With an empty value test run will be use the default policy.
type: string
stop_on_first_fail:
default: false
description: |
Stop Wallarm test run when first vulnerability is found.
type: boolean
test_record_id:
description: |
Test record id. You can find it at https://my.wallarm.com/testing/?status=all
type: string
test_run_desc:
default: ""
description: |
Description of Wallarm test run. Default value is the name of the related test record.
type: string
test_run_name:
default: ""
description: |
Name of Wallarm test run. Default value example: "TestRun Oct 22 13:08 UTC".
type: string
test_run_rps:
default: ""
description: |
Maximum value of RPS (requests per second) for Wallarm test run. Unlimited by default.
type: string
wallarm_api_host:
default: us1.api.wallarm.com
description: |
Wallarm API host.
type: string
wallarm_fast_port:
default: "8080"
description: |
Wallarm FAST port.
type: string
wallarm_version:
default: latest
description: |
Wallarm FAST version
type: string
steps:
- run:
command: |
echo WALLARM_API_TOKEN=$WALLARM_API_TOKEN \>> fast.env
echo WALLARM_API_HOST=<<parameters.wallarm_api_host>> \>> fast.env
echo CI_MODE=testing \>> fast.env
echo TEST_RECORD_ID=<<parameters.test_record_id>> \>> fast.env
echo TEST_RUN_URI=http://<<parameters.app_host>>:<<parameters.app_port>> \>> fast.env
if [ <<parameters.policy_id>> ] ; then echo "TEST_RUN_POLICY_ID=<<parameters.policy_id>>" \>> fast.env ; fi
if [ <<parameters.test_run_name>> ] ; then echo "TEST_RUN_NAME=<<parameters.test_run_name>>" \>> fast.env ; fi
if [ <<parameters.test_run_desc>> ] ; then echo "TEST_RUN_DESC=<<parameters.test_run_desc>>" \>> fast.env ; fi
if [ <<parameters.test_run_rps>> ] ; then echo "TEST_RUN_RPS=<<parameters.test_run_rps>>" \>> fast.env ; fi
<<# parameters.stop_on_first_fail >> echo "TEST_RUN_STOP_ON_FIRST_FAIL=<<parameters.stop_on_first_fail>>" \>> fast.env <</ parameters.stop_on_first_fail >>
name: Setup fast.env file
- run:
command: |
docker run --name fast --env-file=fast.env -p <<parameters.wallarm_fast_port>>:8080 wallarm/fast:<<parameters.wallarm_version>>
name: Run security tests.
description: "Wallarm's Framework for Automated Security Testing (FAST) is a tool
for automatically generating and running security tests. \nThis Orb allows to execute
security tests based on the baselines that have been previously recorded. \nTo start
using this Orb, you have to setup the WALLARM_API_TOKEN at your project's enviroment
variables settings (you get the token at https://us1.my.wallarm.com/nodes).\nMore
on how to use FAST read here: https://docs.fast.wallarm.com/en/.\n"
display:
home_url: https://wallarm.com/products/fast.
source_url: https://github.com/wallarm/fast-orb.
examples:
fast-example-rails:
description: |
Example using Wallarm's FAST to run tests against simple Ruby on Rails application.
In this example parameter app_port is used.
Taken from https://github.com/wallarm/fast-example-rails.
usage:
jobs:
build:
machine:
image: ubuntu-1604:201903-01
steps:
- checkout
- run:
command: |
docker run -d --name app-test -p 3000:3000 wallarm/fast-example-rails
name: Run application
- fast/run_security_tests:
app_port: "3000"
test_record_id: <test_record_id>
orbs:
fast: wallarm/fast@dev:x.y.z
version: 2.1
version: 2.1