While in testing mode, the FAST node creates a test run based on the test record that was populated with baseline requests in recording mode and executes the security test set for the target application.
To follow the steps described in this chapter, you need to obtain a token.
The following values are used as examples throughout this chapter:
tr_1234as an identifier of a test run.
rec_0001as an identifier of a test record.
bl_7777as an identifier of a baseline request.
FAST node configuration is done via environment variables. The table below holds all environment variables that can be used to configure a FAST node in testing mode.
||Token for a node.||Yes|
||The domain name of the Wallarm API server to use.
||FAST node's operation mode.
||The number of processes that work with multiple baseline requests in parallel fashion.
||Identifier of a test record.
Default: empty value.
||The name of the test run.
Default value is in a similar format: “TestRun Sep 24 12:31 UTC”.
||The description of the test run.
Default value: empty string.
||The identifier of the test policy.
If the parameter is missing, then the default policy takes action.
||The parameter specifies a limit on the number of test requests (RPS, requests per second) to be sent to the target application during test run execution.
Allowed value range: from 1 to 1000 (requests per second)
Default value: unlimited.
||This parameter specifies FAST’s behavior when a vulnerability is detected:
||A URI of the target application.
The IP address of the target application may change during the CI/CD process, so you can use the application URI.
For example, the application address in docker-compose is
If you plan to employ your own test policy, then create one in the Wallarm cloud. Later, pass the identifier to the FAST node's Docker container via the
TEST_RUN_POLICY_ID environment variable when running the FAST node in testing mode.
Otherwise, if you choose to use the default test policy, then do not set the
TEST_RUN_POLICY_ID environment variable for the container.
The “Quick Start” guide contains step-by-step instructions on how to create a sample test policy.
To use a specific test record in testing mode, you can pass the test record's identifier to the FAST node using the
Thus, there is no need to run the FAST node in the recording mode first, but you can use a pre-formed test record and use it to perform the same security tests many times (in different nodes and test runs).
You can get the identifier of the test record in the interface of Wallarm portal or from the log of FAST node in the recording mode.
If you do not use the
TEST_RECORD_ID parameter, the FAST node will use the last test record of the node.
docker-compose.yaml file that was created earlier is suitable for running a FAST node in testing mode.
To do so, it is necessary to alter the
CI_MODE environment variable's value to the
You either can change the variable's value by modifying it in the
docker-compose.yaml file, or pass the environment variable with the required value to the Docker container via the
-e option of the
docker-compose run command:
docker-compose run --rm -e CI_MODE=testing fast
You can pass any of the environment variables described above to a FAST node Docker container via the
--rm option is also used in the example above, so that the FAST node container will be automatically disposed of when the node is stopped.
If the command executes successfully, a console output similar to the one shown here will be generated:
__ __ _ _ \ \ / /_ _| | |__ _ _ _ _ __ \ \/\/ / _` | | / _` | '_| ' \ \_/\_/\__,_|_|_\__,_|_| |_|_|_| ___ _ ___ _____ | __/_\ / __|_ _| | _/ _ \\__ \ | | |_/_/ \_\___/ |_| Loading... INFO synccloud: Registered new instance 16dd487f-3d40-4834-xxxx-8ff17842d60b INFO : Loaded 0 custom extensions for fast scanner INFO : Loaded 44 default extensions for fast scanner INFO : Use TestRecord#rec_0001 for creating TestRun INFO : TestRun#tr_1234 created
This output informs us that the test record with the
rec_0001 identifier was used to create a test run with the
tr_1234 identifier, and this operation was completed successfully.
Next, security tests are created and executed by the FAST node for each baseline request in the test record that satisfies the test policy. The console output will contain similar messages to these:
INFO : Running a test set for the baseline #bl_7777 INFO : Test set for the baseline #bl_7777 is running INFO : Retrieving the baseline request Hit#["hits_production_202_20xx10_v_1", "AW2xxxxxW26"] INFO : Use TestPolicy with name 'Default Policy'
This output informs us that the test set is running for the baseline requests with the
bl_7777 identifier. Also, it tells us that the default test policy is being used due to a lack of the
TEST_RUN_POLICY_ID environment variable.
FAST nodes can terminate in different ways, depending on the testing results obtained.
If some vulnerabilities are detected in the target application, the FAST node shows a message similar to this:
INFO : Found 4 vulnerabilities, marking the test set for baseline #bl_7777 as failed ERROR : TestRun#tr_1234 failed
In this case, four vulnerabilities were found. A test set for the baseline with the
bl_7777 identifier is considered failed. The corresponding test run with the
tr_1234 identifier is also marked as failed.
If no vulnerabilities are detected in the target application, the FAST node shows a message similar to this:
INFO : No issues found. Test set for baseline #bl_7777 passed. INFO : TestRun#tr_1234 passed
In this case, the test run with the
tr_1234 identifier is considered passed.
Note that the above examples do not imply that only one test set was executed. A test set is formed for each baseline request that complies with the FAST test policy.
A single test-set-related message is shown here for demonstration purposes.
After the FAST node has finished the testing process, it terminates and returns an exit code to the process that runs as part of a CI/CD job.
- If security test status is “passed” and the FAST node encounters no errors during the testing process, then the
0exit code is returned.
- Otherwise, if security tests do fail or the FAST node encounters some errors during the testing process, then the
1exit code is returned.
The FAST node container in testing mode will stop automatically after security testing is complete. Nonetheless, a CI/CD tool can still be in control of the node and its container lifecycle by the means described earlier.
In the example above the FAST node container was run with the
--rm option. That means that the stopped container is automatically removed.