Integration of FAST with GitLab CI/CD
The integration of FAST in CI MODE into the GitLab CI/CD workflow is configured via the ~/.gitlab-ci.yml
file. More details about GitLab CI/CD workflow configuration are available in the GitLab official documentation.
Passing FAST Node Token
To securely use the FAST node token, pass its value in the environment variable in your project settings.
Configured workflow
Further instructions require already configured workflow that corresponds to one of the following points:
- The test automation is implemented. In this case, the request recording and security testing steps will be added.
- The set of baseline requests is already recorded. In this case, the security testing step will be added.
Adding the Step of Request Recording
To implement the request recording, apply the following settings to the step of automated application testing:
Add the command running FAST Docker container in the
CI_MODE=recording
mode with other required variables before the command running automated tests. For example:docker run --name fast -d -e WALLARM_API_TOKEN=$WALLARM_API_TOKEN -e CI_MODE=recording -e WALLARM_API_HOST=us1.api.wallarm.com -e ALLOWED_HOSTS=app-test -p 8080:8080 --network my-network --rm wallarm/fast
Configure proxying of automated tests via FAST node. For example:
docker run --rm -d --name selenium -e http_proxy='http://fast:8080' --network my-network selenium/standalone-firefox:latest
Docker Network
Before recording requests, make sure the FAST node and tool for automated testing are running on the same network.
An example includes the following steps:Example of the automated testing step with running FAST node in the recording mode
test:
stage: test
script:
- docker network create my-network
- docker run --name fast -d -e WALLARM_API_TOKEN=$WALLARM_API_TOKEN -e CI_MODE=recording -e WALLARM_API_HOST=us1.api.wallarm.com -p 8080:8080 --network my-network --rm wallarm/fast
- docker run --rm -d --name selenium -p 4444:4444 -e http_proxy='http://fast:8080' -e https_proxy='https://fast:8080' --network my-network selenium/standalone-firefox:latest
- docker run --rm --name app-test --network my-network -e CAPYBARA_SERVER_HOST=app-test -p 3000:3000 app-test bundle exec rspec spec/features/posts_spec.rb
- docker stop selenium fast
- docker network rm my-network
my-network
.my-network
.my-network
.my-network
.
Adding the Step of Security Testing
To implement the security testing, add the corresponding separate step to your workflow following these instructions:
- If the test application is not running, add the command to run the application.
Add the command running FAST Docker container in the
CI_MODE=testing
mode with other required variables after the command running the application.Using the recorded set of baseline requests
If the set of baseline requests was recorded in another pipeline, specify the record ID in the TEST_RECORD_ID variable. Otherwise, the last recorded set will be used.
Example of the command:
docker run --name fast -e WALLARM_API_TOKEN=$WALLARM_API_TOKEN -e CI_MODE=testing -e WALLARM_API_HOST=us1.api.wallarm.com -p 8080:8080 -e TEST_RUN_URI=http://app-test:3000 --network my-network --rm wallarm/fast
Docker Network
Before security testing, make sure the FAST node and test application are running on the same network.
Add Define the body of the new stage An example includes the following steps:Example of the security testing step
security_test
to the list of stages
. stages:
- build
- test
- security_test
- cleanup
security_test
. security_test:
stage: security_test
script:
- docker network create my-network
- docker run --rm -d --name app-test --network my-network -e CAPYBARA_SERVER_HOST=app-test -p 3000:3000 app-test
- sleep 5
- docker run --name fast -e WALLARM_API_TOKEN=$WALLARM_API_TOKEN -e CI_MODE=testing -e WALLARM_API_HOST=us1.api.wallarm.com -p 8080:8080 --network my-network -e TEST_RUN_URI="http://app-test:3000" --rm wallarm/fast
- docker stop app-test
my-network
.my-network
.my-network
. The TEST_RECORD_ID
variable is omitted since the set of baseline requests was created in the current pipeline and is the last recorded. The FAST node will be stopped automatically when testing is finished.
Getting the Result of Testing
The result of security testing will be displayed on the GitLab CI/CD interface.
More Examples
You can find examples of integrating FAST to GitLab CI/CD workflow on our GitHub and GitLab.
If you have questions related to FAST integration, please contact us.
Demo videos
results matching ""
No results matching ""
results matching ""
No results matching ""