Integration Prerequisites¶
To enable integrating FAST into a CI/CD workflow, you will need
-
Access to the Wallarm portal and a Wallarm account.
Create an account if you do not have one (this account will be tied to the American cloud)
-
The FAST node's Docker container should have access to the
us1.api.wallarm.comWallarm API server via the HTTPS protocol (TCP/443)
A note about Wallarm clouds
FAST interacts with one of the available Wallarm clouds.
All information from the documentation is equally applicable to all the clouds, unless stated otherwise.
For the sake of simplicity, it is assumed throughout the documentation that FAST interacts with the American Wallarm cloud. If you need to interact with another cloud, use the corresponding addresses of the Wallarm portal and the API server.
-
Permissions to create and run Docker containers for your CI/CD workflow
-
A web application or API to test for vulnerabilities (a target application)
It is mandatory that this application use the HTTP or HTTPS protocol for communication.
The target application should remain available until the FAST security testing finishes.
-
A test tool that will test the target application using HTTP and HTTPS requests (a request source).
A request source should be able to work with an HTTP or HTTPS proxy server.
Selenium is an example of a test tool that satisfies the mentioned requirements.
-
One or more tokens.
Create a FAST node in the Wallarm cloud and use the corresponding token in the Docker container when performing a CI/CD task.
The token will be employed by the Docker container with the FAST node during the CI/CD job execution.
If you have several CI/CD jobs that are running simultaneously, create an appropriate number of FAST nodes in the Wallarm cloud.
An example token
The
token_Qwe12345value is used as an example of a token throughout this guide.