The following plugin provides functionality available through Pipeline-compatible steps. Read more about how to integrate steps into your Pipeline in the Steps section of the Pipeline Syntax page.

For a list of other such plugins, see the Pipeline Steps Reference page.

Wallarm Fast

step([$class: 'WallarmFastBuilder']): WallarmFastBuilder

  • appHost : String
    A URI of the target application.The IP address of the target application may change during the CI/CD process, so it's better to use the application URI.
  • appPort : String
    The port of the target application. Combines with the appHost field.
  • fastPort : String
    FAST open port for recieving proxy requests. Any port value may be used. This parameter is only used in recording mode.
  • fastName : String
    A unique name for the Wallarm FAST docker. Although none is required for FAST to function, it may be easier to identify different dockers when a known handle is used.
  • policyId : int
    The identifier of the test policy. If the parameter is missing, then the default policy takes action.
  • testRecordId : int
    Identifier of a test record. When no test record id is supplied, the last created test record is used Default: empty value.
  • wallarmApiHost : String
    The domain name of the Wallarm API server to use. Allowed values: us1.api.wallarm.com for use with the US cloud; api.wallarm.com for use with the EU cloud.
  • testRunName : String
    The name of the test run. Default value is in the following format: “TestRun Sep 24 12:31 UTC”.
  • testRunDesc : String
    The description of the test run. Default value: empty string.
  • record : boolean
    The Wallarm FAST plugin has 2 modes of operation: recording and testing. In recording mode, the FAST application will act as a proxy. Any traffic sent through FAST will be recorded as a baseline and saved to a TestRecord for later use. In Playback mode, the FAST application will use an existing TestRecord to generate a TestRun.
  • stopOnFirstFail : boolean
    This parameter specifies FAST’s behavior when a vulnerability is detected: true: stop the execution of the test run on the first detected vulnerability. false: process all the baseline requests regardless of whether any vulnerability is detected. Default value: false.
  • failBuild : boolean
    If checked, will allow the plugin to fail the current build if any vulnerabilities are found, thereby preventing further exectution of the pipline. Otherwise only a warning text will be outputted, informing of any found vulnerabilities, but normal execution will continue.
  • withoutSudo : boolean
    When checked, calls docker without sudo. By default, docker cannot be called this way.
  • localDockerNetwork : String
    If FAST is required to operate from within an existing docker network, you may specify the network name here. This will simply append '--net your_network' to the docker launch command.
  • localDockerIp : String
    Used when FAST is required to be directly addressable from a docker network. Simply appends '--ip your_ip' to the launch command
  • wallarmVersion : String
    The version of FAST to use. You may specify any version found on https://hub.docker.com/r/wallarm/fast. Default: latest
  • fileExtensionsToExclude : String
    Static files found by FAST often do not contain vulnerabilities and to not react to payloads, however it is impossible to dynamically determine if the page is invulnerable to the used payloads or just doesn't proccess payloads at all. Excluding payloads from the scanning will speed up the testing proccess significantly. Leave this field blank to scan all files found. Default: "js|jpeg|jpg|gif|png|css"
  • inactivityTimeout : int
    If no baseline requests arrive to the FAST node within the INACTIVITY_TIMEOUT interval, then the recording process is stopped along with the FAST node. Allowed value range: from 0 to 691200 seconds (1 week) Default value: 600 seconds (10 minutes)
  • testRunRps : int
    The parameter specifies a limit on the number of test requests (RPS, requests per second) to be sent to the target application during test run execution. Allowed value range: from 1 to 1000 (requests per second) Default value: unlimited ( =0 ).
  • wallarmApiToken : String (optional)
    Your Wallarm node token. Can be found at "https://us1.my.wallarm.com/nodes" for North America or "https://my.wallarm.com/nodes" for Europe

Was this page helpful?

Please submit your feedback about this page through this quick form.

Alternatively, if you don't wish to complete the quick form, you can simply indicate if you found this page helpful?

    


See existing feedback here.