Integration of FAST with GitLab CI/CD¶
The integration of FAST in CI MODE into the GitLab CI/CD workflow is configured via the ~/.gitlab-ci.yml
file. More details about GitLab CI/CD workflow configuration are available in the GitLab official documentation.
Passing FAST Node Token¶
To securely use the FAST node token, pass its value in the environment variable in your project settings.
Configured workflow
Further instructions require already configured workflow that corresponds to one of the following points:
- The test automation is implemented. In this case, the request recording and security testing steps will be added.
- The set of baseline requests is already recorded. In this case, the security testing step will be added.
Adding the Step of Request Recording¶
To implement the request recording, apply the following settings to the step of automated application testing:
-
Add the command running FAST Docker container in the
CI_MODE=recording
mode with other required variables before the command running automated tests. For example: -
Configure proxying of automated tests via FAST node. For example:
Docker Network
Before recording requests, make sure the FAST node and tool for automated testing are running on the same network.
Example of the automated testing step with running FAST node in the recording mode
test:
stage: test
script:
- docker network create my-network
- docker run --name fast -d -e WALLARM_API_TOKEN=$WALLARM_API_TOKEN -e CI_MODE=recording -e WALLARM_API_HOST=us1.api.wallarm.com -p 8080:8080 --network my-network --rm wallarm/fast
- docker run --rm -d --name selenium -p 4444:4444 -e http_proxy='http://fast:8080' -e https_proxy='https://fast:8080' --network my-network selenium/standalone-firefox:latest
- docker run --rm --name app-test --network my-network -e CAPYBARA_SERVER_HOST=app-test -p 3000:3000 app-test bundle exec rspec spec/features/posts_spec.rb
- docker stop selenium fast
- docker network rm my-network
An example includes the following steps:
- Create the Docker network
my-network
. - Run the FAST node in the recording mode on the network
my-network
. - Run the tool for automated testing Selenium with FAST node as a proxy on the network
my-network
. - Run the test application and automated tests on the network
my-network
. - Stop Selenium and FAST node.
Adding the Step of Security Testing¶
To implement the security testing, add the corresponding separate step to your workflow following these instructions:
-
If the test application is not running, add the command to run the application.
-
Add the command running FAST Docker container in the
CI_MODE=testing
mode with other required variables after the command running the application.Using the recorded set of baseline requests
If the set of baseline requests was recorded in another pipeline, specify the record ID in the TEST_RECORD_ID variable. Otherwise, the last recorded set will be used.
Example of the command:
Docker Network
Before security testing, make sure the FAST node and test application are running on the same network.
Example of the security testing step
-
Add
security_test
to the list ofstages
. -
Define the body of the new stage
security_test
.security_test: stage: security_test script: - docker network create my-network - docker run --rm -d --name app-test --network my-network -e CAPYBARA_SERVER_HOST=app-test -p 3000:3000 app-test - sleep 5 - docker run --name fast -e WALLARM_API_TOKEN=$WALLARM_API_TOKEN -e CI_MODE=testing -e WALLARM_API_HOST=us1.api.wallarm.com -p 8080:8080 --network my-network -e TEST_RUN_URI="http://app-test:3000" --rm wallarm/fast - docker stop app-test
An example includes the following steps:
- Create the Docker network
my-network
. - Run the test application on the network
my-network
. - Run the FAST node in the testing mode on the network
my-network
. TheTEST_RECORD_ID
variable is omitted since the set of baseline requests was created in the current pipeline and is the last recorded. The FAST node will be stopped automatically when testing is finished. - Stop the test application.
Getting the Result of Testing¶
The result of security testing will be displayed on the GitLab CI/CD interface.
More Examples¶
You can find examples of integrating FAST to GitLab CI/CD workflow on our GitHub and GitLab.
Further questions
If you have questions related to FAST integration, please contact us.