Merge pull request #2 from wallarm/feature/desciption_fixes

Feature/desciption fixes

Author: SuperKmar

src/main/java/io/jenkins/plugins/WallarmFastBuilder.java

@@ -47,6 +47,7 @@ public class WallarmFastBuilder extends Builder implements SimpleBuildStep {
     private String  localDockerNetwork;
     private String  localDockerIp;
     private String  wallarmVersion;
+    private String  fileExtensionsToExclude;
     private int     inactivityTimeout;
     private int     testRunRps;
 
@@ -69,6 +70,7 @@ public WallarmFastBuilder(
         String  localDockerNetwork,
         String  localDockerIp,
         String  wallarmVersion,
+        String  fileExtensionsToExclude,
         int     inactivityTimeout,
         int     testRunRps) {
 
@@ -89,6 +91,7 @@ public WallarmFastBuilder(
         this.localDockerNetwork = localDockerNetwork;
         this.localDockerIp = localDockerIp;
         this.wallarmVersion = not_empty(wallarmVersion) ? wallarmVersion : "latest";
+        this.fileExtensionsToExclude = fileExtensionsToExclude;
         this.inactivityTimeout = inactivityTimeout;
         this.testRunRps = testRunRps;
 
@@ -167,6 +170,10 @@ public String getWallarmVersion() {
         return wallarmVersion;
     }
 
+    public String getFileExtensionsToExclude() {
+        return fileExtensionsToExclude;
+    }
+
     public int getInactivityTimeout() {
         return inactivityTimeout;
     }
@@ -228,6 +235,9 @@ public void setLocalDockerIp (String localDockerIp) {
     public void setWallarmVersion (String wallarmVersion) {
         this.wallarmVersion = wallarmVersion;
     }
+    public void setFileExtensionsToExclude (String fileExtensionsToExclude) {
+        this.fileExtensionsToExclude = fileExtensionsToExclude;
+    }
     public void setInactivityTimeout (int inactivityTimeout) {
         this.inactivityTimeout = inactivityTimeout;
     }
@@ -247,11 +257,14 @@ public void perform(
 
         add_required_params(cmd);
         add_optional_params(cmd);
-        add_params_with_default_values(cmd);
 
         if (record) {
+            add_record_params(cmd);
+            cmd.add("wallarm/fast:" + wallarmVersion ); // this must be the last parameter!
             record_baselines(cmd, run, launcher, listener);
         } else {
+            add_testing_params(cmd);
+            cmd.add("wallarm/fast:" + wallarmVersion ); // this must be the last parameter!
             run_tests(cmd, run, launcher, listener);
         }
     }
@@ -271,36 +284,33 @@ public boolean not_empty(boolean param) {
 
     public void add_required_params(List<String> cmd) {
         cmd.add("docker run --rm");
-        cmd.add("--name " + fastName);
-
-        if (record) {
-          cmd.add("-d");
-          cmd.add("-e CI_MODE=recording");
-          cmd.add("-p " + fastPort + ":8080");
-        } else {
-          cmd.add("-e CI_MODE=testing");
-        }
-
         cmd.add("-e WALLARM_API_TOKEN=$WALLARM_API_TOKEN");
+        cmd.add("-e WALLARM_API_HOST=" + wallarmApiHost );
+        if (not_empty(appHost)) {cmd.add("-e TEST_RUN_URI=http://" + appHost + ":" + appPort);}
     }
 
+    public void add_record_params(List<String> cmd) {
+        cmd.add("-d");
+        cmd.add("-e CI_MODE=recording");
+        cmd.add("-p " + fastPort + ":8080");
+        cmd.add("-e INACTIVITY_TIMEOUT=" + inactivityTimeout );
+    }
+
+    public void add_testing_params(List<String> cmd) {
+        cmd.add("-e CI_MODE=testing");
+        if (not_empty(policyId))                {cmd.add("-e POLICY_ID=" + policyId);}
+        if (not_empty(testRecordId))            {cmd.add("-e TEST_RECORD_ID=" + testRecordId);}
+        if (not_empty(testRunRps))              {cmd.add("-e TEST_RUN_RPS=" + testRunRps);}
+        if (not_empty(testRunName))             {cmd.add("-e TEST_RUN_NAME=" + testRunName.replace(" ", "_"));}
+        if (not_empty(testRunDesc))             {cmd.add("-e TEST_RUN_DESC=" + testRunDesc.replace(" ", "_"));}
+        if (not_empty(stopOnFirstFail))         {cmd.add("-e TEST_RUN_STOP_ON_FIRST_FAIL=" + stopOnFirstFail);}
+        if (not_empty(fileExtensionsToExclude)) {cmd.add("-e FILE_EXTENSIONS_TO_EXCLUDE=" + fileExtensionsToExclude);}
+    }
 
     public void add_optional_params(List<String> cmd) {
-        if ( not_empty(policyId) )          { cmd.add("-e POLICY_ID=" + policyId ); }
-        if ( not_empty(testRecordId) )      { cmd.add("-e TEST_RECORD_ID=" + testRecordId ); }
-        if ( not_empty(localDockerNetwork) ){ cmd.add("--net " + localDockerNetwork ); }
-        if ( not_empty(localDockerIp) )     { cmd.add("--ip " + localDockerIp ); }
-        if ( not_empty(testRunName) )       { cmd.add("-e TEST_RUN_NAME=" + testRunName.replace(" ", "_")); }
-        if ( not_empty(testRunDesc) )       { cmd.add("-e TEST_RUN_DESC=" + testRunDesc.replace(" ", "_")); }
-        if ( not_empty(stopOnFirstFail) )   { cmd.add("-e TEST_RUN_STOP_ON_FIRST_FAIL=" + stopOnFirstFail ); }
-        if ( not_empty(testRunRps) )        { cmd.add("-e TEST_RUN_RPS=" + testRunRps ); }
-        if ( not_empty(appHost) )           { cmd.add("-e TEST_RUN_URI=http://" + appHost + ":" + appPort); }
-    }
-
-    public void add_params_with_default_values(List<String> cmd) {
-        cmd.add("-e WALLARM_API_HOST=" + wallarmApiHost );
-        cmd.add("-e INACTIVITY_TIMEOUT=" + inactivityTimeout );
-        cmd.add("wallarm/fast:" + wallarmVersion ); // this must be the last parameter
+        cmd.add("--name " + fastName);
+        if (not_empty(localDockerNetwork))      {cmd.add("--net " + localDockerNetwork);}
+        if (not_empty(localDockerIp))           {cmd.add("--ip " + localDockerIp);}
     }
 
     // this one is used when we need to parse the output of the command we're launching
@@ -487,6 +497,7 @@ public static final class DescriptorImpl extends BuildStepDescriptor<Builder> {
         private String  localDockerNetwork;
         private String  localDockerIp;
         private String  wallarmVersion;
+        private String  fileExtensionsToExclude;
         private int     inactivityTimeout;
         private int     testRunRps;
 
@@ -571,6 +582,10 @@ public String getWallarmVersion() {
             return wallarmVersion;
         }
 
+        public String getFileExtensionsToExclude() {
+            return fileExtensionsToExclude;
+        }
+
         public int getInactivityTimeout() {
             return inactivityTimeout;
         }

src/main/resources/io/jenkins/plugins/WallarmFastBuilder/config.jelly

@@ -1,77 +1,81 @@
 <?jelly escape-by-default='true'?>
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
-    <f:section>
+    <f:block>
         <img src="https://wallarm.com/assets/images/logo-short.svg" alt="Wallarm FAST"></img>
-    </f:section>
+    </f:block>
 
     <f:section title="General">
-        <f:entry title="${%WallarmApiToken}" field="wallarmApiToken" description='Your Wallarm node token. Can be found at "https://us1.my.wallarm.com/nodes"'>
+        <f:entry title="${%Wallarm API token}" field="wallarmApiToken" description='Your Wallarm node token.'>
             <f:textbox />
         </f:entry>
-        <f:entry title="${%WallarmApiHost}" field="wallarmApiHost" description='Wallarm API. use "us1.api.wallarm.com" for North America (default) and "api.wallarm.com" for Europe'>
+        <f:entry title="${%Wallarm API host}" field="wallarmApiHost" description='Wallarm API. Use "us1.api.wallarm.com" for North America (default) and "api.wallarm.com" for Europe'>
             <f:textbox />
         </f:entry>
 
-        <f:entry title="${%AppHost}" field="appHost" description='Address of your application (ip or name will do)'>
+        <f:entry title="${%Application host}" field="appHost" description='Address of your application (ip or name will do)'>
             <f:textbox />
         </f:entry>
-        <f:entry title="${%AppPort}" field="appPort" description='Port of your application (defaults to 8080)'>
+        <f:entry title="${%Application port}" field="appPort" description='Port of your application (defaults to 8080)'>
             <f:textbox />
         </f:entry>
 
-        <f:entry title="${%Record}" field="record" description='Record baselines for later use or run tests with recorded baselines'>
-            <f:checkbox />
-        </f:entry>
     </f:section>
 
-    <f:section title="Recording only">
-        <f:entry title="${%FastPort}" field="fastPort" description="Port for FAST docker (used in recording mode)">
-            <f:textbox />
-        </f:entry>
+    <f:radioBlock name="record" value="true" title="Record baselines" checked="false" inline="true">
+        <f:nested>
+            <f:entry title="${%Fast port}" field="fastPort" description="Port for FAST docker">
+                <f:textbox />
+            </f:entry>
 
-        <f:entry title="${%InactivityTimeout}" field="inactivityTimeout" description='Autoshutdown timer in seconds. Can be from 0 to 691200 (1 week). Defaults to 600 seconds (10 minutes). Used in recording mode'>
-            <f:textbox default="600"/>
-        </f:entry>
-    </f:section>
+            <f:entry title="${%Inactivity timeout}" field="inactivityTimeout" description='Autoshutdown timer in seconds. Can be from 0 to 691200 (1 week). Defaults to 600 seconds (10 minutes).'>
+                <f:textbox default="600"/>
+            </f:entry>
+        </f:nested>
+    </f:radioBlock>
 
-    <f:section title="Playback only">
-        <f:entry title="${%PolicyId}" field="policyId" description='Policy Id to use. Use 0 for default policy'>
-            <f:textbox />
-        </f:entry>
-        <f:entry title="${%TestRecordId}" field="testRecordId" description='Test record you wish to use. Use 0 to use the latest one available'>
-            <f:textbox />
-        </f:entry>
-        <f:entry title="${%TestRunRps}" field="testRunRps" description='Request per second limit for your test run (optional)'>
-            <f:textbox />
-        </f:entry>
-        <f:entry title="${%TestRunName}" field="testRunName" description='Name of your TestRun (optional)'>
-            <f:textbox />
-        </f:entry>
-        <f:entry title="${%TestRunDesc}" field="testRunDesc" description='TestRun description (optional)'>
-            <f:textbox />
-        </f:entry>
-        <f:entry title="${%StopOnFirstFail}" field="stopOnFirstFail" description='Stop running tests as soon as a vulnerability is found'>
-            <f:checkbox />
-        </f:entry>
-        <f:entry title="${%FailBuild}" field="failBuild" description='Fail build on completion if vulnerabilities are found'>
-            <f:checkbox />
-        </f:entry>
-    </f:section>
+    <f:radioBlock name="record" value="false" title="Playback baselines" checked="true" inline="true" >
+        <f:nested>
+            <f:entry title="${%Policy id}" field="policyId" description='Policy Id to use. Use 0 for default policy'>
+                <f:textbox />
+            </f:entry>
+            <f:entry title="${%TestRecord id}" field="testRecordId" description='Test record you wish to use. Use 0 to use the latest one available'>
+                <f:textbox />
+            </f:entry>
+            <f:entry title="${%TestRun RPS}" field="testRunRps" description='Request per second limit for your test run (optional)'>
+                <f:textbox />
+            </f:entry>
+            <f:entry title="${%TestRun name}" field="testRunName" description='Name of your TestRun (optional)'>
+                <f:textbox />
+            </f:entry>
+            <f:entry title="${%TestRun description}" field="testRunDesc" description='TestRun description (optional)'>
+                <f:textbox />
+            </f:entry>
+            <f:entry title="${%Stop on first fail}" field="stopOnFirstFail" description='Stop running tests as soon as a vulnerability is found'>
+                <f:checkbox />
+            </f:entry>
+            <f:entry title="${%Fail build}" field="failBuild" description='Fail build on completion if vulnerabilities are found'>
+                <f:checkbox />
+            </f:entry>
+            <f:entry title="${%Exclude}" field="fileExtensionsToExclude" description="FAST will skip any requests to files with the extensions specified here. Use the following format: 'js|jpeg|jpg|gif|png|css'">
+                <f:textbox default="js|jpeg|jpg|gif|png|css"/>
+            </f:entry>
+        </f:nested>
+    </f:radioBlock>
 
     <f:section title="Optional">
-        <f:entry title="${%FastName}" field="fastName" description="Name for FAST docker. Has default values for both recording and testing">
+        <f:entry title="${%Fast name}" field="fastName" description="Name for FAST docker. Has default values for both recording and testing">
             <f:textbox />
         </f:entry>
-        <f:entry title="${%WallarmVersion}" field="wallarmVersion" description='Wallarm/fast version. Leave blank for "latest"'>
+        <f:entry title="${%Wallarm version}" field="wallarmVersion" description='Wallarm/fast version. Leave blank for "latest"'>
             <f:textbox />
         </f:entry>
-        <f:entry title="${%LocalDockerNetwork}" field="localDockerNetwork" description='Adds the `--net your_network` parameter to FAST. Useful when your application runs inside of a docker container'>
+        <f:entry title="${%Local docker network}" field="localDockerNetwork" description='Adds the `--net your_network` parameter to FAST. Useful when your application runs inside of a docker container'>
             <f:textbox />
         </f:entry>
-        <f:entry title="${%LocalDockerIp}" field="localDockerIp" description="Adds the `--ip your_ip` parameter to FAST. Used when you need to address FAST while inside a docker network">
+        <f:entry title="${%Local docker ip}" field="localDockerIp" description="Adds the `--ip your_ip` parameter to FAST. Used when you need to address FAST while inside a docker network">
             <f:textbox />
         </f:entry>
-        <f:entry title="${%WithoutSudo}" field="withoutSudo" description='If checked, calls docker without sudo'>
+        <f:entry title="${%Without sudo}" field="withoutSudo" description='If checked, calls docker without sudo'>
             <f:checkbox />
         </f:entry>
     </f:section>

src/main/resources/io/jenkins/plugins/WallarmFastBuilder/help-fileExtensionsToExclude.html

@@ -0,0 +1,7 @@
+<div>
+	Static files found by FAST often do not contain vulnerabilities and to not react to payloads, however it is impossible to dynamically determine if the page is invulnerable to the used payloads or just doesn't proccess payloads at all. Excluding payloads from the scanning will speed up the testing proccess significantly.
+
+	Leave this field blank to scan all files found.
+
+	Default: 'js|jpeg|jpg|gif|png|css'
+</div>