The procedures in this article integrate the Cequence Unified API Protection (UAP) platform with the CircleCI continuous integration tool.
Before you start
Note the base URL of your Cequence UAP platform instance. The base URL is the URL of the management portal, typically of the form https://ui.<your-tenant-name>.<domain>, without the ui. element.
Confirm that you have credentials for the Docker image. These credentials are provided by your Cequence support team.
Generating a client ID and client secret
Several Cequence components must authenticate to the Cequence UAP platform in order to transmit and receive data. Create authentication credentials in the Cequence UAP platform to enable this authentication.
- Log in to the UAP management portal UI.
The URL for the management portal is typically of the form https://ui.<your-tenant-name>.<domain>. Replace <your-tenant-name> with the name of your Cequence tenant organization. Replace <domain> with your domain name. - Select General Settings > User Management.
The User Management pane appears. - Click the Clients tab.
- Click Add New Client.
The new client dialog box appears. - Type the client name in the Client Name field.
This name is the client ID. Note the client ID for later use. - Enable the Traffic Ingestion toggle.
- (Optional) To change the token lifespan from the default of 1800 seconds, type a whole number of seconds in Token Lifespan.
- Click Save.
A dialog box with the client secret appears. - Click the blue Copy icon to copy the secret to the clipboard, then click Close.
The client is now set up. Note the client name for future use.
The client list appears. - Note the value of the client secret for later use. This value will not be shown again later on the UI for security reasons.
Generating a test plan
The Cequence UAP platform can generate a test plan based on an OpenAPI spec or a Postman collection.
- Log in to the UAP management portal UI.
The URL for the management portal is typically of the form https://ui.<your-tenant-name>.<domain>. Replace <your-tenant-name> with the name of your Cequence tenant organization. Replace <domain> with your domain name. - Select API Security testing > Create Test Plan.
The Create Test Plan wizard appears. - Upload the source file.
The source file can be an OpenAPI spec or a Postman collection. - Complete the wizard.
The Cequence UAP platform generates and displays the test plan. - Note the test plan ID for later use.
Integrating with CircleCI
Examine the project repository for all occurrences of the file .circleci/config.yml. In each occurrence of that file, add the following code as a stage of the existing pipeline. Replace elements in <> with the actual values obtained earlier in this article.
version: 2.1
jobs:
run-cq-tests:
docker:
- image: registry.gitlab.com/cequence/api-testing/fury-runner:latest
auth:
username: <Insert the username obtained in step 1>
password: <Insert the password obtained in step 1>
environment:
CQ_UAP_CLIENT_ID: "<Client ID>"
CQ_UAP_CLIENT_SECRET: "<Client Secret>"
CQ_TEST_PLAN_ID: "<Test plan ID>"
CQ_UAP_BASE_HOST: "<Base host URL>"
CQ_TEST_TARGET_SERVER: "<hostname of the server to test>"
CQ_TEST_PLAN_BUNDLE_MODE: "CEQUENCE"
CQ_TEST_RUN_NAME: pipeline.git.revision
CQ_TEST_RUN_CICD_LINK: $CIRCLE_BUILD_URL
steps:
- run:
name: Run CQ security tests
shell: /bin/sh
command: |
env | grep CQ_
cd /app && node .
workflows:
ci-workflow:
jobs:
- run-cq-tests