The Contrast Security Agent Framework causes an application to be automatically configured to work with a bound Contrast Security Service.
Detection Criterion | Existence of a single bound Contrast Security service. The existence of an Contrast Security service defined by the VCAP_SERVICES payload containing a service name, label or tag with contrast-security as a substring.
|
When binding ContrastSecurity using a user-provided service, it must have name or tag with contrast-security
in it. The credential payload can contain the following entries:
Name | Description |
---|---|
api_key |
Your user's api key |
service_key |
Your user's service key |
teamserver_url |
The base URL in which your user has access to and the URL to which the Agent will report. ex: https://app.contrastsecurity.com |
username |
The account name to use when downloading the agent |
For general information on configuring the buildpack, including how to specify configuration values through environment variables, refer to Configuration and Extension.
The framework can be configured by modifying the config/contrast_security_agent.yml
file in the buildpack fork. The framework uses the Repository
utility support and so it supports the version syntax defined there.
Name | Description |
---|---|
repository_root |
The URL of the Contrast Security repository index (details). |
default_server_name |
The default server name for this application in the Contrast dashboard. The default value is an expression that will be evaluated based on the space_name , application_name , and instance_index of the application. |
version |
The version of Contrast Security to use. Candidate versions can be found in this listing. |