Gradle Plugin getting started

Before you begin

Please make sure that you have the following information available:

• Your AQtive Guard root URL - optional
  • For SaaS, the default URL is your-domain.aqtiveguard.sandboxaq.com.
  • For AQtive Guard on-premises, the URL will be in the form https://domain.example.net.
• Your AQtive Guard API Key - required
  • Refer to Retrieve the API key for more details.

• Your target project ID (projectId) - required. The project ID is the number that follows project in the project overview page URL: your-domain.aqtiveguard.sandboxaq.com/project/your-project-id/dashboard

  • Refer to Find the project ID for details.

• Your target profile ID (profileId) - required. The profile ID is the number that follows profiles in the AQtive Guard web interface URL: your-domain.aqtiveguard.sandboxaq.com/organization/profiles/your-profile-id/detail

  • Refer to Find the profile ID for details.

Installation

1. Extract the package to a folder that you can access.
2. Tell Gradle where to find the plugin and its dependencies. Make the following additions to settings.gradle and build.gradle:

Note

The plugin can also be added to a Gradle repo or to a Gradle local.

Add the following to settings.gradle:

Groovy

pluginManagement {
    repositories {
        gradlePluginPortal()
        maven {
          url 'file:///path/to/sandbox-gradle-plugin/'
        }
    }
}

Add the following to build.gradle:

Groovy

plugins {
    ...
    id 'cryptosense' version '0.10.0'
}
...
repositories {
    ...
    maven {
        url 'file:///path/to/sandbox-gradle-plugin/'
    }
}

Configuration

The plugin requires four configuration values:

• apiKey
• apiUrl
• projectId
• profileId

Specify these by adding a cryptosense section to build.gradle:

Groovy

cryptosense {
    apiKey = System.getenv('CS_API_KEY')
    apiUrl = System.getenv('CS_API_URL')
    projectId = System.getenv('CS_PROJECT_ID').toInteger()
    profileId = System.getenv('CS_PROFILE_ID').toInteger()
}

This guide assumes that Gradle is configured to get these values from environment variables.

While this is the recommended method, you can also specify the values directly:

Groovy

cryptosense {
    apiKey = '<your-API-key>'
    apiUrl = '<your-control-center-URL>'
    projectId = <your-project-id>
    profileId = <your-profile-id>
}

The values for projectId and profileId are visible in the AQtive Guard web interface. Refer to Before you begin for details.

Note

projectId and profileId are integers and shouldn’t be in quotes.

Usage

Run the following command:

Bash

./gradlew cleanTest test -Pwith-cryptosense

This command will:

• Run your application’s test suite with the SandboxAQ Java Tracer attached.
• Create a ./cs-tracer/ folder if it doesn’t already exist.
• Generate a trace file and save it in ./cs-tracer/.
• Upload the trace to the AQtive Guard instance running at apiUrl.
• Add the trace to the project projectId.
• Analyze the trace using profile profileId and generate a report.
• Download a summary of any cryptographic problems found in the report.
• Provide a direct link to the associated report in AQtive Guard.

Note

The build will fail if any errors are detected.