Gradle Plugin Manual
Installation
First you need to extract the package archive to a folder that you have access to.
Next, you need to tell Gradle where to find the plugin and its dependencies. Make the
following additions to settings.gradle
and build.gradle
:
In settings.gradle
add:
pluginManagement {
repositories {
gradlePluginPortal()
maven {
url 'file:///path/to/cryptosense-gradle-plugin/'
}
}
}
And in build.gradle
:
plugins {
...
id 'cryptosense' version '0.5.0'
}
...
repositories {
...
maven {
url 'file:///path/to/cryptosense-gradle-plugin/'
}
}
Configuration
The plugin needs four configuration values: apiKey
, apiUrl
, projectId
and
profileId
. Specify them by adding a cryptosense
section to build.gradle
:
cryptosense {
apiKey = System.getenv('CS_API_KEY')
apiUrl = System.getenv('CS_ROOT_URL')
projectId = System.getenv('CS_PROJECT_ID').toInteger()
profileId = System.getenv('CS_PROFILE_ID').toInteger()
}
Here we have configured it so that Gradle gets these values from environment variables. This is the recommended method, but if you prefer, you can specify the values directly:
cryptosense {
apiKey = '<your-API-key>'
apiUrl = 'https://analyzer.cryptosense.com'
projectId = <your-project-id>
profileId = <your-profile-id>
}
The values for projectId
and profileId
are visible in the web application:
projectId
as part of the URLhttps://analyzer.cryptosense.com/project/<projectId>/dashboard
profileId
as part of the URLhttps://analyzer.cryptosense.com/organization/profiles/<profileId>/detail
Note that projectId
and profileId
are integer values, so should not be in quotes.
Usage
./gradlew cleanTest test -Pwith-cryptosense
This will:
- Run your application's test suite with the Cryptosense tracer attached
- Generate a trace file and save it in
./cs-tracer/
- Upload the trace to the CAP instance running at
apiUrl
- Add it to the project
projectId
- Analyze it using profile
profileId
and generate a report - Download a summary of any cryptographic problems found in the report
- Fail the build if any problems are detected
- Print a direct link to the relevant report browsable in CAP.