|License Type||SaaS & On-Premise|
|Agent Mode||Assess & Protect|
|Main Product Category||Java Agent|
Learn one way you can integrate the Java agent with your Docker infrastructure. In this example, we'll be instrumenting WebGoat, an executable .jar file deployed in a Docker container.
- Create a folder for the application then change to that directory
mkdir ~/projects/docker/webgoat7.1/ cd ~/projects/docker/webgoat7.1/
- Create a blank Dockerfile
- Edit the Dockerfile in a text editor and paste the following into it:
NOTE: You'll need to edit the curl command on line 6 to point it to your own organization.
FROM anapsix/alpine-java:jdk8 ENV APP / RUN apk update && apk add ca-certificates && update-ca-certificates && apk add openssl RUN apk update; apk add curl RUN wget https://github.com/WebGoat/WebGoat/releases/download/7.1/webgoat-container-7.1-exec.jar RUN curl -X GET <Teamserver URL>/Contrast/api/ng/<OrganizationID> -H 'Authorization: <Authorization>' -H 'API-Key: <API KEY>' -o contrast.jar WORKDIR $APP EXPOSE 8080 CMD ["java","-javaagent:contrast.jar","-Dcontrast.override.appname=WebGoatDocker","-Dcontrast.server=DockerServer","-jar","webgoat-container-7.1-exec.jar"]
- We are downloading the latest Java agent through a curl command and placing it in the same directory as our WebGoat springboot jarfile. For steps on create a curl command, please refer to our documentation here.
- The Java startup command contains the javaagent along with a few configuration properties to make sure the application shows up in the teamserver correctly Build the Dockerfile and create a new image
- Build the Dockerfile and create a new image
docker build ~/projects/docker/webgoat7.1/
- Verify the new image was created
You should see the following output, the image with 1526b2ff885c was just created with the above Docker build command.
- Create a container out of the image and run it
docker run -p 8080:8080 -t <Image ID>
- In your browser, go to http://localhost:8080/WebGoat to make sure the container started up correctly and you can access the application
- In the Contrast UI, you should see the application show up:
Along with the server: