Skip to content

Gradle Plugin getting started🔗

Before you begin🔗

Please make sure that you have the following information available:

  • AQtive Guard root URL - optional
    • The default for this URL is https://analyzer.cryptosense.com if you use SaaS.
    • If you installed AQtive Guard on-premises, it will be in the form https://domain.example.net.
  • Your Sandbox API Key - required
    • This key can be found at <https://analyzer.cryptosense.com/api>.
  • Your target project ID (projectId) - required
    • Found in the project overview URL in the Web Interface: https://analyzer.cryptosense.com/project/<projectId>/dashboard
    • See Find the project ID.
  • Your target profile ID (profileId) - required
    • Found in the profiles page URL in the Web Interface: https://analyzer.cryptosense.com/organization/profiles/<profileId>
    • See Find the profile ID.

Installation🔗

  1. Extract the package to a folder that you can access.
  2. Tell Gradle where to find the plugin and its dependencies. Make the following additions to settings.gradle and build.gradle:

Note

The plugin can also be added to a Maven repo or to a Maven local.

In settings.gradle add:

Groovy
pluginManagement {
    repositories {
        gradlePluginPortal()
        maven {
          url 'file:///path/to/sandbox-gradle-plugin/'
        }
    }
}

And in build.gradle:

Groovy
plugins {
    ...
    id 'cryptosense' version '0.10.0'
}
...
repositories {
    ...
    maven {
        url 'file:///path/to/sandbox-gradle-plugin/'
    }
}

Configuration🔗

The plugin needs four configuration values:

  • apiKey
  • apiUrl
  • projectId
  • profileId

Specify these by adding a cryptosense section to build.gradle:

Groovy
cryptosense {
    apiKey = System.getenv('CS_API_KEY')
    apiUrl = System.getenv('CS_API_URL')
    projectId = System.getenv('CS_PROJECT_ID').toInteger()
    profileId = System.getenv('CS_PROFILE_ID').toInteger()
}

Here we have configured it so that Gradle gets these values from environment variables. This is the recommended method, but if you prefer, you can specify the values directly:

Groovy
cryptosense {
    apiKey = '<your-API-key>'
    apiUrl = '<your-control-center-URL>'
    projectId = <your-project-id>
    profileId = <your-profile-id>
}

The values for projectId and profileId are visible in the Web Interface. See Before you begin for details.

Note

projectId and profileId are integers and shouldn’t be in quotes.

Usage🔗

Bash
./gradlew cleanTest test -Pwith-cryptosense

This will:

  • Run your application’s test suite with the SandboxAQ Java Tracer attached.
  • Create a ./cs-tracer/ folder if it doesn’t exist.
  • Generate a trace file and save it in ./cs-tracer/.
  • Upload the trace to the AQtive Guard instance running at apiUrl.
  • Add the trace to the project projectId.
  • Analyze the trace using profile profileId and generate a report.
  • Download a summary of any cryptographic problems found in the report.
  • Fail the build if any problems are detected.
  • Provide a direct link to the associated report in AQtive Guard.