Install the Go agent using a container

The Go agent has two main components: contrast-go (a build tool) and the agent itself (a package injected into your app at build time by contrast-go).

You can download contrast-go with a curl command, or from a repository or package manager. You will also need to configure the agent to connect with Contrast. You can use a YAML configuration file or environment variables. You can download the YAML from Contrast, or create your own from a template.

When running the agent you will also need the Contrast service running in the background. When installing the Contrast Go agent in a container, you just need to follow these steps in your container image file.

Tip

If you would like to explore a sample application using the Go agent and running the Contrast service in a separate container, see the Go Test Bench open source project.

Before you begin

This topic provides general guidance for installing the Contrast Go agent in a containerized application, with Docker as an example.

You should have a basic understanding of how containers and related software work. You may need to adjust the instructions to meet your specific circumstances.

Build your application with contrast-go

Follow the instructions to install the Go agent.

  1. Download the Go agent. Either use the curl below, or install with Debian.

    RUN curl -L https://pkg.contrastsecurity.com/go-agent-release/latest/linux-amd64/contrast-go > contrast-go
    
  2. Ensure the correct permissions are set

    RUN chmod u+x contrast-go
  3. Replace your normal go build command with contrast-go build. This will give you an executable with Contrast embedded in it.

    RUN ./contrast-go build -o instrumented-app

Run your instrumented application

  1. Get the Contrast service using this curl command.

    RUN curl -L https://pkg.contrastsecurity.com/contrast-service-release/latest/linux-amd64/contrast-service > contrast-service
    
  2. Ensure the correct permissions are set

    RUN chmod u+x contrast-service
  3. Copy the contrast_security.yaml config file from your file system into the container.

    COPY ./contrast_security.yaml contrast_security.yaml

    Tip

    Alternatively, you can pass the properties as environment variables to the container, using docker run -e <PROPERTY> for example. See the Docker documentation for more details.

  4. Run your application with the Contrast service in the background.

    CMD ./contrast-service & ./instrumented-app

See also