Install the agent when creating the Docker image (Legacy)
Note
This procedure applies to version 4 and earlier of the Node.js agent.
Another option for installing the Contrast agent for a Node.js app is to run the npm install command as part of the Docker image creation instead of changing the package.json file in the source code repository.
This may be more desirable if you only want to modify the Docker file to be able to run a security test with the agent.
Example:
FROM node:18 as installer COPY . /juice-shop WORKDIR /juice-shop RUN npm i -g typescript ts-node RUN npm install --omit=dev --unsafe-perm RUN npm install @contrast/agent@4.x RUN npm dedupe # Neeed to explicitly set Assess mode ENV CONTRAST__APPLICATION__NAME=juice-assess-docker-slim ENV CONTRAST__ASSESS__ENABLE=true ENV CONTRAST__AGENT__LOGGER__STDOUT=true ENV CONTRAST__AGENT__LOGGER__PATH=/dev/null ENV DEBUG="contrast:*" ENV CONTRAST__AGENT__NODE__REWRITE_CACHE__PATH="/juice-shop/rewrite_cache" RUN npx contrast-transpile build/app.js RUN rm -rf frontend/node_modules RUN rm -rf frontend/.angular RUN rm -rf frontend/src/assets RUN mkdir logs RUN chgrp -R 0 ftp/ frontend/dist/ logs/ data/ i18n/ RUN chmod -R g=u ftp/ frontend/dist/ logs/ data/ i18n/ #RUN rm data/chatbot/botDefaultTrainingData.json || true #RUN rm ftp/legal.md || true #RUN rm i18n/*.json || true FROM node:18-slim ARG BUILD_DATE ARG VCS_REF WORKDIR /juice-shop COPY --from=installer /juice-shop . EXPOSE 3000 # The following environment variables were added ENV CONTRAST__APPLICATION__NAME=juice-assess-docker-slim ENV CONTRAST__AGENT__SERVICE__GRPC=true ENV CONTRAST__AGENT__LOGGER__STDOUT=true ENV CONTRAST__AGENT__LOGGER__PATH=/dev/null ENV DEBUG="contrast:*" ENV CONTRAST__AGENT__NODE__REWRITE_CACHE__PATH="/juice-shop/rewrite_cache" # This explicitly turns on Assess mode ENV CONTRAST__ASSESS__ENABLE=true ENV CONTRAST__ASSESS__ENABLE_LAZY_TRACKING=false ENV CONTRAST__AGENT__NODE__APP_ROOT=/juice-shop CMD ["node", "-r", "@contrast/agent", "build/app.js"]