Installation

Standard Installation

Installation

After downloading from your account, install the agent from your application's root directory as follows:

npm install node_contrast-#.#.#.tar.gz

This will add the agent to your node_modules folder without creating an entry in the dependencies list of your package.json.

Setup

When you download the Node agent, you will also be directed to download a configuration file. By default, the agent looks for this configuration file in your application's root directory and expects the file to be called contrast_security.yaml. The minimum required contrast_security.yaml setup should look something like this:

contrast:
  url: https://app.contrastsecurity.com
  user_name: contrast_user
  api_key: demo
  service_key: demo
Property Description
contrast.api_key Organization's API key
contrast.user_name Contrast user account ID
(In most cases, this is your login ID)
contrast.service_key Contrast user account service key
contrast.url Address of the Contrast installation you would like your agent to report to

For a full list of configuration options that can be placed in this file, see Node Agent Configuration.

Run the Agent

First, add the following script to your application's package.json:

"scripts": {
    "contrast": "node-contrast <app-main>.js",
    "start": ...,
    "test": ...
}

Then, the agent can be run with npm run contrast. This npm script can be changed to include other runtime configurations, such as an alternate configuration file location. For more information, see Node Agent Configuration.

Installation on Bluemix

Use the Contrast agent to instrument Node applications deployed on IBM Bluemix. The following steps walk you through the installation process.

Download

  • Download the Node.js agent from Contrast.

  • Download the contrast_security.yaml file from Contrast.

Setup

  • In the contrast_security.yaml file, you can configure the name of the server to which this application will report. (Contrast recommends that you complete this step to avoid creating duplicate servers in the application.) To configure the server name as "BluemixNodeServer" in Contrast, add server.name: BluemixNodeServer.

Example:

 contrast:
   url: https://app.contrastsecurity.com
   user_name: contrast_user
   api_key: demo
   service_key: demo
 server:
   name: BluemixNodeServer


Note: To find other options for customizing the Node agent, go to the Configuration article.

  • Create a folder named contrast in your application’s root directory.

  • Move the node-contrast-.tgz and the contrast_security.yaml files into the contrast folder.

  • In the application’s package.json file, create a new script. For a startup script named index.js, add the following line:

"bluemix-with-contrast": "npm install /home/vcap/app/contrast/node-contrast-
x.y.z.tgz && node-contrast index.js -c /home/vcap/app/contrast/contrast_security.yaml",

Run the Agent

  • Since Bluemix runs the start script by default, you must change the start command to point to the bluemix-with-contrast line given in the previous step.
"start":"npm run bluemix-with-contrast"
Now the scripts section of the package.json should look like the following:
"scripts": {
"bluemix-with-contrast": "npm install /home/vcap/app/contrast/node-contrast-
x.y.z.tgz && node-contrast index.js -c /home/vcap/app/contrast/contrast_security.yaml",
"start":"npm run bluemix-with-contrast”
},
  • Push the application to Bluemix using cf push <application name> -t 180.

Once the the deploy is finished, you should see the application in Contrast.