In order to capture code coverage on your backend server, you need to run it using our Python test listener agent. Below you’ll find several options depending on your server type.
| Table of Contents |
|---|
| Note |
|---|
The below commands assume the token and session id are located in the working directory. If not, you can provide the file locations using the sl.tokenFile and sl.buildSessionIdFile environment variables |
uWSGI
When working with uWSGI, you need to run it with the following flags either in the command line or in the uwsgi configuration file: --enable-threads --single-interpreter --lazy-apps --import python_agent.init
If you need to pass the parameters via the CLI, the command line will be similar to this
| Code Block |
|---|
uwsgi ... --enable-threads --single-interpreter --import python_agent.init |
If using the uWSGI config file option, the content should look like the sample below
| Code Block |
|---|
[uwsgi]
...
enable-threads = true
single-interpreter = true
import = python_agent.init |
Gunicorn WSGI
When working with Gunicorn WSGI you need to run it with the following a configuration file which contains an import of the SeaLights Python agent in the post_fork section
| Code Block |
|---|
...
def post_fork(server, worker):
import python_agent.init
... |
Other servers (Generic solution)
For other servers, run with the SeaLights Python agent and the run flags
| Code Block |
|---|
sl-python run {--cov-report /path/to/report.xml --labid Lab1} <your server and args...> |
...
Deployment types
Standalone
When deploying the application, the Sealights agent, which was embedded in the application via static instrumentation, will run when enabled.
Lambda
When deploying to lambda, the performance and network communication are critical. Therefore the scan should be done with light-mode set to true, and the lambda agent should communicate through the Sealights collector rather than directly to the Sealights servers by setting the collector-url.
See Using Go Agent - Scanning a build for more information regarding the
light-modeandcollector-urlSee Sealights Node.js Agent - run Browser Agent with Sealights Https Collector for more information on the collector
Enabling the agent
If during the scan, the flag --disable-on-init true was provided, then the agent will be off by default. This is the recommended way to work as it prevents the agent from being accidentally in an environment not meant to have the agent running in.
To enable the agent, you need to provide the env variable
SEALIGHTS_DISABLE_ON_INITset to falseIf the
--disable-on-initwas not provided or set to false, then the agent will start working automatically with your application. To disable it, you can provide the env variableSEALIGHTS_DISABLEset to true
Providing a lab ID
To associate the application to a lab that the tests run against, the Lab ID needs to be provided via the dedicated environment variable SEALIGHTS_LAB_ID
For example, you can use the following commands:
Dockerfile |
| |||||
Linux |
| |||||
Powershell |
|
Additional Environment variables
The go agent sets the runtime configuration during the scan process. however, in some cases, there is a need to override the configuration parameters during runtime.
This can be done via environment variables as below:
Environment Variable Name | Default Value | Description |
|---|---|---|
|
| You need to set this env variable to false in order to enable sealights when running the scan with |
|
| If you do not run the scan with |
| ““ | Setting Collector URL in light mode (for lambda apps) |
| BuildSession Id | Setting Lab Id |
| ““ | Proxy URL for connection to server |
|
| Min log level: “ |
|
| Enable/Disable agent mode in light mode (for lambda apps) |