As we reach the end of September 2024, ThreadFix version 3.x on-premises has officially reached its End-of-Life. Therefore, there is no longer support or updates for this version of the product. We have fully transitioned our product and development teams to focus ThreadFix SaaS and migrating all customers over from the on-premises versions. Our Customer Success and Support teams are here to help you in migrating to ThreadFix SaaS and maximizing the value you see from this improved offering from Coalfire. This is the next phase of ThreadFix and our team is looking forward to continuing to support you on this journey.

ESAPI Properties

Owned by Eric Cuevas (Unlicensed)
Last updated: Jan 31, 2023 by Daniel ColonVersion comment
2 min read

You will learn

How to install Helm and modify ESAPI properties.

Prerequisites

Audience: IT Professional
Difficulty: Basic
Time needed: Approximately 10 minutes
Tools required: See Pre-requisites list below

Pre-requisites List:

  • ThreadFix instance running in Kubernetes

  • kubectl access to Kubernetes cluster

  • Helm version greater than 3.5

  • Bash compatible terminal

Download Default Properties

If the ESAPI.properties file has not been modified, first download the default properties file and setup to current user values.

Enter the following commands on a command line to perform the described action.

  1. Get the Helm release name for the ThreadFix instance.

    TF_RELEASE=$(helm ls | grep threadfix | awk '{print $1}')

     

  2. Get the current version of ThreadFix.

    TF_VERSION=$(helm ls --filter "$TF_RELEASE" | grep -o 'threadfix-[Az0-9\.\-]*' | sed 's|threadfix-||g')

     

  3. Pull the ThreadFix chart locally.

    helm pull denimgroup/threadfix --version $TF_VERSION

     

  4. Unzip the ThreadFix chart archive.

     

  5. Convert ESAPI.properties to yaml format.

     

  6. Export the currently installed Helm values.

     

  7. Backup values to a separate file.

     

  8. Add default ESAPI.properties to myValues.yaml.

Get Existing Settings

If the ESAPI.properties has already been setup and the user wants to change settings, download the current values from the installation.

  1. Get the Helm release name for the ThreadFix instance.

     

  2. Get the current installed version of ThreadFix.

     

  3. Export the currently installed Helm values.

     

  4. Backup values to a separate file.

Make Changes and Apply

  1. Change ESAPI settings:

    1. Open myValues.yaml in a text editor.

    2. Locate the 'ESAPI.properties' section.

    3. Edit properties as desired.

    4. Save the file.

  2. Update the ThreadFix Helm installation.

    Note: if not using 'denimgroup/threadfix' as the chart name, this value must be changed to the location of the ThreadFix chart. Use helm search repo threadfix to find the correct chart name.

  3. Restart the ThreadFix deployments.

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.