Wabbi extension for Visual Studio Code

This extension allows developers to view work items (tickets) registered with Wabbi, the security policies associated with each ticket, and attest to following the associated policies as part of their work for the ticket.

Debugging Locally

To run the plugin in debug mode, run the launch.json configuration 'Run Extension' in vscode. This should open a separate window of vscode with the Wabbi plugin able to be used (select from the sidebar).

You can set breakpoints in any of the ts files, such as the main extension.ts, or any of the provider.ts files (projects, tickets, policies).

You cannot set breakpoints in vscode for the vanilla javascript files, under resources/webview-js (config-script.js + policy-detail-script.js) However, you can set breakpoints for these scripts in the running instance of the plugin, by using the native vscode developer webview tools (similar to chrome inspector).

To open the webview developer tools, use the shortcut ctrl+shift+p (cmd+shift+p on mac) and then type "Developer: Toggle Developer Tools"

you can see network traffic, console output, and set breakpoints in the sources tab just as you can in a browser

Installing the Plugin

To package + install the plugin, run the npm script: npm run package

running the package command (macro for vsce package), will generate a .vsix file which can be uploaded as a custom extension

Install the extension in vscode by going to the Extensions tab (left sidebar), opening the ... menu, and clicking 'Install from VSIX...'

Getting Started

After the Wabbi extension is installed, you must login into the Wabbi portal for your organization to generate an API key. After login, click on the avatar for your account in the upper right corner. A menu will appear. Select the menu option "API Token."

You will now be given the chance to create an API token. . Ensure you securely store it as this is the only time you will have the opportunity to do so.

Once you have an API token you can now configure the Wabbi extension for use. Simply click on Wabbi icon in the Activity Bar. The Wabbi extension will load in the Side Bar. On the bottom of the bar in the Options panel, Click "Login to Wabbi." The Wabbi Settings window will open. You can provide the URL of the Wabbi portal your organization uses as well as the API key you generated.

Wabbi extension Login

Viewing Policies

Once you login you can use the Side Bar to select which project and ticket you want to view the policies for. Once you select a policy it will be displayed in the Policy Details window.

As you review each policy you can accept and acknowledge that you have read and understood the security policy and taken the necessary steps to comply with the policy by selecting “Accepted”. In the case where you believe the policy cannot be followed, you can provide a reason as to why and mark the policy for that ticket as “Dismissed.” You can return at any time to see if your dismissal of a policy was “Rejected” or if it was allowed to pass “Suppressed.”

Known Issues

None at this time.