ci: run pre-commit checks first

Since we already have `webwolf.port` it makes sense to also define `webwolf.port` explicitly and not rely on `server.port`

Closes: #1910

.github/workflows/build.yml

@@ -11,6 +11,25 @@ on:
             - main
 
 jobs:
+    pre-commit:
+        name: Pre-commit check
+        runs-on: ubuntu-latest
+        steps:
+            -   name: Checkout git repository
+                uses: actions/checkout@v4
+            -   name: Setup python
+                uses: actions/setup-python@v5
+                with:
+                    python-version: "3.9"
+            -   uses: actions/setup-java@v4
+                with:
+                    distribution: 'temurin'
+                    java-version: '21'
+            -   name: Pre-commit checks
+                uses: pre-commit/action@v3.0.0
+            -   name: pre-commit-ci-lite
+                uses: pre-commit-ci/lite-action@v1.1.0
+                if: always()
     build:
         runs-on: ${{ matrix.os }}
         strategy:
@@ -26,11 +45,6 @@ jobs:
                     distribution: 'temurin'
                     java-version: 21
                     architecture: x64
-            -   name: Cache Maven packages
-                uses: actions/cache@v4.1.1
-                with:
-                    path: ~/.m2
-                    key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
-                    restore-keys: ${{ runner.os }}-m2-
+                    cache: 'maven'
             -   name: Build with Maven
                 run: mvn --no-transfer-progress verify

.github/workflows/pre-commit.yaml

@@ -1,29 +0,0 @@
-name: Pre-commit check
-
-on:
-    pull_request:
-        branches: [main]
-    workflow_dispatch:
-
-permissions:
-    contents: read
-jobs:
-    pre-commit:
-        name: Pre-commit check
-        runs-on: ubuntu-latest
-        steps:
-            - name: Checkout git repository
-              uses: actions/checkout@v4
-            - name: Setup python
-              uses: actions/setup-python@v5
-              with:
-                    python-version: "3.9"
-            - uses: actions/setup-java@v4
-              with:
-                  distribution: 'temurin'
-                  java-version: '21'
-            - name: Pre-commit checks
-              uses: pre-commit/action@v3.0.0
-            - name: pre-commit-ci-lite
-              uses: pre-commit-ci/lite-action@v1.1.0
-              if: always()

.github/workflows/release.yml

@@ -21,13 +21,7 @@ jobs:
           distribution: 'temurin'
           java-version: 21
           architecture: x64
-
-      - name: Cache Maven packages
-        uses: actions/cache@v4.1.1
-        with:
-          path: ~/.m2
-          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
-          restore-keys: ${{ runner.os }}-m2
+          cache: 'maven'
 
       - name: "Set labels for ${{ github.ref }}"
         run: |

.github/workflows/test.yml

@@ -35,13 +35,7 @@ jobs:
                     distribution: 'temurin'
                     java-version: 21
                     architecture: x64
-            #Uses an action to set up a cache using a certain key based on the hash of the dependencies
-            -   name: Cache Maven packages
-                uses: actions/cache@v4.1.1
-                with:
-                    path: ~/.m2
-                    key: ubuntu-latest-m2-${{ hashFiles('**/pom.xml') }}
-                    restore-keys: ubuntu-latest-m2-
+                    cache: 'maven'
             -   uses: BSFishy/pip-action@v1
                 with:
                     packages: |

README.md

@@ -85,6 +85,16 @@ java -Dfile.encoding=UTF-8 -jar webgoat-2023.8.jar
 
 Click the link in the log to start WebGoat.
 
+### 3.1 Running on a different port
+
+If for some reason you want to run WebGoat on a different port, you can do so by adding the following parameter:
+
+```shell
+java -jar webgoat-2023.8.jar --webgoat.port=8001 --webwolf.port=8002
+```
+
+For a full overview of all the parameters you can use, please check the [WebGoat properties file](webgoat-container/src/main/resources/application-{webgoat, webwolf}.properties).
+
 ## 4. Run from the sources
 
 ### Prerequisites:

src/main/java/org/owasp/webgoat/server/ParentConfig.java

@@ -1,8 +1,6 @@
 package org.owasp.webgoat.server;
 
-import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 
 @Configuration
-@ComponentScan("org.owasp.webgoat.server")
 public class ParentConfig {}

src/main/java/org/owasp/webgoat/server/StartWebGoat.java

@@ -28,23 +28,30 @@ package org.owasp.webgoat.server;
 import lombok.extern.slf4j.Slf4j;
 import org.owasp.webgoat.container.WebGoat;
 import org.owasp.webgoat.webwolf.WebWolf;
-import org.springframework.boot.Banner;
+import org.springframework.boot.ResourceBanner;
 import org.springframework.boot.WebApplicationType;
 import org.springframework.boot.builder.SpringApplicationBuilder;
 import org.springframework.context.ApplicationContext;
+import org.springframework.core.io.ClassPathResource;
 
 @Slf4j
 public class StartWebGoat {
 
   public static void main(String[] args) {
     var parentBuilder =
-        new SpringApplicationBuilder()
-            .parent(ParentConfig.class)
-            .web(WebApplicationType.NONE)
-            .bannerMode(Banner.Mode.OFF);
-    parentBuilder.child(WebWolf.class).web(WebApplicationType.SERVLET).run(args);
+        new SpringApplicationBuilder().parent(ParentConfig.class).web(WebApplicationType.NONE);
+    parentBuilder
+        .child(WebWolf.class)
+        .banner(new ResourceBanner(new ClassPathResource("banner-webwolf.txt")))
+        .web(WebApplicationType.SERVLET)
+        .run(args);
+
     ApplicationContext webGoatContext =
-        parentBuilder.child(WebGoat.class).web(WebApplicationType.SERVLET).run(args);
+        parentBuilder
+            .child(WebGoat.class)
+            .banner(new ResourceBanner(new ClassPathResource("banner-webgoat.txt")))
+            .web(WebApplicationType.SERVLET)
+            .run(args);
 
     printStartUpMessage(webGoatContext);
   }

src/main/resources/application-webgoat.properties

@@ -2,7 +2,7 @@ server.error.include-stacktrace=always
 server.error.path=/error.html
 server.servlet.context-path=${WEBGOAT_CONTEXT:/WebGoat}
 server.servlet.session.persistent=false
-server.port=${WEBGOAT_PORT:8080}
+server.port=${webgoat.port}
 server.address=${WEBGOAT_HOST:127.0.0.1}
 webgoat.host=${WEBGOAT_HOST:127.0.0.1}
 webgoat.port=${WEBGOAT_PORT:8080}
@@ -15,7 +15,6 @@ server.ssl.key-store-password=${WEBGOAT_KEYSTORE_PASSWORD:password}
 server.ssl.key-alias=${WEBGOAT_KEY_ALIAS:goat}
 server.ssl.enabled=${WEBGOAT_SSLENABLED:false}
 
-spring.banner.location=classpath:banner.txt
 spring.datasource.url=jdbc:hsqldb:file:${webgoat.server.directory}/webgoat
 spring.datasource.driver-class-name=org.hsqldb.jdbc.JDBCDriver
 spring.jpa.open-in-view=false

src/main/resources/banner-webgoat.txt

@@ -0,0 +1,5 @@
+ __        __   _      ____             _
+ \ \      / /__| |__  / ___| ___   __ _| |_
+  \ \ /\ / / _ \ '_ \| |  _ / _ \ / _` | __|
+   \ V  V /  __/ |_) | |_| | (_) | (_| | |_
+    \_/\_/ \___|_.__/ \____|\___/ \__,_|\__|

src/main/resources/banner-webwolf.txt

@@ -0,0 +1,5 @@
+ __        __   _  __        __    _  __
+ \ \      / /__| |_\ \      / /__ | |/ _|
+  \ \ /\ / / _ \ '_ \ \ /\ / / _ \| | |_
+   \ V  V /  __/ |_) \ V  V / (_) | |  _|
+    \_/\_/ \___|_.__/ \_/\_/ \___/|_|_|

src/main/resources/banner.txt

@@ -1,6 +0,0 @@
-    __          __       _        _____                   _
-    \ \        / /      | |      / ____|                 | |
-     \ \  /\  / /  ___  | |__   | |  __    ___     __ _  | |_
-      \ \/  \/ /  / _ \ | '_ \  | | |_ |  / _ \   / _' | | __|
-       \  /\  /  |  __/ | |_) | | |__| | | (_) | | (_| | | |_
-        \/  \/    \___| |_.__/   \_____|  \___/   \__,_|  \__|