Commit 0bed6856 authored by FulcrandG's avatar FulcrandG
Browse files

Adding zaproxy job

parent 3f66c0be
Loading
Loading
Loading
Loading

jobs/zaproxy/README.md

0 → 100644
+40 −0
Original line number Diff line number Diff line
# 🔎 Zaproxy

## Description

Run a Dynamic Application Security Testing (DAST) in a docker image
using [Zaproxy](https://www.zaproxy.org/), the OWASP web app scanner.

## How to use it

1. Build a docker image of your web application so that this job can
use it as a service (we reccomend using our [Docker](https://hub.go2scale.io/jobs/build/docker_build/) job for it)
2. Add the corresponding URL to your `.gitlab-ci.yml` file (see [Getting
   started](/use-the-hub)). Example:

    ```yaml
    include:
      - remote: 'https://jobs.go2scale.io/zaproxy.yml'

    zaproxy:
      service:
         - name: {{ your image }}
           alias: app
    ```
3. If you need to customize the job (stage, variables, ...) 👉 check the [jobs
   customization](/use-the-hub/#jobs-customization)
4. Well done, your job is ready to work ! 😀

## Job details

* Job name: `zaproxy`
* Docker image:
[`owasp/zap2docker-stable:2.9.0`](https://hub.docker.com/r/owasp/zap2docker-stable)
* Default stage: `dynamic_tests`
* When: `always`

### Variables

| Name | Description | Default |
| ---- | ----------- | ------- |
| `VARIABLE` <img width=100/> | A general variable for this job <img width=175/>| `{{ variable }}` <img width=100/>|

jobs/zaproxy/job.yml

0 → 100644
+6 −0
Original line number Diff line number Diff line
name: zaproxy
description: A ready-to-use job to run DAST using Zaproxy
default_stage: dynamic_tests
icon: 🔎
maintainer: FulcrandG
license: MIT
+1 −0
Original line number Diff line number Diff line
* Initial version
 No newline at end of file
+10 −0
Original line number Diff line number Diff line
stages:
  - dynamic_tests

job_name:
    image: owasp/zap2docker-stable:2.9.0
    stage: dynamic_tests
    variables:
      VARIABLE: {{ variable }}
    script:
      - echo "${VARIABLE}"