Loading jobs/zaproxy/README.md +1 −1 Original line number Diff line number Diff line Loading @@ -37,6 +37,6 @@ use it as a service (we reccomend using our [Docker](https://hub.go2scale.io/job | Name | Description | Default | | ---- | ----------- | ------- | | `ZAP_SCANNERS` <img width=100/> | A comma-spearated list of scanners to use <img width=175/>| ` ` <img width=100/>| | `ZAP_OPTIONS` <img width=100/> | ZAP command line options e.g. `-z "-config aaa=bbb -config ccc=ddd"` <img width=175/>| ` ` <img width=100/>| | `ZAP_CONTEXT` | Path for the context file for authenticated scans | ` ` | | `ZAP_TARGET` | Target for zaproxy to scan, default using alias of the docker image used as a service | `http://app` | jobs/zaproxy/zaproxy.yml +7 −8 Original line number Diff line number Diff line Loading @@ -5,25 +5,24 @@ zaproxy: image: owasp/zap2docker-stable:2.9.0 stage: dynamic_tests variables: ZAP_SCANNERS: "" ZAP_OPTIONS: "" ZAP_CONTEXT: "" ZAP_TARGET: "http://app" script: - if [ ! -z ${ZAP_CONTEXT} ]; then - zap-cli context import ${ZAP_CONTEXT} - if [ ! -z ${ZAP_SCANNERS}]; then - zap-cli quick-scan -s ${ZAP_SCANNERS} --context-name ${ZAP_CONTEXT} --start-options '-config api.disablekey=true' ${ZAP_TARGET} - if [ ! -z ${ZAP_OPTIONS}]; then - python zap-full-scan.py -n ${ZAP_CONTEXT} -z ${ZAP_OPTIONS} -t ${ZAP_TARGET} -r zap-report.html - else - zap-cli quick-scan --context-name ${ZAP_CONTEXT} --start-options '-config api.disablekey=true' ${ZAP_TARGET} - python zap-full-scan.py -n ${ZAP_CONTEXT} -t ${ZAP_TARGET} -r zap-report.html - fi - else - if [ ! -z ${ZAP_SCANNERS}]; then - zap-cli quick-scan -s $ {ZAP_SCANNERS} --start-options '-config api.disablekey=true' ${ZAP_TARGET} - if [ ! -z ${ZAP_OPTIONS}]; then - python zap-full-scan.py -z ${ZAP_OPTIONS} -t ${ZAP_TARGET} -r zap-report.html - else - zap-cli quick-scan --start-options '-config api.disablekey=true' ${ZAP_TARGET} - python zap-full-scan.py -t ${ZAP_TARGET} -r zap-report.html - fi - fi - zap-cli report -o zap-report.html -f html artifacts: expose_as: "Zaproxy scan report" paths: Loading Loading
jobs/zaproxy/README.md +1 −1 Original line number Diff line number Diff line Loading @@ -37,6 +37,6 @@ use it as a service (we reccomend using our [Docker](https://hub.go2scale.io/job | Name | Description | Default | | ---- | ----------- | ------- | | `ZAP_SCANNERS` <img width=100/> | A comma-spearated list of scanners to use <img width=175/>| ` ` <img width=100/>| | `ZAP_OPTIONS` <img width=100/> | ZAP command line options e.g. `-z "-config aaa=bbb -config ccc=ddd"` <img width=175/>| ` ` <img width=100/>| | `ZAP_CONTEXT` | Path for the context file for authenticated scans | ` ` | | `ZAP_TARGET` | Target for zaproxy to scan, default using alias of the docker image used as a service | `http://app` |
jobs/zaproxy/zaproxy.yml +7 −8 Original line number Diff line number Diff line Loading @@ -5,25 +5,24 @@ zaproxy: image: owasp/zap2docker-stable:2.9.0 stage: dynamic_tests variables: ZAP_SCANNERS: "" ZAP_OPTIONS: "" ZAP_CONTEXT: "" ZAP_TARGET: "http://app" script: - if [ ! -z ${ZAP_CONTEXT} ]; then - zap-cli context import ${ZAP_CONTEXT} - if [ ! -z ${ZAP_SCANNERS}]; then - zap-cli quick-scan -s ${ZAP_SCANNERS} --context-name ${ZAP_CONTEXT} --start-options '-config api.disablekey=true' ${ZAP_TARGET} - if [ ! -z ${ZAP_OPTIONS}]; then - python zap-full-scan.py -n ${ZAP_CONTEXT} -z ${ZAP_OPTIONS} -t ${ZAP_TARGET} -r zap-report.html - else - zap-cli quick-scan --context-name ${ZAP_CONTEXT} --start-options '-config api.disablekey=true' ${ZAP_TARGET} - python zap-full-scan.py -n ${ZAP_CONTEXT} -t ${ZAP_TARGET} -r zap-report.html - fi - else - if [ ! -z ${ZAP_SCANNERS}]; then - zap-cli quick-scan -s $ {ZAP_SCANNERS} --start-options '-config api.disablekey=true' ${ZAP_TARGET} - if [ ! -z ${ZAP_OPTIONS}]; then - python zap-full-scan.py -z ${ZAP_OPTIONS} -t ${ZAP_TARGET} -r zap-report.html - else - zap-cli quick-scan --start-options '-config api.disablekey=true' ${ZAP_TARGET} - python zap-full-scan.py -t ${ZAP_TARGET} -r zap-report.html - fi - fi - zap-cli report -o zap-report.html -f html artifacts: expose_as: "Zaproxy scan report" paths: Loading