Loading jobs/zaproxy/README.md +2 −1 Original line number Diff line number Diff line Loading @@ -39,3 +39,4 @@ use it as a service (we reccomend using our [Docker](https://hub.go2scale.io/job | ---- | ----------- | ------- | | `ZAP_SCANNERS` <img width=100/> | A comma-spearated list of scanners to use <img width=175/>| ` ` <img width=100/>| | `ZAP_CONTEXT` | Path for the context file for authenticated scans | ` ` | | `ZAP_TARGET` | Target for zaproxy to scan, default using alias of the docker image used as a service | `http://app` | jobs/zaproxy/zaproxy.yml +10 −4 Original line number Diff line number Diff line Loading @@ -7,18 +7,24 @@ job_name: variables: ZAP_SCANNERS: "" ZAP_CONTEXT: "" ZAP_TARGET: "http://app" script: - if [ ! -z ${ZAP_CONTEXT} ]; then - zap-cli context import ${ZAP_CONTEXT} - if [ ! -z ${ZAP_SCANNERS}]; then - zap-cli quick-scan -s $ {ZAP_SCANNERS} --context-name ${ZAP_CONTEXT} --self-contained --start-options '-config api.disablekey=true' http://app - zap-cli quick-scan -s $ {ZAP_SCANNERS} --context-name ${ZAP_CONTEXT} --self-contained --start-options '-config api.disablekey=true' ${ZAP_TARGET} - else - zap-cli quick-scan --context-name ${ZAP_CONTEXT} --self-contained --start-options '-config api.disablekey=true' http://app - zap-cli quick-scan --context-name ${ZAP_CONTEXT} --self-contained --start-options '-config api.disablekey=true' ${ZAP_TARGET} - fi - else - if [ ! -z ${ZAP_SCANNERS}]; then - zap-cli quick-scan -s $ {ZAP_SCANNERS} --self-contained --start-options '-config api.disablekey=true' http://app - zap-cli quick-scan -s $ {ZAP_SCANNERS} --self-contained --start-options '-config api.disablekey=true' ${ZAP_TARGET} - else - zap-cli quick-scan --self-contained --start-options '-config api.disablekey=true' http://app - zap-cli quick-scan --self-contained --start-options '-config api.disablekey=true' ${ZAP_TARGET} - fi - fi - zap-cli report -o zap-report.html -f html artifacts: expose_as: "Zaproxy scan report" paths: - zap-report.html Loading
jobs/zaproxy/README.md +2 −1 Original line number Diff line number Diff line Loading @@ -39,3 +39,4 @@ use it as a service (we reccomend using our [Docker](https://hub.go2scale.io/job | ---- | ----------- | ------- | | `ZAP_SCANNERS` <img width=100/> | A comma-spearated list of scanners to use <img width=175/>| ` ` <img width=100/>| | `ZAP_CONTEXT` | Path for the context file for authenticated scans | ` ` | | `ZAP_TARGET` | Target for zaproxy to scan, default using alias of the docker image used as a service | `http://app` |
jobs/zaproxy/zaproxy.yml +10 −4 Original line number Diff line number Diff line Loading @@ -7,18 +7,24 @@ job_name: variables: ZAP_SCANNERS: "" ZAP_CONTEXT: "" ZAP_TARGET: "http://app" script: - if [ ! -z ${ZAP_CONTEXT} ]; then - zap-cli context import ${ZAP_CONTEXT} - if [ ! -z ${ZAP_SCANNERS}]; then - zap-cli quick-scan -s $ {ZAP_SCANNERS} --context-name ${ZAP_CONTEXT} --self-contained --start-options '-config api.disablekey=true' http://app - zap-cli quick-scan -s $ {ZAP_SCANNERS} --context-name ${ZAP_CONTEXT} --self-contained --start-options '-config api.disablekey=true' ${ZAP_TARGET} - else - zap-cli quick-scan --context-name ${ZAP_CONTEXT} --self-contained --start-options '-config api.disablekey=true' http://app - zap-cli quick-scan --context-name ${ZAP_CONTEXT} --self-contained --start-options '-config api.disablekey=true' ${ZAP_TARGET} - fi - else - if [ ! -z ${ZAP_SCANNERS}]; then - zap-cli quick-scan -s $ {ZAP_SCANNERS} --self-contained --start-options '-config api.disablekey=true' http://app - zap-cli quick-scan -s $ {ZAP_SCANNERS} --self-contained --start-options '-config api.disablekey=true' ${ZAP_TARGET} - else - zap-cli quick-scan --self-contained --start-options '-config api.disablekey=true' http://app - zap-cli quick-scan --self-contained --start-options '-config api.disablekey=true' ${ZAP_TARGET} - fi - fi - zap-cli report -o zap-report.html -f html artifacts: expose_as: "Zaproxy scan report" paths: - zap-report.html