Commit 57fc103c authored by Thomas Boni's avatar Thomas Boni
Browse files

Merge branch '174-add-report-to-zaproxy-job' into 'latest'

Resolve "Add report to zaproxy job"

Closes #174

See merge request r2devops/hub!87
parents d1694e9d a3ee1991
Loading
Loading
Loading
Loading
+4 −2
Original line number Diff line number Diff line
@@ -47,6 +47,8 @@ use it as a service (we recommend using our [Docker](https://r2deveops.io/jobs/b

| Name | Description | Default |
| ---- | ----------- | ------- |
| `ZAP_OPTIONS` <img width=100/> | ZAP command line options e.g. `-z "-config aaa=bbb -config ccc=ddd"` <img width=175/>| ` ` <img width=100/>|
| `ZAP_CONTEXT` | Path for the context file for authenticated scans | ` ` |
| `ZAP_SCANNERS` <img width=100/> | Enable, disable, or list a set of [scanners](https://github.com/Grunny/zap-cli#getting-started-running-a-scan) <img width=175/> | ` ` <img width=100/> |
| `ZAP_CONTEXT` | Path for the [context](https://www.zaproxy.org/docs/desktop/ui/dialogs/session/contexts/) file for authenticated scans | ` ` |
| `ZAP_TARGET` | Target for Zaproxy to scan, default using alias of the docker image used as a service | `http://app` |
| `ZAP_REPORT_FILE` | Filename for the zaproxy report | `zap-report` |
| `ZAP_REPORT_FORMAT` | Format for the zaproxy report (html, xml, or json) | `html` |
+1 −0
Original line number Diff line number Diff line
* report added to zaproxy job, with different formats
 No newline at end of file
+19 −5
Original line number Diff line number Diff line
@@ -8,18 +8,32 @@ zaproxy:
    ZAP_SCANNERS: ""
    ZAP_CONTEXT: ""
    ZAP_TARGET: "http://app"
    ZAP_REPORT_FILE: "zap-report"
    ZAP_REPORT_FORMAT: "html"
  script:
    - zap-cli start --start-options '-config api.disablekey=true'
    - if [ ! -z ${ZAP_CONTEXT} ]; then
    -   zap-cli context import ${ZAP_CONTEXT}
    -   zap-cli open-url ${ZAP_TARGET}
    -   zap-cli spider ${ZAP_TARGET}
    -   if [ ! -z ${ZAP_SCANNERS}]; then
    -     zap-cli quick-scan -sc -s ${ZAP_SCANNERS} --context-name ${ZAP_CONTEXT} --start-options '-config api.disablekey=true' ${ZAP_TARGET}
    -     zap-cli active-scan --recursive -s ${ZAP_SCANNERS} --context-name ${ZAP_CONTEXT} ${ZAP_TARGET}
    -   else
    -     zap-cli quick-scan -sc --context-name ${ZAP_CONTEXT} --start-options '-config api.disablekey=true' ${ZAP_TARGET}
    -     zap-cli active-scan --recursive --context-name ${ZAP_CONTEXT} ${ZAP_TARGET}
    -   fi
    - else
    -   zap-cli open-url ${ZAP_TARGET}
    -   zap-cli spider ${ZAP_TARGET}
    -   if [ ! -z ${ZAP_SCANNERS}]; then
    -     zap-cli quick-scan -sc -s $ {ZAP_SCANNERS} --start-options '-config api.disablekey=true' ${ZAP_TARGET} 
    -     zap-cli active-scan --recursive -s $ {ZAP_SCANNERS} ${ZAP_TARGET} 
    -   else
    -     zap-cli quick-scan -sc --start-options '-config api.disablekey=true' ${ZAP_TARGET}
    -     zap-cli active-scan --recursive ${ZAP_TARGET}
    -   fi
    - fi
    - zap-cli report -o ${CI_PROJECT_DIR}/${ZAP_REPORT_FILE}.${ZAP_REPORT_FORMAT} -f ${ZAP_REPORT_FORMAT}
  artifacts:
    expose_as: "zap-report"
    paths:
      - "${ZAP_REPORT_FILE}.${ZAP_REPORT_FORMAT}"
    expire_in: 30 days
    when: always
 No newline at end of file