Skip to content
/ owasp-zap-openshift Public
forked from rht-labs/owasp-zap-openshift

A Docker build for OWASP Zed Attack Proxy to be used in CI/CD pipelines

0 stars 37 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

BCDevOps/owasp-zap-openshift

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
configuration
configuration
 
 
policies
policies
 
 
scripts/scripts/httpsender
scripts/scripts/httpsender
 
 
zap
zap
 
 
.dockerignore
.dockerignore
 
 
.xinitrc
.xinitrc
 
 
Demo_Script.md
Demo_Script.md
 
 
Dockerfile
Dockerfile
 
 
Jenkins_Available_Plugins_HTML_Publisher.png
Jenkins_Available_Plugins_HTML_Publisher.png
 
 
Jenkins_Build_Scheduled.png
Jenkins_Build_Scheduled.png
 
 
Jenkins_Deployed.png
Jenkins_Deployed.png
 
 
Jenkins_Disable_Concurrent_Builds.png
Jenkins_Disable_Concurrent_Builds.png
 
 
Jenkins_Install_And_Restart.png
Jenkins_Install_And_Restart.png
 
 
Jenkins_Kube_Slave_Config.png
Jenkins_Kube_Slave_Config.png
 
 
Jenkins_Kubernetes_Cloud.png
Jenkins_Kubernetes_Cloud.png
 
 
Jenkins_Main_Page.png
Jenkins_Main_Page.png
 
 
Jenkins_Manage_Plugins.png
Jenkins_Manage_Plugins.png
 
 
Jenkins_Manage_System.png
Jenkins_Manage_System.png
 
 
Jenkins_New_Pipeline.png
Jenkins_New_Pipeline.png
 
 
Jenkins_OpenShift_Login.png
Jenkins_OpenShift_Login.png
 
 
Jenkins_Scan_Console_Output.png
Jenkins_Scan_Console_Output.png
 
 
Jenkins_Set_Pipeline_Script.png
Jenkins_Set_Pipeline_Script.png
 
 
Jenkins_ZAP_Report_Link.png
Jenkins_ZAP_Report_Link.png
 
 
Kube_Pod_Template.png
Kube_Pod_Template.png
 
 
README.md
README.md
 
 
ZAP_Build_Log.png
ZAP_Build_Log.png
 
 
ZAP_Image_Stream.png
ZAP_Image_Stream.png
 
 
ZAP_Report_Page.png
ZAP_Report_Page.png
 
 
webswing.config
webswing.config
 
 

Repository files navigation

OWASP ZAP Image For OpenShift

Overview

The public docker registry version of OWASP's Zed Attack Proxy (ZAP) is not compatible with OpenShift without using privleged containers. This Docker image resolves that issue.

Running

The semantics of running this are identical to the public OWASP ZAP docker image, so look at the Wiki page HERE.

Deploying In OpenShift

oc new-build -l 'role=jenkins-slave' https://github.com/rht-labs/owasp-zap-openshift.git

Configuring In OpenShift Jenkins

  1. Log in to Jenkins with an account which has permissions to manage the Jenkins instance
  2. Install the following plugins:
    1. HTML Publisher Plugin
  3. Restart Jenkins
  4. Log back in to Jenkins and navigate to Manage Jenkins -> Configure System
  5. Scroll down to the Kubernetes cloud configuration
  6. Add a new "Pod Template" as shown below: KubePodTemplate

Using it in your Jenkinsfile

stage('Get a ZAP Pod') {
    node('zap') {
        stage('Scan Web Application') {
            dir('/zap') {
                def retVal = sh returnStatus: true, script: '/zap/zap-baseline.py -r baseline.html -t http://<some-web-site>'
                publishHTML([allowMissing: false, alwaysLinkToLastBuild: false, keepAll: true, reportDir: '/zap/wrk', reportFiles: 'baseline.html', reportName: 'ZAP Baseline Scan', reportTitles: 'ZAP Baseline Scan'])
                echo "Return value is: ${retVal}"
            }
        }
    }
}

About

A Docker build for OWASP Zed Attack Proxy to be used in CI/CD pipelines

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 86.1%
  • JavaScript 8.4%
  • Shell 5.5%