ZAP Dynamic scanning Automation

[sandee...@gmail.com]

Hi...

I am facing this issue.. while i am did not giving any sourcecode path.

tarted by user admin
Building in workspace C:\Program Files (x86)\Jenkins\workspace\DemoProject
------- START Replace environment variables -------
ReportName : 
------- END Replace environment variables -------
Perform ZAProxy
ERROR: java.lang.IllegalArgumentException: zapProgram is missing
	at fr.novia.zaproxyplugin.ZAProxy.checkParams(ZAProxy.java:805)
	at fr.novia.zaproxyplugin.ZAProxy.startZAP(ZAProxy.java:861)
	at fr.novia.zaproxyplugin.ZAProxyBuilder.perform(ZAProxyBuilder.java:189)
	at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
	at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:779)
	at hudson.model.Build$BuildExecution.build(Build.java:205)
	at hudson.model.Build$BuildExecution.doRun(Build.java:162)
	at hudson.model.AbstractBuild$AbstractBuildExecution.run(AbstractBuild.java:534)
	at hudson.model.Run.execute(Run.java:1720)
	at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
	at hudson.model.ResourceController.execute(ResourceController.java:98)
	at hudson.model.Executor.run(Executor.java:404)

Build step 'Execute ZAProxy' marked build as failure
Finished: FAILURE

Any one help me please..

[thc...@gmail.com]

Hi.

I believe you need to set the env var in the field:
"Startup" > "ZAProxy is already installed" > "ZAProxy Home"

"Configure the ZAProxy home. This is the environment variable pointing
to the ZAProxy program path on the build's machine."

Best regards.

On 18/10/16 07:35, sandee...@gmail.com wrote:
> Hi...
>
> I am facing this issue.. while i am did not giving any sourcecode path.
>

> tarted by user admin <http://localhost:8080/user/admin>

> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/zaproxy-users/2cbfdd83-6dec-4fdf-a82f-8915e915b8ad%40googlegroups.com
> <https://groups.google.com/d/msgid/zaproxy-users/2cbfdd83-6dec-4fdf-a82f-8915e915b8ad%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.

[sandeep g]

Hi I already provided that ZAProxy detailes.. here i am attached that image also.. please find out.

[sandeep g]

[thc...@gmail.com]

OK, is the env var defined in the system? Or, being set in Jenkins (e.g.
through "Build Environment" > "Inject environment variables to the build
process")?

Best regards.

On 18/10/16 09:50, sandeep g wrote:
> Hi I already provided that ZAProxy detailes.. here i am attached that image also.. please find out.
>

> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>.
> To view this discussion on the web visit

> https://groups.google.com/d/msgid/zaproxy-users/26a236e3-5f02-459e-ba71-3df320fa5abf%40googlegroups.com
> <https://groups.google.com/d/msgid/zaproxy-users/26a236e3-5f02-459e-ba71-3df320fa5abf%40googlegroups.com?utm_medium=email&utm_source=footer>.

[sandeep g]

Thank you for reply....

iam tried same like you said,but  i am facing same issue again ... please if you have any screenshot share with me please..

On Tuesday, October 18, 2016 at 2:29:39 PM UTC+5:30, thc202 wrote:

OK, is the env var defined in the system? Or, being set in Jenkins (e.g.
through "Build Environment" > "Inject environment variables to the build
process")?

Best regards.

On 18/10/16 09:50, sandeep g wrote:
>     Hi I already provided that ZAProxy detailes.. here i am attached that image also.. please find out.
>
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com

> <mailto:zaproxy-users+unsub...@googlegroups.com>.

[sandeep g]

Hi...

    Here i am attached screenshot ... i was injected variables successfully..

[thc...@gmail.com]

Under "Build Environment" > "Properties Content" I have:
ZAPROXY_HOME=<zap_dir>

where <zap_dir> is the file system path to the directory where ZAP is
installed.

("Inject environment variables to the build process" is checked.)


You should see ZAPROXY_HOME being outputted in the console under
"[EnvInject] - Injecting as environment variables the properties content"

Best regards.

On 18/10/16 10:50, sandeep g wrote:
> Hi...
>
> <https://lh3.googleusercontent.com/-3vu4BCF--Gw/WAXwRWZY6TI/AAAAAAAAAA0/r5GmdgMswn4-oxtNO4IQYjPeMKBJobcYgCLcB/s1600/jenkins4.JPG>

>
> Here i am attached screenshot ... i was injected variables
> successfully..
>

> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com

> <mailto:zaproxy-user...@googlegroups.com>.

> To view this discussion on the web visit

> https://groups.google.com/d/msgid/zaproxy-users/84432c3b-38ad-4833-98ed-5bcd9133ac29%40googlegroups.com
> <https://groups.google.com/d/msgid/zaproxy-users/84432c3b-38ad-4833-98ed-5bcd9133ac29%40googlegroups.com?utm_medium=email&utm_source=footer>.

[sandeep g]

Hi,

After changes i got console output like here.. 

[sandeep g]

Hi,

I had some changes in my build, after  i got console output like this...

Here it is asking Authentication Required... what that means...

[thc...@gmail.com]

Hi.

That's supposedly the contents of the ZAP API response but the ZAP API
does not return that. Seems to me that the client it's not connecting to
ZAP API.

You sure ZAP is listening on the specified port?

Best regards.

On 18/10/16 12:21, sandeep g wrote:
> Hi,
>
> I had some changes in my build, after i got console output like this...
>

> <https://lh3.googleusercontent.com/-SGifDk4GAmQ/WAYFvyv6xMI/AAAAAAAAABU/K9kYDtt7UE8Tc0GT-1aqpEswoLSrq4jCACLcB/s1600/jenkins6.JPG>
>
> Here it is asking*Authentication Required*... what that means...

>
> --
> You received this message because you are subscribed to the Google
> Groups "OWASP ZAP User Group" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to zaproxy-user...@googlegroups.com
> <mailto:zaproxy-user...@googlegroups.com>.
> To view this discussion on the web visit

> https://groups.google.com/d/msgid/zaproxy-users/4fdeb9ca-5dee-494a-aaaa-dd6331323d72%40googlegroups.com
> <https://groups.google.com/d/msgid/zaproxy-users/4fdeb9ca-5dee-494a-aaaa-dd6331323d72%40googlegroups.com?utm_medium=email&utm_source=footer>.

[sandeep g]

Hi,

Its working now... thank you..

Thanks,

sandeep