ZAP Jenkins plugin for remotely installed ZAP config.

749 views

Skip to first unread message

sudhar99

unread,

Dec 16, 2016, 12:04:57 PM12/16/16

to OWASP ZAP Developer Group

I have installed ZAP on a separate windows server(IP - 10.1.1.1 :8080). Jenkins is running on a linux server and specified all the parameters as specified in the video (https://www.youtube.com/watch?v=mmHZLSffCUg). But the difference is my ZAP is running on a different sever and don't know how to specify this remote host and having Jenkins as the ZAP client....

Here is my configuration:

Java version - jdk1.8.0_92
Jenkins version - ver. 2.7.4
ZAP version - D-2016-12-05
ZAP Jenkins Plugin version -1.0.5

Here is jenkins job console log:

HOST = [ 10.1.1.1 ]
	PORT = [ 8080 ]

	ZAP SETTINGS DIRECTORY = [ C:\ZAP\ZAP_D-2016-12-05 ]
	SESSION FILENAME = [  ]
	INTERNAL SITES = [  ]

	CONTEXT NAME = [ DemoApp ]

	INCLUDE IN CONTEXT = [ http://demo-dev/demo-app.* ]

	EXCLUDE FROM CONTEXT = [ http://demo-dev/demo-app/lib-css.* ]

	STARTING POINT (URL) = [ http://demo-dev/demo-app/ ]
	REPORT FILENAME = [ JENKINS_ZAP_VULNERABILITY_REPORT_2 ]
	REPORT TITLE = [ JENKINS_ZAP_VULNERABILITY_REPORT_2 ]

	COMMAND LINE = 
		OPTION : [ -installdir ]
		VALUE  : [ %ZAPROXY_HOME% ]

[ZAP Jenkins Plugin] END PRE-BUILD ENVIRONMENT VARIABLE REPLACEMENT

[ZAP Jenkins Plugin] CLEAR LOGS IN SETTINGS...
	SETTINGS DIR [ C:\ZAP\ZAP_D-2016-12-05 ]
	WORKSPACE [ /apps/devtools/jenkins_home/workspace/DemoApp ]
	CLEARING SETTINGS/LOGS


[ZAP Jenkins Plugin] START BUILD STEP

[ZAP Jenkins Plugin] PLUGIN VALIDATION (PLG), VARIABLE VALIDATION AND ENVIRONMENT INJECTOR EXPANSION (EXP)
ERROR: java.lang.IllegalArgumentException: ZAP PATH IS MISSING, PROVIDED [ null ]
	at org.jenkinsci.plugins.zap.ZAPDriver.checkParams(ZAPDriver.java:488)

at org.jenkinsci.plugins.zap.ZAPDriver.startZAP(ZAPDriver.java:592)

	at org.jenkinsci.plugins.zap.ZAPBuilder.perform(ZAPBuilder.java:281)

thc...@gmail.com

unread,

Dec 16, 2016, 4:20:26 PM12/16/16

to zaproxy...@googlegroups.com

Hi.

This is already being addressed in:
https://groups.google.com/d/topic/zaproxy-jenkins/0SeRuwwIRTw/discussion

(Which is the expected place for ZAP Jenkins plugin related questions.)

Thanks.
Best regards.

On 16/12/16 17:04, sudhar99 wrote:
> I have installed ZAP on a separate windows server(IP - 10.1.1.1 :8080).
> Jenkins is running on a linux server and specified all the parameters as
> specified in the video (https://www.youtube.com/watch?v=mmHZLSffCUg). But
> the difference is my ZAP is running on a different sever and don't know how
> to specify this remote host and having Jenkins as the ZAP client....
>
> Here is my configuration:
>

> - Java version - jdk1.8.0_92
> - Jenkins version - ver. 2.7.4
> - ZAP version - D-2016-12-05
> - ZAP Jenkins Plugin version -1.0.5

>
> Here is jenkins job console log:
>
>
> HOST = [ 10.1.1.1 ]
> PORT = [ 8080 ]
>
> ZAP SETTINGS DIRECTORY = [ C:\ZAP\ZAP_D-2016-12-05 ]
> SESSION FILENAME = [ ]
> INTERNAL SITES = [ ]
>
> CONTEXT NAME = [ DemoApp ]
>

> REPORT FILENAME = [ JENKINS_ZAP_VULNERABILITY_REPORT_2 ]
> REPORT TITLE = [ JENKINS_ZAP_VULNERABILITY_REPORT_2 ]
>
> COMMAND LINE =
> OPTION : [ -installdir ]
> VALUE : [ %ZAPROXY_HOME% ]
>
> [ZAP Jenkins Plugin] END PRE-BUILD ENVIRONMENT VARIABLE REPLACEMENT
>
> [ZAP Jenkins Plugin] CLEAR LOGS IN SETTINGS...
> SETTINGS DIR [ C:\ZAP\ZAP_D-2016-12-05 ]
> WORKSPACE [ /apps/devtools/jenkins_home/workspace/DemoApp ]
> CLEARING SETTINGS/LOGS
>
>
> [ZAP Jenkins Plugin] START BUILD STEP
>

> [ZAP Jenkins Plugin] PLUGIN VALIDATION (PLG), VARIABLE VALIDATION AND ENVIRONMENT INJECTOR EXPANSION (EXP)ERROR: java.lang.IllegalArgumentException: ZAP PATH IS MISSING, PROVIDED [ null ]

Reply all

Reply to author

Forward

0 new messages