name: $(date:yyyyMMdd)$(rev:.r)-$(Build.SourceBranch)
trigger:
- main
- master
stages:
- stage: OWASP_ZAP_Stage # !CHANGE! per env
jobs:
# OWASP ZAP Job
- job : OWASP_ZAP
variables:
pool:
vmImage: 'ubuntu-latest'
steps:
- task: DockerInstaller@0
displayName: 'Install Docker image'
inputs:
dockerVersion: '17.09.0-ce'
- task: owaspzap@1
displayName: 'Run OWASP Scan for $(websiteurl)'
inputs:
aggressivemode: false
scantype: 'targetedScan'
url: 'https://$(websiteurl)'
port: '443'
threshold: '999999'
- bash: |
sudo npm install -g handlebars-cmd
cat <<EOF > owaspzap/nunit-template.hbs
<test-run
id="2"
name="Owasp test"
start-time="{{@generated}}">
{{#each site}}<test-suite
id="{{@index}}"
type="Assembly"
name="{{[@name]}}"
result="Failed"
failed="{{alerts.length}}">
<attachments>
<attachment>
<filePath>$BUILD_SOURCESDIRECTORY/owaspzap/report.html</filePath>
</attachment>
</attachments>
{{#each alerts}}<test-case
id="{{@index}}"
name="{{alert}}"
result="Failed"
fullname="{{alert}}"
time="1">
<failure>
<message>
<![CDATA[{{{desc}}}]]>
</message>
<stack-trace>
<![CDATA[
Solution:
{{{solution}}}
Reference:
{{{reference}}}
instances:{{#each instances}}
* {{uri}}
- {{method}}
{{#if evidence}}- {{{evidence}}}{{/if}}
{{/each}}]]>
</stack-trace>
</failure>
</test-case>
{{/each}}
</test-suite>
{{/each}}
</test-run>
EOF
displayName: 'OWASP NUnit template'
condition: always()
- task: Bash@3
inputs:
targetType: 'inline'
script: 'ls -laR'
- bash: ' handlebars owaspzap/report.json < owaspzap/nunit-template.hbs > owaspzap/$(websiteurl).xml'
displayName: 'Generate NUnit type file for $(websiteurl)'
condition: always()
# Publish results to AZDO Test page
- task: PublishTestResults@2
displayName: 'Publish Test Results to AZDO'
inputs:
testResultsFormat: NUnit
testResultsFiles: 'owaspzap/$(websiteurl).xml'
testRunTitle: '$(websiteurl)'
condition: always()