The ZAP plugin extension functionality

33 views

Skip to first unread message

joshwa philip

unread,

Apr 30, 2020, 1:45:14 PM4/30/20

to ZAP Jenkins Plugin

Hi All,

I am using the ZAP extension and it's working but after the build occurs ZAP shuts down. We would like the script modified to remove the shutdown a feature to allow us to add a quality gate task that I have set in Jenkins as a post-build. is there any way this can be done?

Regards,

Joshwa Philip

39146 [ZAP-Shutdown] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache commit start
39223 [ZAP-Shutdown] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache commit end
39244 [ZAP-Shutdown] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - Database closed
39368 [ZAP-Shutdown] INFO org.zaproxy.zap.extension.api.CoreAPI  - OWASP ZAP 2.9.0 terminated.


[ZAP Jenkins Plugin] SHUTDOWN [ SUCCESSFUL ]

[ZAP Jenkins Plugin] LOG SEARCH...
	ZAP HOME DIRECTORY [ C:\Users\QCN8MRY\OWASP ZAP ]
	JENKINS WORKSPACE [ C:\Program Files\Jenkins\Boss_ZAP_Agent\workspace\GA\ENTDevOps\owasp scan test ]
	CLEARING WORKSPACE/LOGS

	[ /C:/Users/QCN8MRY/OWASP ZAP/zap.log ] LOG HAS BEEN FOUND
	COPY [zap.log] TO [C:\Program Files\Jenkins\Boss_ZAP_Agent\workspace\GA\ENTDevOps\owasp scan test\logs\zap.log]


[owasp scan test] $ powershell.exe -NonInteractive -ExecutionPolicy ByPass "& 'C:\Windows\TEMP\jenkins17863814526417610058.ps1'"
Invoke-WebRequest : Unable to connect to the remote server
At C:\Windows\TEMP\jenkins17863814526417610058.ps1:5 char:11
+ $result = Invoke-WebRequest($script:zapBaseAddress+"/JSON/alert/view/ ...
+           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:Htt 
   pWebRequest) [Invoke-WebRequest], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShe 
   ll.Commands.InvokeWebRequestCommand
 

ConvertFrom-Json : Cannot bind argument to parameter 'InputObject' because it 
is null.
At C:\Windows\TEMP\jenkins17863814526417610058.ps1:8 char:21
+ $result = $result | ConvertFrom-Json
+                     ~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [ConvertFrom-Json], ParameterBi 
   ndingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,M 
   icrosoft.PowerShell.Commands.ConvertFromJsonCommand
 
Cannot index into a null array.
At C:\Windows\TEMP\jenkins17863814526417610058.ps1:10 char:1
+ $H =  $result.alertsSummary[0].High
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray
 
Cannot index into a null array.
At C:\Windows\TEMP\jenkins17863814526417610058.ps1:11 char:1
+ $M =  $result.alertsSummary[0].Medium
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray
 
High Risk :  & Medium Risk : 
Quality gate failed
[owasp scan test] $ powershell.exe -NonInteractive -ExecutionPolicy ByPass "& 'C:\Windows\TEMP\jenkins11130485112188041966.ps1'"
Finished: SUCCESS

Jenkins extension.png

thc...@gmail.com

unread,

May 1, 2020, 12:22:43 PM5/1/20

to zaproxy...@googlegroups.com

Hi.

Not currently, in the meantime or as alternative if you want more
customisable workflow there's:
https://plugins.jenkins.io/zap-pipeline/

Best regards.

Reply all

Reply to author

Forward

0 new messages