Where to import context and policy files in Docker for running Automation Framework.

[Abhishek Jha]

Hi Simon,

 I have created Automation framework through ZAP UI and also created the context and policy files as well. Now I need to run inside CI .So I need to know where should I import the context and policy files in container so that Automation framework runs smoothly in CI as well?

[Simon Bennetts]

Hiya,

You shouldnt need to actually use context files.

Create and test the context in the ZAP desktop.

Then create an Automation Framework (AF) plan using that context.

The AF plan generated will include all of the info needed to define the context, you should not need to import the context file.

I'd also recommend not using policy files.

Instead configure the AF plan with the rules you want to run, i.e. in the jobs:

• passiveScan-config
• activeScan

You _can_ import policy files, but that jjust making things more difficult for yourself.

Cheers,

Simon

[Abhishek Jha]

Thanks Simon Got your point .

I have one more question i.e When I am running the Automation Rule and Job Active Scan Starts It gives the following console warnings

console.warn: LoginRecipes: "getRecipes: falling back to a synchronous message for:" "https://accounts.google.com"

 

Warning message also includes the url that I have not defined in the context. e.g :https://accounts.google.com

What does this message suggests ?

What should I do if it is a problem?

[Simon Bennetts]

This is from a browser, not ZAP, so you can ignore it (as far as I'm aware).

Its unfortunately very difficult to stop browsers from writing to stdout :/

Cheers,

Simon

[Abhishek Jha]

Thank you very much Simon .