Bash exited with code '2'

510 views
Skip to first unread message

Tiko Miedendorp

unread,
May 16, 2024, 9:38:41 AM5/16/24
to ZAP User Group
Hey guys,

I'm trying to make a pipeline that converts the xml results to NUnit, so I can publish them on Azure DevOps.

Currently, everything is working, however, for some reason when i'm testing on this url it does not work?

Anybody know why. I'm mainly testing it on this site so I can see the report generation and see if it works (because there are a lot of alerts, otherwise on our own application zero :)

chmod -R 777 ./
          docker pull ghcr.io/zaproxy/zaproxy:stable
          docker run -v $(pwd):/zap/wrk/:rw -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py -t "https://juice-shop.herokuapp.com/#/" -g gen.conf -r report_backoffice.html -x report_backoffice.xml -J report_backoffice.json -T 2

Screenshot 2024-05-16 153750.png

Tiko Miedendorp

unread,
May 16, 2024, 9:44:36 AM5/16/24
to ZAP User Group
I also get this when running on example.com and i dont now why. It has something to do with the new warnings

Tiko Miedendorp

unread,
May 16, 2024, 9:49:10 AM5/16/24
to ZAP User Group
I see that the exit 2 error is given when there are warnings, but now the pipeline fails and the report is not generated .... Is there a solution for this

Simon Bennetts

unread,
May 23, 2024, 4:37:16 AM5/23/24
to ZAP User Group
The exit values are detailed in the relevant packaged scripts, eg https://github.com/zaproxy/zaproxy/blob/main/docker/zap-baseline.py#L31-L35

I'll look at updating the docs on the website, as this has comne up before..

Cheers,

Simon

Simon Bennetts

unread,
May 23, 2024, 6:21:12 AM5/23/24
to ZAP User Group
FYI this is now covered in the online docs: https://www.zaproxy.org/docs/docker/baseline-scan/#exit-value

Alvin Dutt

unread,
Aug 12, 2024, 2:25:17 AM8/12/24
to ZAP User Group
Has the suggestion by  Simon Bennetts worked ?

Alvin Dutt

unread,
Aug 12, 2024, 7:56:31 PM8/12/24
to ZAP User Group
Hi 

I am having the same issue on Azure DevOps Pipeline

I have created a config file as well

Below is my script 

script|    
    chmod -R 777 ./
    docker pull ghcr.io/zaproxy/zaproxy:stable
    docker run \
      -v $(pwd):/zap/wrk/:rw \
      -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py \
      -t "https://dzone.com" \
      -g /zap/zap_config.conf \
      -x /zap/wrk/OWASP-ZAP-Report.xml \
      -r /zap/wrk/scan-report.html
  displayName'Run OWASP ZAP Baseline Scan'

attached is my config file 

Please note https://dzone.com is a test site to trial zap.

Below is the results from my pipeline 
Untitled.png

Thanks 
Alvin
zap_config.conf

kingthorin+zap

unread,
Aug 13, 2024, 7:42:31 AM8/13/24
to ZAP User Group
You're generating the config everytime:
"  -g /zap/zap_config.conf \"

Simon Bennetts

unread,
Aug 16, 2024, 7:08:07 AM8/16/24
to ZAP User Group
The packaged scan is working exactly as documented.
If you want ZAP to ignore specific alerts then change the config faile as per https://www.zaproxy.org/docs/docker/baseline-scan/#configuration-file
Or you can configure your pipeline to ignore a commands exit code - thats a standard OS feature.

Cheers,

Simon
Reply all
Reply to author
Forward
0 new messages