Error: ZAP exited with error: Error: The process '/usr/bin/docker' failed with exit code 2

[Kristian Falk]

Hi,

I am trying to do a simple baseline scan. I use the baseline template and enters the url in the default context. When i run in ZAP Desktop in runs through with some 401 errors as expected. (Need to look into the script based authtentication later).

Job runs fine in desktop:


The extracted plan looks like this:
env:
  contexts:
  - name: Default Context
    urls:
    - https://the.webb.application/
    includePaths:
    - https://the.webb.application/.*
    authentication:
      verification:
        method: response
        pollFrequency: 60
        pollUnits: requests
    sessionManagement:
      method: cookie
    technology: {}
    structure: {}
  parameters: {}
jobs:
- type: passiveScan-config
  parameters: {}
- type: spider
  parameters: {}
  tests:
  - name: At least 100 URLs found
    type: stats
    onFail: INFO
    statistic: automation.spider.urls.added
    operator: '>='
    value: 100
- type: spiderAjax
  parameters: {}
  tests:
  - name: At least 100 URLs found
    type: stats
    onFail: INFO
    statistic: spiderAjax.urls.added
    operator: '>='
    value: 100
- type: passiveScan-wait
  parameters: {}
- type: report
  parameters:
    template: sarif-json
    reportDir: /zap/wrk
    reportFile: sarif-report.json
    reportTitle: ZAP by Checkmarx Scanning Report
    reportDescription: ""
    displayReport: false
  risks:
  - info
  - low
  - medium
  - high
  confidences:
  - falsepositive
  - low
  - medium
  - high
  - confirmed

The Github Action:

Output of the action:

Any suggestions on how to proceed?

BR

Kristian

[Simon Bennetts]

Hi Kristian,

The spider is not exploring your site properly because the first URL it tries is returning a 401.

You need to make sure that it returns something else so that ZAP can spider your site effectively.

How you do that will depend on the reason for the 401.

Cheers,

Simon