"SSH exit-code 2" error occurs while running a ZAP scan from TeamCity

[Khopithan Sathiyakeerthy]

Hi all,

When I run the below shown command in docker hosted vm directly, it runs well and generate a ZAP scan report without any errors.

docker run -v $(pwd)/zap-report:/zap/wrk/:rw -t owasp/zap2docker-stable zap-baseline.py -t http://example.com -r stable-baselinescan.html

But when I run the same command from teamcity, it runs well and generate report as well but it is exited with this "SSH exit-code 2" error

SSH exit code 2 means - Remote connection failure. But I don't see any connection failure. Hope u all help to figure out this issue

Regards,

Khopi

[Simon Bennetts]

Hiya Khopi,

The baseline scan will exit with a 2 as it has found some warnings.

The "SSH" part is nothing to do with ZAP - thats probably something to do with how TeamCity is invoking Docker.

But the '2', yes thats probably coming from ZAP and is as expected: https://github.com/zaproxy/zaproxy/blob/main/docker/zap-baseline.py#L31-L35

Cheers,

Simon

[Khopithan Sathiyakeerthy]

Hi Simon,

Thank you so much. I ran the command with -d argument and found the warnings. Then I generated the .conf file and changed the WARN as IGNORE. Then I ran again with the .conf file and made it successful build. 👍👍

Best

Khopi

[Simon Bennetts]

Great - thanks for letting us know!

[Khopithan Sathiyakeerthy]

Hi Simon,

Can you plz check this conversation 

https://groups.google.com/g/zaproxy-users/c/3EP7JdgZIwc

Regards,

Khopi

[Khopithan Sathiyakeerthy]

Hi All,

FYI

If you want to run ZAP container scan from TeamCity without "SSH exit-code 2" error,

You need to add this part after your scanning command

2> /dev/null; (($? == 2)) && echo 'Done' >&2

E.g.

docker run -v $(pwd)/zap-report:/zap/wrk/:rw -t owasp/zap2docker-stable zap-full-scan.py -t https://example.com/myapp -j -a -r stable-full-scan-report.html 2> /dev/null; (($? == 2)) && echo 'Done' >&2 

Regards,

Khopi