Issue with running zap CI/CD pipeline

94 views
Skip to first unread message

GC

unread,
Apr 17, 2024, 4:41:14 AMApr 17
to zaprox...@googlegroups.com
Hi Team,


I have tried three different ways to install owasp-zap but nothing worked:
1) Using zap's official image (owasp/zap2docker-stable)
Issue > GitLab CICD build fails to start and throws an error.
ERROR: Job failed (system failure): prepare environment: setting up trapping scripts on emptyDir: unable to upgrade connection: container not found ("build"). Check https://docs.gitlab.com/runner/shells/index.html#shell-profile-loading for more information

2) Since we use OpenSuse Leap 15.4 image, I tried customizing (attachment) https://github.com/zaproxy/zaproxy/blob/main/docker/Dockerfile-stable to work with our image
Issue > GitLab CICD build fails to start and throws an error.
Waiting for pod gitlab-runner-infrageneral/runner-yuhccyee-project-1974-concurrent-0-g9al5gg7 to be running, status is Pending
ContainersNotReady: "containers with unready status: [build helper svc-0]"
ContainersNotReady: "containers with unready status: [build helper svc-0]"
ERROR: Job failed (system failure): prepare environment: waiting for pod running: timed out waiting for pod to start. Check https://docs.gitlab
.com/runner/shells/index.html#shell-profile-loading for more information

Note: For both the above cases only, the pipelines fail to start. We have several other pipelines and they all work fine.

3) Customizing leap image by manually installing zap using https://software.opensuse.org/download/package?package=owasp-zap&project=security
This one at least got a Gitlab runner assigned but later failed. I noticed that there are no python files (zap-baseline.py, zap-full-scan.py etc.) installed as part of this set up. How do I fix this?

Any suggestions to fix any of the given approaches?


Regards.
customized_zap_image

Simon Bennetts

unread,
Apr 17, 2024, 4:44:06 AMApr 17
to ZAP User Group
As per various posts to this group and elsewhere, ZAP no longer supports the images on the OWASP Docker hub account.
For details of the official images see https://www.zaproxy.org/download/#docker

Cheers,

Simon

GC

unread,
Apr 17, 2024, 6:08:53 AMApr 17
to ZAP User Group
Thank you so much, Simon! The official image link provided by you worked. :)

Regards.
Reply all
Reply to author
Forward
0 new messages