Created
January 21, 2019 17:30
-
-
Save palichis/269791dd77bb333f9bae52aba85d1d72 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| stages: | |
| - dev | |
| analisis_SAST: | |
| stage: dev | |
| image: docker:stable | |
| variables: | |
| DOCKER_DRIVER: overlay2 | |
| allow_failure: false | |
| services: | |
| - docker:stable-dind | |
| script: | |
| - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/') | |
| - docker run | |
| --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}" | |
| --volume "$PWD:/code" | |
| --volume /var/run/docker.sock:/var/run/docker.sock | |
| "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code | |
| artifacts: | |
| reports: | |
| sast: gl-sast-report.json | |
| analisis_DAST: | |
| stage: dev | |
| image: registry.gitlab.com/gitlab-org/security-products/zaproxy | |
| variables: | |
| website: "https://reporteprecios-test.msp.gob.ec" | |
| allow_failure: false | |
| script: | |
| - docker run | |
| --volume $PWD:/zap/wrk | |
| registry.gitlab.com/gitlab-org/security-products/zaproxy zap-baseline.py -t $website -J gl-dast-report.json || true | |
| artifacts: | |
| reports: | |
| dast: gl-dast-report.json | |
para proyectos con java, agregar el parámetro a la ejecución de docker
- docker run
--env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
--volume "$PWD:/code"
--volume /root/.m2:/root/.m2
--volume /var/run/docker.sock:/var/run/docker.sock
"registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
--volume $PWD:/zap/wrk
registry.gitlab.com/gitlab-org/security-products/zaproxy zap-baseline.py -t $website --auth-url $weblogin --auth-username $user --auth-password $password --auth-username-field $labeluser --auth-password-field $labelpass --auth-submit-field $submitlabel -J gl-dast-report.json || true
Authentication:
--auth-url login form URL
--auth-username username
--auth-password password
--auth-username-field name of username input field
--auth-password-field name of password input field
--auth-submit-field name or value of submit input
--auth-first-page enable two-page authentication
--auth-first-submit-field name or value of submit input of first page
--auth-exclude-urls comma separated list of URLs to exclude, supply all URLs causing logout