#1902 Include a zap-baseline config to use in zap-automation-framework

Signed-off-by: Ilyes Ben Dlala <ilyes.bendlala@iteratec.com>
secureCodeBox · Mar 19, 2024 · 4c3fccb · 4c3fccb
1 parent 8468d38
commit 4c3fccb
Showing 1 changed file with 32 additions and 0 deletions.
diff --git a/scanners/zap-automation-framework/examples/zap-baseline-config.yaml b/scanners/zap-automation-framework/examples/zap-baseline-config.yaml
@@ -0,0 +1,32 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: zap-baseline-configuration
+data:
+  zap-baseline.yaml: |-
+
+    # Environment configuration for ZAP baseline scan
+
+    env:                                   # The environment, mandatory
+      contexts :                           # List of 1 or more contexts, mandatory
+        - name: zap-baseline-automation-scan # Name to be used to refer to this context in other jobs, mandatory
+          urls: ["http://nginx.demo-targets.svc"] # A mandatory list of top level urls, everything under each url will be included
+          includePaths: 
+            - "http://nginx.demo-targets.svc/.*"
+      - type: spider                       # The traditional spider - fast but doesnt handle modern apps so well
+        parameters:
+          context: zap-baseline-automation-scan # String: Name of the context to spider, default: first context
+          maxDuration: 1                   # Int: The max time in minutes the spider will be allowed to run for, default: 0 unlimited
+
+      - type: passiveScan-wait             # Passive scan wait for the passive scanner to finish
+        parameters:
+          maxDuration: 5                   # Int: The max time to wait for the passive scanner, default: 0 unlimited
+      - type: report                       # Report generation
+        parameters:
+          template: traditional-xml                        # String: The template id, default : modern
+          reportDir: /home/securecodebox/               # String: The directory into which the report will be written
+          reportFile: zap-results                     # String: The report file name pattern, default: {{yyyy-MM-dd}}-ZAP-Report-[[site]]
+        risks:                             # List: The risks to include in this report, default all
+          - high
+          - medium
+          - low