github.com/kubeshop/testkube@v1.17.23/contrib/executor/zap/README.md (about) 1  2 3 # Welcome to TestKube ZAP Executor 4 5 TestKube ZAP Executor is a test executor to run ZED attack proxy scans with [Testkube](https://testkube.io). 6 7 ## Usage 8 9 Your Testkube installation comes directly with the ZAP executor. 10 11 In case you want to build and deploy the executor yourself, you need to build the image first, and then register the executor and deploy it in your cluster. 12 13 ```bash 14 kubectl apply -f examples/zap-executor.yaml 15 ``` 16 17 Issue the following commands to create and start a ZAP test for a given YAML configuration file: 18 19 ```bash 20 kubectl testkube create test --file contrib/executor/zap/examples/zap-tk-api.yaml --type "zap/api" --name api-test --copy-files contrib/executor/zap/examples/zap-tk-api.conf:zap-tk-api.conf 21 kubectl testkube run test --watch api-test 22 23 kubectl testkube create test --file contrib/executor/zap/examples/zap-tk-baseline.yaml --type "zap/baseline" --name baseline-test --copy-files contrib/executor/zap/examples/zap-tk-baseline.conf:zap-tk-baseline.conf 24 kubectl testkube run test --watch baseline-test 25 26 kubectl testkube create test --file contrib/executor/zap/examples/zap-tk-full.yaml --type "zap/full" --name full-test --copy-files contrib/executor/zap/examples/zap-tk-full.conf:zap-tk-full.conf 27 kubectl testkube run test --watch full-test 28 29 kubectl testkube create test --git-uri https://github.com/kubeshop/testkube.git --type "zap/api" --name git-api-test --executor-args "zap-api.yaml" --git-branch main --git-path contrib/executor/zap/examples 30 kubectl testkube run test --watch git-api-test 31 32 kubectl testkube create test --git-uri https://github.com/kubeshop/testkube.git --type "zap/baseline" --name git-baseline-test --executor-args "zap-baseline.yaml" --git-branch main --git-path contrib/executor/zap/examples 33 kubectl testkube run test --watch git-baseline-test ** 34 35 kubectl testkube create test --git-uri https://github.com/kubeshop/testkube.git --type "zap/full" --name git-full-test --executor-args "zap-full.yaml" --git-branch main --git-path contrib/executor/zap/examples 36 kubectl testkube run test --watch full-test-git 37 ``` 38 39 The required ZAP arguments and options need to be specified via a dedicated YAML configuration file, e.g. 40 41 ```yaml 42 api: 43 # -t the target API definition 44 target: https://www.example.com/openapi.json 45 # -f the API format, openapi, soap, or graphql 46 format: openapi 47 # -O the hostname to override in the (remote) OpenAPI spec 48 hostname: https://www.example.com 49 # -S safe mode this will skip the active scan and perform a baseline scan 50 safe: true 51 # -c config file 52 config: examples/zap-api.conf 53 # -d show debug messages 54 debug: true 55 # -s short output 56 short: false 57 # -l minimum level to show: PASS, IGNORE, INFO, WARN or FAIL 58 level: INFO 59 # -c context file 60 context: examples/context.config 61 # username to use for authenticated scans 62 user: anonymous 63 # delay in seconds to wait for passive scanning 64 delay: 5 65 # max time in minutes to wait for ZAP to start and the passive scan to run 66 time: 60 67 # ZAP command line options 68 zap_options: -config aaa=bbb 69 # -I should ZAP fail on warnings 70 fail_on_warn: false 71 ``` 72 73 # Issues and Enchancements 74 75 Please report all [issues](https://github.com/kubeshop/testkube/issues).