github.com/kubeshop/testkube@v1.17.23/contrib/executor/zap/examples/zap-api.yaml

github.com/kubeshop/testkube@v1.17.23/contrib/executor/zap/examples/zap-api.yaml (about)

     1  api:
     2    # -t the target API definition
     3    target: https://www.example.com/openapi.json
     4    # -f the API format, openapi, soap, or graphql
     5    format: openapi
     6    # -O the hostname to override in the (remote) OpenAPI spec
     7    hostname: https://www.example.com
     8    # -S safe mode this will skip the active scan and perform a baseline scan
     9    safe: true
    10    # -c config file
    11    config: contrib/executor/zap/examples/zap-api.conf
    12    # -d show debug messages
    13    debug: true
    14    # -s short output
    15    short: false
    16    # -l minimum level to show: PASS, IGNORE, INFO, WARN or FAIL
    17    level: INFO
    18    # # -c context file
    19    # context: examples/context.conf
    20    # # username to use for authenticated scans
    21    # user: anonymous
    22    # delay in seconds to wait for passive scanning
    23    delay: 5
    24    # max time in minutes to wait for ZAP to start and the passive scan to run
    25    time: 60
    26    # ZAP command line options
    27    zap_options: -config aaa=bbb
    28    # -I should ZAP fail on warnings
    29    fail_on_warn: false