stackoom
  简体   繁体   中英

Test Automation ZAP & E2E (Cypress)

 原文  2020-04-21 07:02:09       docker/ automated-tests/ gitlab/ gitlab-ci/ zap

Question

in the end I managed to achieve my goal with e2e and ZAP (using Docker).

So, I able to see the results from http://localhost:8091/OTHER/core/other/htmlreport or from the terminal of my local pc (using curl -X GET)

Enviroment:

  • GitLab Repository with e2e tests, run with Cypress (linux image)
  • Docker image with ZAP (latest version)

For the moment I'm thinking about using ZAP as a service in the yml file. This means, i will also have to update the package.json file and the dockerfile, in order to divert traffic here from Cypress container, and run ZAP.

  • Cypress : forwarding the traffic (via proxy) to ZAP (option HTTP_PROXY = http://containerAlias_port )
  • ZAP Daemon : listening at localhost to receive the data from e2e (also using port binding)

Example of gitlab-ci.yml: 

services:
 - name: owasp/zap2docker-stable:latest
   alias: zap
   ports:
       - "8092:8092"
   entrypoint: ["zap.sh", "-daemon", "-port", "8092", "-host", "0.0.0.0", "-config", "api.disablekey=true", "-config", "api.addrs.addr.name=.*", "-config", "api.addrs.addr.regex=true"]

The problems are:

1) How to get results from the Daemon in such environment? Because the "terminal" with CURL is not so suitable for CI/CD

2) The main problem is how to get results. Using the terminal locally is not a very "automated" solution, and I would like to have the opportunity to save a report file (html or json). I tried with the Baseline Scan but I have big problems targeting the ip address where the tests are performed. Are there other possible solutions? Maybe even with Daemon to get around this problem?

1 answers

solution1
 1  2020-04-21 12:38:39

The approach mentioned in the docs works for me:

Run ZAP as a daemon listening on "0.0.0.0" :

docker run -p 8090:8090 -i owasp/zap2docker-stable zap.sh -daemon -port 8090 -host 0.0.0.0

Find out the container id:

docker ps

Find out which address has been assigned to it:

docker inspect <CONTAINER ID> | grep IPAddress

You should be then able to point your browser at the specified host/port and access the ZAP API, eg http://172.17.0.8:8090/

Then, I use the following url to view the report & to publish in jenkins using the htmlpublisher plugin. You can use also curl/wget to download it:

http://172.17.0.8:8090/OTHER/core/other/htmlreport/?

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question GitLab CI Cypress E2E Hangs on “Verifying Cypress” E2E Test Electron With Spectron - Docker Windows Run e2e test with simulation of k8s Gitlab CI: How to configure cypress e2e tests with multiple server instances? VueJS, run e2e tests using Cypress into a Jenkins pipeline using a docker image E2E tests are not running on Jenkins job Docker “Failed to exec e2e script” Protractor e2e tests with bitbucket pipelines trouble with running e2e on bitbucket pipeline npm E2E test is getting timed out when running in Docker but getting passed when running on local machine
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM