Skip to content

Commit

Permalink
fix pds-owaspzap naming scheme #2338 (#2339)
Browse files Browse the repository at this point in the history
  • Loading branch information
@sven-dmlr
sven-dmlr authored Jun 19, 2023
1 parent 372be0c commit e439a1a
Show file tree
Hide file tree
Showing 36 changed files with 104 additions and 104 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/build+publish-all-pds-solutions.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,10 +51,10 @@ jobs:
pds-solution: multi
pds-version: ${{ inputs.pds-version }}

call_build_pds-owasp-zap:
call_build_pds-owaspzap:
uses: mercedes-benz/sechub/.github/workflows/_build+publish-pds-solution.yml@develop
with:
pds-solution: owasp-zap
pds-solution: owaspzap
pds-version: ${{ inputs.pds-version }}

call_build-and-publish-pmd:
Expand Down
4 changes: 2 additions & 2 deletions sechub-doc/src/docs/asciidoc/documents/operations/02_security_products.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,9 +44,9 @@ This solution does integrate multiple SAST tools:

It can be found at https://github.com/mercedes-benz/sechub/tree/develop/sechub-pds-solutions/multi

===== Owasp-Zap
===== OWASP ZAP
This solution does integrate the https://www.zaproxy.org/ (web application scanner) - please look at
https://github.com/mercedes-benz/sechub/blob/develop/sechub-pds-solutions/owasp-zap/
https://github.com/mercedes-benz/sechub/blob/develop/sechub-pds-solutions/owaspzap/

===== PMD
https://pmd.github.io/ stand normally for quality checks, but it does also provide some security check mechanism. The integration can be found at
Expand Down
2 changes: 1 addition & 1 deletion ...shared/infrastructure/products/07_03_01_infra_security_products_netsparker.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
[WARNING]
====
Netsparker support inside {sechub} is deprecated and will vanish. As a replacement we have:
{pds-solutions-projectsite}/owasp-zap
{pds-solutions-projectsite}/owaspzap
====
Netsparker is a web scanner.

Expand Down
0 ...asp-zap/01-start-single-docker-compose.sh → ...waspzap/01-start-single-docker-compose.sh
View file
File renamed without changes.
0 ...t-single-sechub-network-docker-compose.sh → ...t-single-sechub-network-docker-compose.sh
View file
File renamed without changes.
0 ...lutions/owasp-zap/09-compute-image-tag.sh → ...olutions/owaspzap/09-compute-image-tag.sh
View file
File renamed without changes.
0 ...ds-solutions/owasp-zap/10-create-image.sh → ...pds-solutions/owaspzap/10-create-image.sh
View file
File renamed without changes.
0 ...-pds-solutions/owasp-zap/20-push-image.sh → ...b-pds-solutions/owaspzap/20-push-image.sh
View file
File renamed without changes.
0 ...p-zap/50-start-multiple-docker-compose.sh → ...spzap/50-start-multiple-docker-compose.sh
View file
File renamed without changes.
0 ...multiple-object-storage-docker-compose.sh → ...multiple-object-storage-docker-compose.sh
View file
File renamed without changes.
0 ...ds-solutions/owasp-zap/70-test-webscan.sh → ...pds-solutions/owaspzap/70-test-webscan.sh
View file
File renamed without changes.
38 changes: 19 additions & 19 deletions sechub-pds-solutions/owasp-zap/README.adoc → sechub-pds-solutions/owaspzap/README.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ IMPORTANT: Make sure the SecHub container is running.

The steps required to scan with the PDS.

==== Scan Script
==== Scan Script

WARNING: Scan only targets you have permission to scan.

Expand Down Expand Up @@ -102,12 +102,12 @@ or
----
{
"apiVersion" : "1.0",
"sechubJobUUID": "288607bf-ac81-4088-842c-005d5702a9e9",
"sechubJobUUID": "288607bf-ac81-4088-842c-005d5702a9e9",
"productId": "PDS_OWASP_ZAP",
"parameters": [
{
"key" : "pds.scan.target.url",
"value" : "https://my.juiceshop.org"
"value" : "https://my.juiceshop.org"
},
{
"key" : "zap.activescan.enabled",
Expand Down Expand Up @@ -180,7 +180,7 @@ This section contains information about how to troubleshoot PDS+OWSAP-Zap if som
==== Access the container

----
docker exec -it pds-owasp-zap-debian bash
docker exec -it pds-owaspzap-debian bash
----

==== Java Application Remote Debugging of PDS
Expand Down Expand Up @@ -209,7 +209,7 @@ Build container images and push them to registry to run PDS+OWSAP-Zap on virtual

Build the container image.

. Using the default image:
. Using the default image:
+
----
./10-create-image.sh my.registry.example.org/sechub/pds_owasp_zap v0.1
Expand Down Expand Up @@ -300,7 +300,7 @@ To generate passwords use `tr -dc A-Za-z0-9 </dev/urandom | head -c 18 ; echo ''
. Install helm package from file system
+
----
helm install --values myvalues.yaml pds-owasp-zap helm/pds-owasp-zap/
helm install --values myvalues.yaml pds-owaspzap helm/pds-owaspzap/
----
+
[TIP]
Expand All @@ -311,13 +311,13 @@ Use `helm --namespace <my-namespace> install…` to install the helm chart into
----
kubectl get pods
NAME READY STATUS RESTARTS AGE
pds-owasp-zap-759ffc8dfb-8jj8f 1/1 Running 0 75s
pds-owaspzap-759ffc8dfb-8jj8f 1/1 Running 0 75s
----

. Forward port of one of the pods to own machine
+
----
kubectl port-forward pds-owasp-zap-759ffc8dfb-8jj8f 8444:8444
kubectl port-forward pds-owaspzap-759ffc8dfb-8jj8f 8444:8444
----

. Scan as explained in the <<scan,scan>> section.
Expand All @@ -327,46 +327,46 @@ kubectl port-forward pds-owasp-zap-759ffc8dfb-8jj8f 8444:8444
In case, `my-values.yaml` was changed. Simply, use `helm upgrade` to update the deployment. `helm` will handle scaling up and down as well as changing the configuration.

----
helm upgrade --values my-values.yaml pds-owasp-zap helm/pds-owasp-zap/
helm upgrade --values my-values.yaml pds-owaspzap helm/pds-owaspzap/
----

==== Uninstall
==== Uninstall

. Helm list
+
----
helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
pds-owasp-zap my-namespace 1 2021-11-05 18:42:23.613991303 +0100 CET deployed pds-owasp-zap-0.1.0 0.24.0
pds-owaspzap my-namespace 1 2021-11-05 18:42:23.613991303 +0100 CET deployed pds-owaspzap-0.1.0 0.24.0
----

. Helm uninstall
+
----
helm uninstall pds-owasp-zap
helm uninstall pds-owaspzap
----

=== Troubleshooting

* Access deployment events.
+
----
kubectl describe pod pds-owasp-zap-759ffc8dfb-8jj8f
kubectl describe pod pds-owaspzap-759ffc8dfb-8jj8f
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 6m52s default-scheduler Successfully assigned sechub-zap/pds-owasp-zap-759ffc8dfb-8jj8f to c06p043-md-cc8c675cb-bqtpb
Normal Scheduled 6m52s default-scheduler Successfully assigned sechub-zap/pds-owaspzap-759ffc8dfb-8jj8f to c06p043-md-cc8c675cb-bqtpb
Normal Pulling 6m52s kubelet Pulling image "my.registry.org/sechub/pds_owasp_zap:latest"
Normal Pulled 6m31s kubelet Successfully pulled image "my.registry.org/sechub/pds_owasp_zap:latest" in 21.303104727s
Normal Created 6m30s kubelet Created container pds-owasp-zap
Normal Started 6m30s kubelet Started container pds-owasp-zap
Normal Created 6m30s kubelet Created container pds-owaspzap
Normal Started 6m30s kubelet Started container pds-owaspzap
----

* Access container logs.
+
----
kubectl logs pds-owasp-zap-759ffc8dfb-8jj8f
kubectl logs pds-owaspzap-759ffc8dfb-8jj8f
. ____ _ __ _ _
/\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
Expand All @@ -376,7 +376,7 @@ kubectl logs pds-owasp-zap-759ffc8dfb-8jj8f
=========|_|==============|___/=/_/_/_/
:: Spring Boot :: (v2.5.2)
2021-11-05 17:42:47.697 INFO 7 --- [ main] d.s.p.ProductDelegationServerApplication : Starting ProductDelegationServerApplication using Java 11.0.11 on pds-owasp-zap-759ffc8dfb-8jj8f with PID 7 (/pds/sechub-pds-0.24.0.jar started by zap in /workspace)
2021-11-05 17:42:47.697 INFO 7 --- [ main] d.s.p.ProductDelegationServerApplication : Starting ProductDelegationServerApplication using Java 11.0.11 on pds-owaspzap-759ffc8dfb-8jj8f with PID 7 (/pds/sechub-pds-0.24.0.jar started by zap in /workspace)
2021-11-05 17:42:47.702 INFO 7 --- [ main] d.s.p.ProductDelegationServerApplication : The following profiles are active: pds_localserver
2021-11-05 17:42:53.054 WARN 7 --- [ main] o.apache.tomcat.util.net.SSLHostConfig : The protocol [TLSv1.3] was added to the list of protocols on the SSLHostConfig named [_default_]. Check if a +/- prefix is missing.
2021-11-05 17:42:53.131 INFO 7 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
Expand All @@ -392,5 +392,5 @@ kubectl logs pds-owasp-zap-759ffc8dfb-8jj8f
2021-11-05 17:42:58.375 INFO 7 --- [ main] d.s.p.ProductDelegationServerApplication : Started ProductDelegationServerApplication in 13.2 seconds (JVM running for 14.465)
2021-11-05 17:42:59.394 INFO 7 --- [ scheduling-1] c.d.s.p.m.PDSHeartBeatTriggerService : Heartbeat will be initialized
2021-11-05 17:42:59.394 INFO 7 --- [ scheduling-1] c.d.s.p.m.PDSHeartBeatTriggerService : Create new server hearbeat
2021-11-05 17:42:59.467 INFO 7 --- [ scheduling-1] c.d.s.p.m.PDSHeartBeatTriggerService : heartbeat update - serverid:OWASP_ZAP_CLUSTER, heartbeatuuid:d6b06e92-e3e6-4f39-aefb-eb70fee49ce7, cluster-member-data:{"hostname":"pds-owasp-zap-759ffc8dfb-8jj8f","ip":"192.168.128.4","port":8444,"heartBeatTimestamp":"2021-11-05T17:42:59.395871","executionState":{"queueMax":50,"jobsInQueue":0,"entries":[]}}
2021-11-05 17:42:59.467 INFO 7 --- [ scheduling-1] c.d.s.p.m.PDSHeartBeatTriggerService : heartbeat update - serverid:OWASP_ZAP_CLUSTER, heartbeatuuid:d6b06e92-e3e6-4f39-aefb-eb70fee49ce7, cluster-member-data:{"hostname":"pds-owaspzap-759ffc8dfb-8jj8f","ip":"192.168.128.4","port":8444,"heartBeatTimestamp":"2021-11-05T17:42:59.395871","executionState":{"queueMax":50,"jobsInQueue":0,"entries":[]}}
----
0 ...ions/owasp-zap/cluster_object_storage.svg → ...tions/owaspzap/cluster_object_storage.svg
View file
File renamed without changes
0 ...tions/owasp-zap/cluster_shared_volume.svg → ...utions/owaspzap/cluster_shared_volume.svg
View file
File renamed without changes
4 changes: 2 additions & 2 deletions ...asp-zap/docker-compose_pds_owasp_zap.yaml → ...waspzap/docker-compose_pds_owasp_zap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,13 @@

version: "3"
services:
pds-owasp-zap:
pds-owaspzap:
build:
args:
- BASE_IMAGE=${BASE_IMAGE}
context: docker/
dockerfile: Owasp-Zap-Debian.dockerfile
container_name: pds-owasp-zap
container_name: pds-owaspzap
env_file:
- .env
ports:
Expand Down
6 changes: 3 additions & 3 deletions ...docker-compose_pds_owasp_zap_cluster.yaml → ...docker-compose_pds_owasp_zap_cluster.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

version: "3"
services:
pds-owasp-zap:
pds-owaspzap:
build:
args:
- BASE_IMAGE=${BASE_IMAGE}
Expand All @@ -23,13 +23,13 @@ services:
build:
context: ../shared/docker/loadbalancer
args:
- PDS_SOLUTION=pds-owasp-zap
- PDS_SOLUTION=pds-owaspzap
env_file:
- .env-cluster
networks:
- "internal"
depends_on:
- pds-owasp-zap
- pds-owaspzap
ports:
- "127.0.0.1:8444:8444"

Expand Down
6 changes: 3 additions & 3 deletions ...pds_owasp_zap_cluster_object_storage.yaml → ...pds_owasp_zap_cluster_object_storage.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

version: "3"
services:
pds-owasp-zap:
pds-owaspzap:
build:
args:
- BASE_IMAGE=${BASE_IMAGE}
Expand All @@ -23,13 +23,13 @@ services:
build:
context: ../shared/docker/loadbalancer
args:
- PDS_SOLUTION=pds-owasp-zap
- PDS_SOLUTION=pds-owaspzap
env_file:
- .env-cluster-object-storage
networks:
- internal
depends_on:
- pds-owasp-zap
- pds-owaspzap
ports:
- "127.0.0.1:8444:8444"

Expand Down
6 changes: 3 additions & 3 deletions ...mpose_pds_owasp_zap_external_network.yaml → ...mpose_pds_owasp_zap_external_network.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,14 @@

version: "3"
services:
pds-owasp-zap:
pds-owaspzap:
build:
args:
- BASE_IMAGE=${BASE_IMAGE}
context: docker/
dockerfile: Owasp-Zap-Debian.dockerfile
container_name: pds-owasp-zap
hostname: pds-owasp-zap
container_name: pds-owaspzap
hostname: pds-owaspzap
env_file:
- .env
networks:
Expand Down
0 ...sp-zap/docker/Owasp-Zap-Debian.dockerfile → ...aspzap/docker/Owasp-Zap-Debian.dockerfile
View file
File renamed without changes.
0 ...ns/owasp-zap/docker/mocks/mock.sarif.json → ...ons/owaspzap/docker/mocks/mock.sarif.json
View file
File renamed without changes.
0 ...-zap-full-ruleset-all-release-status.json → ...-zap-full-ruleset-all-release-status.json
View file
File renamed without changes.
0 ...olutions/owasp-zap/docker/pds-config.json → ...solutions/owaspzap/docker/pds-config.json
View file
File renamed without changes.
0 ...wasp-zap/docker/scripts/owasp-zap-mock.sh → ...owaspzap/docker/scripts/owasp-zap-mock.sh
View file
File renamed without changes.
0 ...ons/owasp-zap/docker/scripts/owasp-zap.sh → ...ions/owaspzap/docker/scripts/owasp-zap.sh
View file
File renamed without changes.
0 ...solutions/owasp-zap/docker/zap-addons.txt → ...-solutions/owaspzap/docker/zap-addons.txt
View file
File renamed without changes.
0 sechub-pds-solutions/owasp-zap/env → sechub-pds-solutions/owaspzap/env
View file
File renamed without changes.
0 sechub-pds-solutions/owasp-zap/env-database → sechub-pds-solutions/owaspzap/env-database
View file
File renamed without changes.
0 .../owasp-zap/helm/pds-owasp-zap/.helmignore → ...ns/owaspzap/helm/pds-owaspzap/.helmignore
View file
File renamed without changes.
4 changes: 2 additions & 2 deletions ...s/owasp-zap/helm/pds-owasp-zap/Chart.yaml → ...ons/owaspzap/helm/pds-owaspzap/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# SPDX-License-Identifier: MIT

apiVersion: v2
name: pds-owasp-zap
name: pds-owaspzap
description: The OWASP ZAP + PDS as Helm chart for Kubernetes

type: application
Expand All @@ -13,4 +13,4 @@ maintainers:
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.16.0
version: 0.17.0
0 ...ions/owasp-zap/helm/pds-owasp-zap/LICENSE → ...utions/owaspzap/helm/pds-owaspzap/LICENSE
View file
File renamed without changes.
0 ...ns/owasp-zap/helm/pds-owasp-zap/README.md → ...ions/owaspzap/helm/pds-owaspzap/README.md
View file
File renamed without changes.
0 ...m/pds-owasp-zap/templates/deployment.yaml → ...lm/pds-owaspzap/templates/deployment.yaml
View file
File renamed without changes.
0 ...ds-owasp-zap/templates/networkpolicy.yaml → ...pds-owaspzap/templates/networkpolicy.yaml
View file
File renamed without changes.
0 ...helm/pds-owasp-zap/templates/service.yaml → .../helm/pds-owaspzap/templates/service.yaml
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion .../owasp-zap/helm/pds-owasp-zap/values.yaml → ...ns/owaspzap/helm/pds-owaspzap/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
replicaCount: 1

image:
registry: "my.registry.example.org/pds-owasp-zap"
registry: "ghcr.io/mercedes-benz/sechub/pds-owaspzap"
tag: "latest"

resources:
Expand Down
Loading

0 comments on commit e439a1a

Please sign in to comment.