Skip to content

Migrate to ZAP Automation Framework#2387

Merged
J12934 merged 32 commits intomainfrom
maintenance/migrate-zap-automation-framework
Jun 26, 2024
Merged

Migrate to ZAP Automation Framework#2387
J12934 merged 32 commits intomainfrom
maintenance/migrate-zap-automation-framework

Conversation

@Ilyesbdlala
Copy link
Member

@Ilyesbdlala Ilyesbdlala commented Mar 19, 2024
edited
Loading

Description

  • ZAP Automation Framework has its own chart now
  • Added documentation and examples, mainly on how to migrate to zap-automation-framework

closes #1902

Caution

A DockerHub repo has to be created for the "new" ZAP Automation Framework Parser

Checklist

  • Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests.
  • Make sure that all your commits are signed-off and that you are added to the Contributors file.
  • Make sure that all CI finish successfully.
  • Optional (but appreciated): Make sure that all commits are Verified.

@Ilyesbdlala Ilyesbdlala added enhancement New feature or request breaking Changes requiring a major release labels Mar 19, 2024
@Ilyesbdlala Ilyesbdlala self-assigned this Mar 19, 2024
@secureCodeBoxBot
Copy link
Contributor

secureCodeBoxBot commented Mar 19, 2024

This pull request includes breaking changes. Please make sure that you included the breaking changes and the steps required to upgrade in UPGRADING.md.
✨ Thank you for your contribution! ✨

@netlify
Copy link

netlify bot commented Mar 19, 2024
edited
Loading

Deploy Preview for docs-securecodebox canceled.

Name Link
🔨 Latest commit 8f241f7
🔍 Latest deploy log https://app.netlify.com/sites/docs-securecodebox/deploys/667c2fa77ffd340008d96acf

@github-actions
Copy link

github-actions bot commented Mar 19, 2024
edited
Loading

🦙 MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Elapsed time
⚠️ ACTION actionlint 2 8 0.38s
⚠️ DOCKERFILE hadolint 1 1 0.06s
⚠️ GO golangci-lint yes 1 0.96s
⚠️ JAVA checkstyle 1 31 1.78s
⚠️ JAVASCRIPT eslint 3 1 0.54s
⚠️ YAML prettier 14 1 1.85s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security

@Ilyesbdlala
Copy link
Member Author

Ilyesbdlala commented Apr 9, 2024

This pull request includes breaking changes. Please make sure that you included the breaking changes and the steps required to upgrade in UPGRADING.md. ✨ Thank you for your contribution! ✨

It's not really breaking since, I kept the zapand zap-advanced intact

@Ilyesbdlala Ilyesbdlala force-pushed the maintenance/migrate-zap-automation-framework branch from 4c3fccb to 141701d Compare April 9, 2024 10:13
@Ilyesbdlala Ilyesbdlala marked this pull request as ready for review April 9, 2024 10:13
J12934
J12934 reviewed Apr 9, 2024
View reviewed changes
J12934
J12934 reviewed Apr 9, 2024
View reviewed changes
@J12934
Copy link
Member

J12934 commented Apr 9, 2024

docker hub image repo is created :)

@Ilyesbdlala Ilyesbdlala requested a review from J12934 April 9, 2024 14:10
@Ilyesbdlala Ilyesbdlala mentioned this pull request Apr 16, 2024
Merged
4 tasks
@Ilyesbdlala Ilyesbdlala force-pushed the maintenance/migrate-zap-automation-framework branch from 350a03a to 8cc34ca Compare May 8, 2024 13:57
@Ilyesbdlala Ilyesbdlala force-pushed the maintenance/migrate-zap-automation-framework branch from 8cc34ca to e8efb18 Compare May 21, 2024 08:59
J12934
J12934 requested changes Jun 7, 2024
View reviewed changes
Copy link
Member

@J12934 J12934 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

very nice, found some smaller issue

Ilyesbdlala added 12 commits June 11, 2024 11:07
@Ilyesbdlala
#1902 basic copy of zap scanner folder renamed to zap-automation-fram…
fa48f5b 
…ework

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Add deprecation notice to zap and zap-advanced
9ea773e 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Add zap-automation-framework to ci and release-build
18563e4 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Include zap-automation-framework in telemetry and persistence-…
4b4b158 
…defectdojo

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 remove irrelevant examples to zap-automation-framework
c875972 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 re-generated updated zap and zap-advanced docs
5cca2d1 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Rename helm chart and parser name of ZAP-Automation-Framework
54cd593 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Include a configmap template that includes all possible zap-aut…
e0637c8 
…omation-framework config options

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Leave only zap-automation-framework scantype
e446a6c 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Include a zap-baseline config to use in zap-automation-framework
f3ff71d 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Update package name for parser-zap to parser-zap-automation-fra…
709f735 
…mework

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Update parser image in Makefile to use own parser
cc22d42 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
Ilyesbdlala and others added 17 commits June 11, 2024 11:07
@Ilyesbdlala
#1902 Renamed integration tests for zap-automation-framework
01d46e0 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Added zap-automation-framework scan examples
da7ed5e 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Add documentation on how to migrate from zap and zap-advanced t…
c9bfeda 
…o zap automation framework

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Regenerated docs
b50e0ad 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Updated zap-automation-framework helm-unittest snapshot
9c7c1d0 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Replaced all occurences of OWASP ZAP to ZAP
116c402 
 This is due to ZAP no longer being part of OWASP

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Removed configmap names prefix in zap-automation-framework
b97beb4 
It is no longer needed
Co-authored-by:  Jannik Hollenbach <[email protected]>

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
Deleted old zap-advanced migration example
392f161 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala @J12934
#1902 Improve deprecation notice wording
7e80b0d 
Co-authored-by: Jannik Hollenbach <[email protected]>
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 regenerated helm docs after merge conflict resolve
4b95791 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Update import path for scan helper in zap-automation-framework …
9e8b0eb 
…test

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Fixed example scan name not fitting configmap name
e3d5053 
Co-authored-by: Jannik Hollenbach <[email protected]>

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 Renamed examples to remove the unneeded word migrate
d3dcee8 
Co-authored-by: Jannik Hollenbach <[email protected]>

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1902 use a consistent file name for automation configuration
359e996 
Co-authored-by: Jannik Hollenbach <[email protected]>

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala
#1907 Refactor automation framework configMap file names for consistency
783c704 
Co-authored-by: Jannik Hollenbach <[email protected]>

Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala @J12934
Apply suggestions from code review
7c54dbd 
Co-authored-by: Jannik Hollenbach <[email protected]>
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala @jorgestiga
#1902 Removed OWASP keyword from ZAP Readme
939923c 
Co-authored-by: Jorge Estrigarribia <[email protected]>
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@Ilyesbdlala Ilyesbdlala force-pushed the maintenance/migrate-zap-automation-framework branch from c62e581 to 939923c Compare June 11, 2024 09:07
@Ilyesbdlala Ilyesbdlala requested a review from J12934 June 11, 2024 09:08
@Ilyesbdlala
#1902 Update Helm unit test Snapshot
604e240 
Signed-off-by: Ilyes Ben Dlala <[email protected]>
@J12934 J12934 mentioned this pull request Jun 13, 2024
Closed
@J12934
#1902 Try to fix issue with config map names
826b5d9 
Also make names of configmaps and scans consistent
Should make it harder to get them wrong accidentally

Signed-off-by: Jannik Hollenbach <[email protected]>
@J12934
Fix typo in bodgeit
8f241f7 
Signed-off-by: Jannik Hollenbach <[email protected]>
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jun 26, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
4 Security Hotspots
D Reliability Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

@J12934 J12934 merged commit 3162f38 into main Jun 26, 2024
@J12934 J12934 deleted the maintenance/migrate-zap-automation-framework branch June 26, 2024 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@J12934 J12934 J12934 approved these changes

Assignees

@Ilyesbdlala Ilyesbdlala

Labels

breaking Changes requiring a major release enhancement New feature or request

Projects

secureCodeBox
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Improve Documentation for ZAP Automation Framework ScanType

3 participants

@Ilyesbdlala @secureCodeBoxBot @J12934