Commit 02e5bd7e authored by Brown, Jonathan D.'s avatar Brown, Jonathan D.
Browse files

test

parent 12b410a5
......@@ -39,7 +39,7 @@ stages:
# - init
- build
- unit-tests
- pen-tests
# - pen-tests
- publish-image
# - deploy
......@@ -100,38 +100,38 @@ run unit tests:
- ng test earthquake-geoserve-ui --watch=false --code-coverage --progress false --browsers ChromeHeadless
- ng e2e
run penetration tests:
stage: pen-tests
image: docker:stable
# before_script:
# - npm i
# - npm i highlightjs
only:
- master
script:
- mkdir -p $OWASP_REPORT_DIR
- chmod 777 $OWASP_REPORT_DIR
- docker load -i docker-images/app.tar
- docker run --rm --name $LOCAL_CONTAINER -d $LOCAL_IMAGE
- docker run --rm -d -u zap --name=$OWASP_CONTAINER --link=$LOCAL_CONTAINER:application -v $OWASP_REPORT_DIR:/zap/reports:rw -i $OWASP_IMAGE zap.sh -daemon -port $ZAP_API_PORT -config api.disablekey=true
- sleep 20
# docker run --rm -d -u zap --name=earthquake-geoserve-ui-3-OWASP --link=earthquake-geoserve-ui-3-PENTEST:application -v /var/lib/jenkins/workspace/HazDev/earthquake-geoserve/build-ui/owasp-data:/zap/reports:rw -i code.chs.usgs.gov:5001/devops/images/owasp/zap2docker-stable zap.sh -daemon -port 8090 -config api.disablekey=true
# docker run --rm --name earthquake-geoserve-ui-1.0.4-PENTEST -d jamesmalin/usgs-geoserve-ui:1.0.4
# docker run --rm -d -u zap --name=earthquake-geoserve-ui-1.0.4-OWASP --link=earthquake-geoserve-ui-1.0.4-PENTEST:application -v /owasp-data:/zap/reports:rw -i owasp/zap2docker-stable zap.sh -daemon -port 8090 -config api.disablekey=true
- "docker exec -i ${OWASP_CONTAINER}
curl -I localhost:${ZAP_API_PORT}
> /dev/null 2>&1 && echo 'SUCCESS'"
# - sleep 10
- docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT spider http://$PENTEST_IP/
# - sleep 10
- docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT active-scan http://$PENTEST_IP/
- docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT report -o owasp-zap-report.html -f html
- docker stop $OWASP_CONTAINER ${LOCAL_CONTAINER}
artifacts: # can you make this not available to the public
paths:
- owasp-zap-report.html
dependencies:
- build
# run penetration tests:
# stage: pen-tests
# image: docker:stable
# # before_script:
# # - npm i
# # - npm i highlightjs
# only:
# - master
# script:
# - mkdir -p $OWASP_REPORT_DIR
# - chmod 777 $OWASP_REPORT_DIR
# - docker load -i docker-images/app.tar
# - docker run --rm --name $LOCAL_CONTAINER -d $LOCAL_IMAGE
# - docker run --rm -d -u zap --name=$OWASP_CONTAINER --link=$LOCAL_CONTAINER:application -v $OWASP_REPORT_DIR:/zap/reports:rw -i $OWASP_IMAGE zap.sh -daemon -port $ZAP_API_PORT -config api.disablekey=true
# - sleep 20
# # docker run --rm -d -u zap --name=earthquake-geoserve-ui-3-OWASP --link=earthquake-geoserve-ui-3-PENTEST:application -v /var/lib/jenkins/workspace/HazDev/earthquake-geoserve/build-ui/owasp-data:/zap/reports:rw -i code.chs.usgs.gov:5001/devops/images/owasp/zap2docker-stable zap.sh -daemon -port 8090 -config api.disablekey=true
# # docker run --rm --name earthquake-geoserve-ui-1.0.4-PENTEST -d jamesmalin/usgs-geoserve-ui:1.0.4
# # docker run --rm -d -u zap --name=earthquake-geoserve-ui-1.0.4-OWASP --link=earthquake-geoserve-ui-1.0.4-PENTEST:application -v /owasp-data:/zap/reports:rw -i owasp/zap2docker-stable zap.sh -daemon -port 8090 -config api.disablekey=true
# - "docker exec -i ${OWASP_CONTAINER}
# curl -I localhost:${ZAP_API_PORT}
# > /dev/null 2>&1 && echo 'SUCCESS'"
# # - sleep 10
# - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT spider http://$PENTEST_IP/
# # - sleep 10
# - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT active-scan http://$PENTEST_IP/
# - docker exec $OWASP_CONTAINER zap-cli -v -p $ZAP_API_PORT report -o owasp-zap-report.html -f html
# - docker stop $OWASP_CONTAINER ${LOCAL_CONTAINER}
# artifacts: # can you make this not available to the public
# paths:
# - owasp-zap-report.html
# dependencies:
# - build
publish image:
stage: publish-image
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment