zaproxy: Docker container stable OR weekly do not create reports

Describe the bug Running the stable or weekly docker images no reports are generated using -x or -r options

To Reproduce

sudo docker run -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-stable zap-baseline.py     -t https://test.io -g gen.conf -r testreport.html

sudo docker run -v /home/test/:/zap/wrk/:rw -t owasp/zap2docker-stable zap-baseline.py     -t https://test.io -g gen.conf -r testreport.html

sudo docker run -v /home/test/:/zap/wrk/:rw -t owasp/zap2docker-weekly zap-baseline.py     -t https://test.io -g gen.conf -r testreport.html

sudo docker run -v /home/test/:/zap/wrk/:rw -t owasp/zap2docker-weekly zap-baseline.py     -t https://test.io -g gen.conf -x testreport.html

Expected behavior A clear and concise description of what you expected to happen.

Screenshots If applicable, add screenshots to help explain your problem.

Software versions

  • ZAP: Latest owasp/zap2docker-weekly & owasp/zap2docker-stable
  • OS: Ubuntu 18.04

Errors from the zap.log file

48991 [HSQLDB Timer @10d59286] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - Checkpoint start
48991 [HSQLDB Timer @10d59286] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - checkpointClose start
48992 [HSQLDB Timer @10d59286] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - checkpointClose synched
48996 [HSQLDB Timer @10d59286] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - checkpointClose script done
48996 [HSQLDB Timer @10d59286] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache commit start
49161 [HSQLDB Timer @10d59286] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache commit end
49167 [HSQLDB Timer @10d59286] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - checkpointClose end
49168 [HSQLDB Timer @10d59286] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - Checkpoint end - txts: 87362
57167 [ZAP-SpiderThreadPool-0-thread-2] INFO org.zaproxy.zap.spider.Spider  - Spidering process is complete. Shutting down...
57168 [ZAP-SpiderShutdownThread-0] INFO org.zaproxy.zap.extension.spider.SpiderThread  - Spider scanning complete: true

Would you like to help fix this issue? yes definitely. I will also try and modify the Dockerfiles to keep it running after a scan and then perform a scan inside container.

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 16 (4 by maintainers)

Most upvoted comments

found a better solution

  1. Find out who owns the directory you are mount /zap/wrk to
  2. Identify the UID of that user
  3. When running the container specify --user UID:UID of user whom owns directory
sudo docker run -v $(pwd):/zap/wrk/ --user 1001:1001 -t owasp/zap2docker-stable zap-baseline.py     -t https://test.io -g gen.conf -r testreport.htm
+1
ankh2054 on Jul 22, 2020

nope on ubuntu, but for some reason the container does not have rights to write to that directory. ap@27e54591fc6d:/zap/wrk$ echo 1 > test.txt bash: test.txt: Permission denied

+1
ankh2054 on Jul 22, 2020
Read more comments on GitHub
← zaproxy: Could not connect ZAP in remote API
zaproxy: Error Persisting OpenAPI definition →