Due to some maintenance issues, this service has been switched in read-only mode, you can find more information about the why

and how to migrate your plugin documentation in this blogpost

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 9 Next »

Note:

The following steps will assume Jenkins is setup as a Master with a Slave on another machine to execute the job's build and run the ZAP security tool.


Create a New Item

  1. Open Jenkins
  2. New Item
    • Name: ZAP_EXAMPLE_JOB
    • Type: Freestyle project
  3. OK
     

Create the Workspace

  1. Go to the Job Summary Page

    e.g. http://127.0.0.1:8080/job/ZAP_EXAMPLE_JOB/

  2. Configure

    e.g. http://127.0.0.1:8080/job/ZAP_EXAMPLE_JOB/configure

  3. Restrict where this project can be run (True)

    Name of Slave where ZAP security tool is installed

  4. Save
    .
  5. Build Now

    New Empty workspace will be created on the Slave e.g. C:\Users\<USER_ID>\Jenkins\workspace\ZAP_EXAMPLE_JOB

     

Configure the Job to Execute ZAP

Add Build Step Execute ZAP

Admin Configurations

(info) The workspace directory will be shown there.
(info) Override the default ZAP host (e.g. "localhost") and default ZAP port (e.g. "8090") for this job.

The host and port set here should be the SAME set in Firefox and in the ZAP security tool.

Notice: This should be the IP address of the Slave (the machine where ZAP security tool is installed).

Startup

Run as Pre-Build Step ((info) Leave unchecked)

Java

Select the JDK used by ZAP ((info) Leave as inheritFromJob)

https://github.com/jenkinsci/zaproxy-plugin/blob/development/documentation/customtools/README.md

Installation Method

Run Configurations

ZAP Settings

Session Management

Session Properties

Attack Mode

Finalize Run

  • No labels