runner

package
v1.12.5-beta001 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 7, 2023 License: MIT Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source
const API = "api"
View Source
const BASELINE = "baseline"
View Source
const FULL = "full"

Variables

This section is empty.

Functions

func MergeArgs

func MergeArgs(fileArgs []string, reportFile string, execution testkube.Execution) []string

MergeArgs merges the arguments read from file with the arguments read from the execution

Types

type ApiOptions

type ApiOptions struct {
	// target API definition, OpenAPI or SOAP, local file or URL
	Target string `yaml:"target"`
	// config file or URL to use to INFO, IGNORE or FAIL warnings
	Config string `yaml:"config"`
	// show debug messages
	Debug bool `default:"false" yaml:"debug"`
	// short output format - dont show PASSes or example URLs
	Short bool `default:"false" yaml:"short"`
	// minimum level to show: PASS, IGNORE, INFO, WARN or FAIL
	Level string `default:"PASS" yaml:"level"`
	// context file which will be loaded prior to scanning the target
	Context string `yaml:"context"`
	// username to use for authenticated scans - must be defined in the given context file
	User string `yaml:"user"`
	// delay in seconds to wait for passive scanning
	Delay int `yaml:"delay"`
	// max time in minutes to wait for ZAP to start and the passive scan to run
	Time int `default:"0" yaml:"time"`
	// ZAP command line options
	ZapOptions string `yaml:"zap_options"`
	// fail the scan on WARN issues, default true
	FailOnWarn bool `default:"true" yaml:"fail_on_warn"`
	// openapi, soap, or graphql
	Format string `yaml:"format"`
	// the hostname to override in the (remote) OpenAPI spec
	Hostname string `yaml:"hostname"`
	// safe mode this will skip the active scan and perform a baseline scan
	Safe bool `default:"false" yaml:"safe"`
}

type BaselineOptions

type BaselineOptions struct {
	// target URL including the protocol
	Target string `yaml:"target"`
	// config file or URL to use to INFO, IGNORE or FAIL warnings
	Config string `yaml:"config"`
	// show debug messages
	Debug bool `default:"false" yaml:"debug"`
	// short output format - dont show PASSes or example URLs
	Short bool `default:"false" yaml:"short"`
	// minimum level to show: PASS, IGNORE, INFO, WARN or FAIL
	Level string `default:"PASS" yaml:"level"`
	// context file which will be loaded prior to scanning the target
	Context string `yaml:"context"`
	// username to use for authenticated scans - must be defined in the given context file
	User string `yaml:"user"`
	// delay in seconds to wait for passive scanning
	Delay int `yaml:"delay"`
	// max time in minutes to wait for ZAP to start and the passive scan to run
	Time int `default:"0" yaml:"time"`
	// use the Ajax spider in addition to the traditional one
	Ajax bool `default:"false" yaml:"ajax"`
	// ZAP command line options
	ZapOptions string `yaml:"zap_options"`
	// fail the scan on WARN issues, default true
	FailOnWarn bool `default:"true" yaml:"fail_on_warn"`
	// the number of minutes to spider for (default 1)
	Minutes int `default:"1" yaml:"minutes"`
}

type FullOptions

type FullOptions struct {
	// target URL including the protocol
	Target string `yaml:"target"`
	// config file or URL to use to INFO, IGNORE or FAIL warnings
	Config string `yaml:"config"`
	// show debug messages
	Debug bool `default:"false" yaml:"debug"`
	// short output format - dont show PASSes or example URLs
	Short bool `default:"false" yaml:"short"`
	// minimum level to show: PASS, IGNORE, INFO, WARN or FAIL
	Level string `default:"PASS" yaml:"level"`
	// context file which will be loaded prior to scanning the target
	Context string `yaml:"context"`
	// username to use for authenticated scans - must be defined in the given context file
	User string `yaml:"user"`
	// delay in seconds to wait for passive scanning
	Delay int `yaml:"delay"`
	// max time in minutes to wait for ZAP to start and the passive scan to run
	Time int `default:"0" yaml:"time"`
	// use the Ajax spider in addition to the traditional one
	Ajax bool `default:"false" yaml:"ajax"`
	// ZAP command line options
	ZapOptions string `yaml:"zap_options"`
	// fail the scan on WARN issues, default true
	FailOnWarn bool `default:"true" yaml:"fail_on_warn"`
	// the number of minutes to spider for (default 1)
	Minutes int `default:"1" yaml:"minutes"`
}

type Options

type Options struct {
	API      ApiOptions      `yaml:"api"`
	Baseline BaselineOptions `yaml:"baseline"`
	Full     FullOptions     `yaml:"full"`
}

func (*Options) ToApiScanArgs

func (a *Options) ToApiScanArgs(filename string) (args []string)

func (*Options) ToBaselineScanArgs

func (a *Options) ToBaselineScanArgs(filename string) (args []string)

func (*Options) ToFullScanArgs

func (a *Options) ToFullScanArgs(filename string) (args []string)

func (*Options) UnmarshalYAML

func (a *Options) UnmarshalYAML(yamlFile string) (err error)

type ZapRunner

type ZapRunner struct {
	Params  envs.Params
	ZapHome string
	Scraper scraper.Scraper
}

ZapRunner runs ZAP tests

func NewRunner

func NewRunner(ctx context.Context, params envs.Params) (*ZapRunner, error)

NewRunner creates a new ZapRunner

func (*ZapRunner) GetType

func (r *ZapRunner) GetType() runner.Type

GetType returns runner type

func (*ZapRunner) Run

func (r *ZapRunner) Run(ctx context.Context, execution testkube.Execution) (result testkube.ExecutionResult, err error)

Run executes the test and returns the test results

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL