Merge pull request #97 from secureCodeBox/zap-integration-tests

Add Integration Tests for ZAP and some other improvements to improve the stability and debuggability of the tests

Author: nigthknight

.github/workflows/ci.yaml

@@ -412,6 +412,9 @@ jobs:
         run: |
           # Install dummy-ssh app
           helm -n demo-apps install dummy-ssh ./demo-apps/dummy-ssh/ --wait
+          # Install plain nginx server
+          kubectl create deployment --image nginx:alpine nginx --namespace demo-apps
+          kubectl expose deployment nginx --port 80 --namespace demo-apps
       - name: "nmap Integration Tests"
         run: |
           helm -n integration-tests install nmap ./scanners/nmap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
@@ -432,6 +435,11 @@ jobs:
           helm -n integration-tests install ssh-scan ./scanners/ssh_scan/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
           cd tests/integration/
           npx jest --ci --color ssh-scan
+      - name: "zap Integration Tests"
+        run: |
+          helm -n integration-tests install zap ./scanners/zap/ --set="parserImage.tag=sha-$(git rev-parse --short HEAD)"
+          cd tests/integration/
+          npx jest --ci --color zap
       - name: Inspect Post Failure
         if: failure()
         run: |

scanners/amass/templates/amass-scan-type.yaml

@@ -10,7 +10,9 @@ spec:
     location: "/home/securecodebox/amass-results.jsonl"
   jobTemplate:
     spec:
-      ttlSecondsAfterFinished: 10
+      {{- if .Values.scannerJob.ttlSecondsAfterFinished }}
+      ttlSecondsAfterFinished: {{ .Values.scannerJob.ttlSecondsAfterFinished }}
+      {{- end }}
       template:
         spec:
           restartPolicy: OnFailure

scanners/amass/values.yaml

@@ -4,6 +4,7 @@ parserImage:
   tag: null
 
 scannerJob:
+  ttlSecondsAfterFinished: null
   resources: {}
 # scannerJob:
 #   resources:

scanners/kube-hunter/templates/kubehunter-scan-type.yaml

@@ -8,7 +8,9 @@ spec:
     location: '/home/securecodebox/kube-hunter-results.json'
   jobTemplate:
     spec:
-      ttlSecondsAfterFinished: 10
+      {{- if .Values.scannerJob.ttlSecondsAfterFinished }}
+      ttlSecondsAfterFinished: {{ .Values.scannerJob.ttlSecondsAfterFinished }}
+      {{- end }}
       template:
         spec:
           restartPolicy: Never

scanners/kube-hunter/values.yaml

@@ -4,4 +4,5 @@ parserImage:
   tag: null
 
 scannerJob:
+  ttlSecondsAfterFinished: null
   resources: {}

scanners/ncrack/templates/ncrack-scan-type.yaml

@@ -8,7 +8,9 @@ spec:
     location: "/home/securecodebox/ncrack-results.xml"
   jobTemplate:
     spec:
-      ttlSecondsAfterFinished: 10
+      {{- if .Values.scannerJob.ttlSecondsAfterFinished }}
+      ttlSecondsAfterFinished: {{ .Values.scannerJob.ttlSecondsAfterFinished }}
+      {{- end }}
       backoffLimit: 3
       template:
         spec:

scanners/ncrack/values.yaml

@@ -4,6 +4,7 @@ parserImage:
   tag: null
 
 scannerJob:
+  ttlSecondsAfterFinished: null
   resources: {}
   extraVolumes: []
   extraVolumeMounts: []

scanners/nikto/templates/nikto-scan-type.yaml

@@ -8,7 +8,9 @@ spec:
     location: '/home/securecodebox/nikto-results.json'
   jobTemplate:
     spec:
-      ttlSecondsAfterFinished: 10
+      {{- if .Values.scannerJob.ttlSecondsAfterFinished }}
+      ttlSecondsAfterFinished: {{ .Values.scannerJob.ttlSecondsAfterFinished }}
+      {{- end }}
       template:
         spec:
           restartPolicy: Never

scanners/nikto/values.yaml

@@ -4,6 +4,7 @@ parserImage:
   tag: null
 
 scannerJob:
+  ttlSecondsAfterFinished: null
   resources: {}
 # scannerJob:
 #   resources:

scanners/nmap/templates/nmap-scan-type.yaml

@@ -8,7 +8,9 @@ spec:
     location: "/home/securecodebox/nmap-results.xml"
   jobTemplate:
     spec:
-      ttlSecondsAfterFinished: 10
+      {{- if .Values.scannerJob.ttlSecondsAfterFinished }}
+      ttlSecondsAfterFinished: {{ .Values.scannerJob.ttlSecondsAfterFinished }}
+      {{- end }}
       backoffLimit: 3
       template:
         spec: