I tried to generate an HTML report of ZAP using the Full Scan Docker image in Jenkins using this stage:
stage('OWASP ZAP Full Scan') {
steps {
script {
sh "sudo docker run -v /var/lib/jenkins/workspace/Front:/zap/wrk/:rw -t ghcr.io/zaproxy/zaproxy:stable zap-full-scan.py -t http://192.168.56.7:80/ -r testreport.html"
} } })
It worked, but it didn't generate the HTML report as it's supposed to and failed with this error:
ERROR [Errno 13] Permission denied: '/zap/wrk/testreport.html'
2024-04-16 09:30:57,094 I/O error: [Errno 13] Permission denied: '/zap/wrk/testreport.html'
Traceback (most recent call last):
File "/zap/zap-full-scan.py", line 469, in main
write_report(os.path.join(base_dir, report_html), zap.core.htmlreport())
File "/zap/zap_common.py", line 569, in write_report
with open(file_path, mode='wb') as f:
PermissionError: [Errno 13] Permission denied: '/zap/wrk/testreport.html'
Found Java version 11.0.22
Available memory: 8719 MB
Using JVM args: -Xmx2179m
This is a mismatch between you Jenkins agent user id and the process inside your container, which runs as user zap with uid 1000. The mounted folder doesn't have the right permissions for zap to create files. Don't know how you want to play this, but your could make a new folder and open it up:
sh """
rm -rf /var/lib/jenkins/workspace/Front/report
mkdir -p /var/lib/jenkins/workspace/Front/report
chmod 777 /var/lib/jenkins/workspace/Front/report
sudo docker run -v /var/lib/jenkins/workspace/Front:/zap/wrk/:rw -t ghcr.io/zaproxy/zaproxy:stable zap-full-scan.py -t http://192.168.56.7:80/ -r report/testreport.html
"""