search

RedHatProductSecurity / rapidast

RapiDAST enables simple, continuous and fully automated application security testing
Apache License 2.0
56 stars 36 forks source link

Fail Deploy Rapidast on Openshift #140

Closed Crisbravoon closed 11 months ago

Crisbravoon commented 11 months ago

Hi, I am trying to run RapiDast in Openshift and I am having some problems. I added this environment variable APP_FILE = ./rapidast.py. because I got this error: 

Error: don't know how to run your application.
Please set either APP_MODULE, APP_FILE or APP_SCRIPT environment variables, or create a file 'app.py' to launch your appliaction.

After performing this modification, an error is displayed indicating that the file or directory ./config/config.yaml' is not found. Next, I attach an image that shows in more detail the current error.

---> Running application from Python script (./rapidast.py) ...
Traceback (most recent call last):
File "/opt/app-root/src/./rapidast.py", line 203, in <module>
run()
File "/opt/app-root/src/./rapidast.py", line 159, in run
yaml.safe_load(load_config_file(parser.parse_args().config_file))
File "/opt/app-root/src/./rapidast.py", line 55, in load_config_file
return open(config_file_location, mode="r", encoding="utf-8")
FileNotFoundError: [Errno 2] No such file or directory: './config/config.yaml'
jeremychoi commented 11 months ago

Hi. You will need to input a config file when running it. e.g. ./rapidast.py --config <config-file>

The config file can be created, by copying one of the templates under the /config dir, and modifying a few options according to your envioronment.

Also if you'd like to run one on OpenShift, you could try out the Helm chart.

Crisbravoon commented 11 months ago

Hi I have used a copy of config-template-zap-simple-yaml, configuring the URL and apiUrl, I am using the following url "https://petstore.swagger.io/v2/swagger.json", but when I raise the pod in OCP 4.10 , I get the following error: image

I have raised a Ticket at Red Hat , but they tell me as it is third party product they do not have support from their side.

jeremychoi commented 11 months ago

For the error issue above, where RapiDAST is going to be run as a container in the cluster with general.container.type: "none" needs to be configured. E.g., at the line https://github.com/RedHatProductSecurity/rapidast/blob/development/config/config-template-zap-simple.yaml#L37, instead of "podman".

Please feel free to open another issue for any RapiDAST related technical issues.