search

microsoft / CSEDevOps

Azure DevOps extensions from CSE DevOps team
MIT License
26 stars 11 forks source link

no such file or directory, open '/opt/vsts-agent-linux/_work/r1/a/owaspzap/report.json' #17

Open baermathias opened 3 years ago

baermathias commented 3 years ago

I have followed these instructions https://marketplace.visualstudio.com/items?itemName=CSE-DevOps.zap-scanner to run the owasp scanner with a small difference in the setting: I use targeted scan instead of scan on agent and also port 443, because the release is being deployed to this port.

Screenshot from 2021-04-28 10-26-13

Anyway, I get the following error message, which tells me nothing:

2021-04-28T08:11:29.5182663Z ##[section]Starting: ZAP Scanner
2021-04-28T08:11:29.5416938Z ==============================================================================
2021-04-28T08:11:29.5417838Z Task         : OWASP Zap Scanner
2021-04-28T08:11:29.5418427Z Description  : Utilize the OWASP/ZAP scanner within Azure DevOps
2021-04-28T08:11:29.5418716Z Version      : 1.0.1
2021-04-28T08:11:29.5419214Z Author       : Doyle Turner, Anthony Turner
2021-04-28T08:11:29.5419906Z Help         : 
2021-04-28T08:11:29.5420167Z ==============================================================================
2021-04-28T08:11:30.2901940Z [command]/usr/bin/chmod 777 /opt/vsts-agent-linux/_work/r1/a/owaspzap
2021-04-28T08:11:30.2904783Z [command]/usr/bin/id -u root
2021-04-28T08:11:30.2904982Z 0
2021-04-28T08:11:30.2933668Z ##[error]ENOENT: no such file or directory, open '/opt/vsts-agent-linux/_work/r1/a/owaspzap/report.json'
2021-04-28T08:11:30.2995398Z ##[section]Finishing: ZAP Scanner

There are also several reviews on the marketplace with this problem. They are all unanswered: Screenshot from 2021-04-28 10-32-20 Screenshot from 2021-04-28 10-32-02

https://marketplace.visualstudio.com/items?itemName=CSE-DevOps.zap-scanner&ssr=false#review-details

praath commented 3 years ago

I am having roughly the same issue, and see that others have noted it in the reviews on the Marketplace site: https://marketplace.visualstudio.com/items?itemName=CSE-DevOps.zap-scanner&ssr=false#review-details

Is there any documentation for addressing this issue?

tsluyter commented 3 years ago

I'm afraid that the original authors have left or abandoned the project. We should try and find someone to take over.

EDIT: I've pinged the overall Microsoft Open Source Twitter account, which seems to be one way to interact with the overall project team. -> https://twitter.com/TessSluijter/status/1391817977922740225

CurlyBytes commented 2 years ago

any updates on this one? please advise

ainomc commented 2 years ago

any updates on this one? please advise

Were you able to figure it out?