How can I integrate OWASP ZAP in the Bitbucket Pipelines?

I am fairly new to these issues and was wondering if it is possible to integrate OWASP ZAP with my bitbucket pipelines and break the build if any issue appear.

Can someone send me an example of a template? Or something I can study or read to understand more about pipelines.

My OWASP ZAP instance is installed on an ubuntu server.

 

I'm trying to build a open-source CI/CD (OWASP Dependency Check, Horusec, OWASP ZAP) and if anyone has any open-source SCA/SAST/DAST ideas, feel free to suggest them.

2 answers

1 accepted

0 votes
Answer accepted
Oleksandr Kyrdan
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 15, 2022

Hi @Gabriel Moraes Pacheco de Oliveira 

Thank your for your question!

For the integration Bitbucket Pipelines provides Bitbucket Pipes. So you could build powerful, automated continuous integration and continuous deployment workflows in a plug and play fashion.

12 days of CI/CD blog posts series explain and provide details how to use and how to create your custom integration with Bitbucket Pipes.

Feel free to share your idea with our community to help you.

Best regards,
Oleksandr Kyrdan

0 votes
ABhaskar January 5, 2023

@Gabriel Moraes Pacheco de Oliveira  did you find any solution to integrate OWASP ZAP with bitbucket pipelines ? without having to create your own pipe?

Abhinay Sutrakar August 22, 2023

@Gabriel Moraes Pacheco de Oliveira  @ABhaskar  @Oleksandr Kyrdan - Did anyone of you able to integrate and run the scan succesfully with OWASP zap. 

For me post scan the pipeline is running endless and ending with timeout.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events