如何在 jenkins 中使用 Zap 插件执行 selenium 脚本
How to execute selenium script using Zap Plugin in jenkins
我对 Jenkins 中的 Zap 插件有疑问。假设我在 java 中编写了 selenium 脚本,它将启动浏览器并自动设置代理。我需要的是从 Jenkins 启动 selenium java 代码,并使用 zap 插件打开 zap 代理并生成报告。
Jenkins 中的流程应该是:1. 启动 ZAP 代理作为预构建,2. 执行 Selenium java 代码(将自动通过 ZAP 代理)3. ZAP 生成报告并发回给詹金斯。 4.关闭ZAP代理。
我的困惑是当我在 Jenkins 中使用 zap 插件时,有一个起点 URL 是强制性的。但我不需要主动扫描,我只需要通过 selenium 脚本从 zap 代理进行被动扫描。有办法绕着它走吗?对此的任何建议都会有所帮助。
请在下面找到我的示例硒 java 脚本:
public class Sample_ZapProgram {
public static void main(String[] args) throws InterruptedException {
WebDriver driver;
Proxy proxy = new Proxy();
// proxy.setHttpProxy("localhost:8090");
proxy.setFtpProxy("localhost:8090");
proxy.setSslProxy("localhost:8090");
DesiredCapabilities capabilities = new DesiredCapabilities();
capabilities.setCapability(CapabilityType.PROXY, proxy);
System.setProperty("webdriver.chrome.driver","C:\Users\Administrator\workspace\chromedriver.exe");
driver = new ChromeDriver(capabilities);
driver.manage().timeouts().implicitlyWait(30, TimeUnit.SECONDS);
driver.get("http://demo.testfire.net/");
Thread.sleep(15000);
driver.quit();
//tearDown();
}
}
Java样本(样本来自NoraUI POC):
/**
* NoraUi is licensed under the license GNU AFFERO GENERAL PUBLIC LICENSE
*
* @author Nicolas HALLOUIN
* @author Stéphane GRILLON
*/
package com.github.noraui.bot;
import java.io.File;
import org.openqa.selenium.By;
import org.openqa.selenium.Proxy;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.chrome.ChromeDriver;
import org.openqa.selenium.chrome.ChromeOptions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.github.noraui.utils.Utilities.OperatingSystem;
import com.github.noraui.utils.Utilities.SystemArchitecture;
public class FirstSimpleBotWithZAPProxy {
private static final Logger logger = LoggerFactory.getLogger(FirstSimpleBotWithZAPProxy.class);
public static void main(String[] args) throws InterruptedException {
Proxy proxy = new Proxy();
proxy.setAutodetect(false);
proxy.setHttpProxy("http://localhost:8092");
final OperatingSystem currentOperatingSystem = OperatingSystem.getCurrentOperatingSystem();
String pathWebdriver = String.format("src/test/resources/drivers/%s/googlechrome/%s/chromedriver%s", currentOperatingSystem.getOperatingSystemDir(),
SystemArchitecture.getCurrentSystemArchitecture().getSystemArchitectureName(), currentOperatingSystem.getSuffixBinary());
if (!new File(pathWebdriver).setExecutable(true)) {
logger.error("ERROR when change setExecutable on " + pathWebdriver);
}
System.setProperty("webdriver.chrome.driver", pathWebdriver);
final ChromeOptions chromeOptions = new ChromeOptions();
chromeOptions.setProxy(proxy);
WebDriver driver = new ChromeDriver(chromeOptions);
for (int i = 0; i < 6; i++) {
driver.get("http://www.google.com/ncr");
WebElement element = driver.findElement(By.name("q"));
element.sendKeys("NoraUi");
element.submit();
logger.info(driver.getTitle());
WebElement r = driver.findElement(By.xpath("//*[@id='resultStats']"));
logger.info(r.getText());
}
driver.quit();
}
}
ZAP 结果:
我对 Jenkins 中的 Zap 插件有疑问。假设我在 java 中编写了 selenium 脚本,它将启动浏览器并自动设置代理。我需要的是从 Jenkins 启动 selenium java 代码,并使用 zap 插件打开 zap 代理并生成报告。
Jenkins 中的流程应该是:1. 启动 ZAP 代理作为预构建,2. 执行 Selenium java 代码(将自动通过 ZAP 代理)3. ZAP 生成报告并发回给詹金斯。 4.关闭ZAP代理。
我的困惑是当我在 Jenkins 中使用 zap 插件时,有一个起点 URL 是强制性的。但我不需要主动扫描,我只需要通过 selenium 脚本从 zap 代理进行被动扫描。有办法绕着它走吗?对此的任何建议都会有所帮助。
请在下面找到我的示例硒 java 脚本:
public class Sample_ZapProgram {
public static void main(String[] args) throws InterruptedException {
WebDriver driver;
Proxy proxy = new Proxy();
// proxy.setHttpProxy("localhost:8090");
proxy.setFtpProxy("localhost:8090");
proxy.setSslProxy("localhost:8090");
DesiredCapabilities capabilities = new DesiredCapabilities();
capabilities.setCapability(CapabilityType.PROXY, proxy);
System.setProperty("webdriver.chrome.driver","C:\Users\Administrator\workspace\chromedriver.exe");
driver = new ChromeDriver(capabilities);
driver.manage().timeouts().implicitlyWait(30, TimeUnit.SECONDS);
driver.get("http://demo.testfire.net/");
Thread.sleep(15000);
driver.quit();
//tearDown();
}
}
Java样本(样本来自NoraUI POC):
/**
* NoraUi is licensed under the license GNU AFFERO GENERAL PUBLIC LICENSE
*
* @author Nicolas HALLOUIN
* @author Stéphane GRILLON
*/
package com.github.noraui.bot;
import java.io.File;
import org.openqa.selenium.By;
import org.openqa.selenium.Proxy;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.chrome.ChromeDriver;
import org.openqa.selenium.chrome.ChromeOptions;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.github.noraui.utils.Utilities.OperatingSystem;
import com.github.noraui.utils.Utilities.SystemArchitecture;
public class FirstSimpleBotWithZAPProxy {
private static final Logger logger = LoggerFactory.getLogger(FirstSimpleBotWithZAPProxy.class);
public static void main(String[] args) throws InterruptedException {
Proxy proxy = new Proxy();
proxy.setAutodetect(false);
proxy.setHttpProxy("http://localhost:8092");
final OperatingSystem currentOperatingSystem = OperatingSystem.getCurrentOperatingSystem();
String pathWebdriver = String.format("src/test/resources/drivers/%s/googlechrome/%s/chromedriver%s", currentOperatingSystem.getOperatingSystemDir(),
SystemArchitecture.getCurrentSystemArchitecture().getSystemArchitectureName(), currentOperatingSystem.getSuffixBinary());
if (!new File(pathWebdriver).setExecutable(true)) {
logger.error("ERROR when change setExecutable on " + pathWebdriver);
}
System.setProperty("webdriver.chrome.driver", pathWebdriver);
final ChromeOptions chromeOptions = new ChromeOptions();
chromeOptions.setProxy(proxy);
WebDriver driver = new ChromeDriver(chromeOptions);
for (int i = 0; i < 6; i++) {
driver.get("http://www.google.com/ncr");
WebElement element = driver.findElement(By.name("q"));
element.sendKeys("NoraUi");
element.submit();
logger.info(driver.getTitle());
WebElement r = driver.findElement(By.xpath("//*[@id='resultStats']"));
logger.info(r.getText());
}
driver.quit();
}
}
ZAP 结果: