| | |
| | | 2. On the job's configure page; set the Branch Sources to `git` |
| | | ![multibranch-select-git](../images/exercise4/multibranch-select-git.png) |
| | | |
| | | 2. Fill in the Git settings with your `todolist-api` GitLab url and set the credentials as you've done before. `https://gitlab.apps.<SOMEDOMAIN>.com/<YOUR_NAME>/todolist-api.git` |
| | | 2. Fill in the Git settings with your `todolist-api` GitLab url and set the credentials as you've done before. `https://gitlab.apps.lader.rht-labs.com/<YOUR_NAME>/todolist-api.git` |
| | | ![multibranch-git](../images/exercise4/multibranch-git.png) |
| | | |
| | | 2. Set the `Scan Multibranch Pipeline Triggers` to be periodic and the interval to 1 minute. This will poll the gitlab instance for new branches or change sets to build. |
| | |
| | | #### 3a - OWASP ZAP |
| | | > _OWASP ZAP (Zed Attack Proxy) is a free open source security tool used for finding security vulnerabilities in web applications._ |
| | | |
| | | 3. On your terminal; move to the `enablement-ci-cd` repo. We already have the `templates/jenkins-slave-generic-template.yml` template we're going to re-use from the previous lab so all we need is to check out the params file |
| | | 3. On your terminal; move to the `enablement-ci-cd` repo. We need to checkout a template for OpenShift to build our Jenkins Slave images and some parameters for the `zap` slave. |
| | | ```bash |
| | | git checkout exercise4/zap-and-arachni params/jenkins-slave-zap |
| | | git checkout exercise4/zap-and-arachni params/jenkins-slave-zap templates/jenkins-slave-generic-template.yml |
| | | ``` |
| | | |
| | | 3. This should have created the following files which we will fill out. We will use a `ZAP` image hosted on the `rht-labs/ci-cd` repo so there will be no `Dockerfile` needed as we did with the `jenkins-slave-npm` in exercise 2: |
| | | 3. This should have created the following files which we will fill out. We will use a `ZAP` image hosted on the `rht-labs/ci-cd` repo so there will be no `Dockerfile` needed: |
| | | - `params/jenkins-slave-zap` |
| | | |
| | | 3. Create an object in `inventory/host_vars/ci-cd-tooling.yml` called `jenkins-slave-zap` and add the following content: |
| | |
| | | -e "filter_tags=zap" |
| | | ``` |
| | | |
| | | 3. Head to (https://console.somedomain.com/console/project/<YOUR_NAME>-ci-cd/browse/builds) on Openshift and you should see `jenkins-slave-zap`. |
| | | 3. Head to https://console.lader.rht-labs.com on Openshift and move to your ci-cd project > builds. You should see `jenkins-slave-zap` has been built. |
| | | ![zap-build](../images/exercise4/zap-build.png) |
| | | |
| | | #### 3b - Arachni Scan |
| | |
| | | |
| | | 3. Update the `jenkins-slave-arachni` files `SOURCE_REPOSITORY_URL` to point to your gitlab's hosted version of the `enablement-ci-cd` repo. |
| | | ``` |
| | | SOURCE_REPOSITORY_URL=https://gitlab.apps.<SOME_DOMAIN>.com/<GIT_USERNAME>/enablement-ci-cd.git |
| | | SOURCE_REPOSITORY_URL=https://gitlab.apps.lader.rht-labs.com/<GIT_USERNAME>/enablement-ci-cd.git |
| | | SOURCE_CONTEXT_DIR=docker/jenkins-slave-arachni |
| | | BUILDER_IMAGE_NAME=registry.access.redhat.com/openshift3/jenkins-slave-base-rhel7:latest |
| | | NAME=jenkins-slave-arachni |
| | |
| | | -e "filter_tags=arachni" |
| | | ``` |
| | | |
| | | 3. Head to (https://console.somedomain.com/console/project/<YOUR_NAME>-ci-cd/browse/builds) on Openshift and you should see `jenkins-slave-arachni`. |
| | | ![todolist-fe-multi](../images/exercise4/builds-zap-arachni.png) |
| | | 3. Head to https://console.lader.rht-labs.com on Openshift and move to your ci-cd project > builds. You should see `jenkins-slave-arachni`. |
| | | ![builds-zap-arachni](../images/exercise4/builds-zap-arachni.png) |
| | | |
| | | _____ |
| | | |