Мобильная версияМои настройки:
- Windows 11
- Podman CLI
Не удалось создать отчет о задании создать отчет: NoSuchFileException
/zap/wrk/zap/wrk/zap_report.json
cmd_baseline.py
import logging
import subprocess
from pathlib import Path
def cmd_baseline(target_url: str, json_file_name: str, work_dir: Path) -> None:
"""
Run a ZAP baseline scan against the target URL.
Args:
target_url: The URL to scan.
json_file_name: The filename of the JSON report to generate.
work_dir: The host directory to mount into the container (report will be written here).
"""
log_prefix = "cmd_baseline()"
logging.info(f"{log_prefix} Init")
# Ensure host folder exists
work_dir.mkdir(parents=True, exist_ok=True)
try:
# Host path to match ZAP's internal expectation
nested_work_dir = work_dir / "zap" / "wrk"
nested_work_dir.mkdir(parents=True, exist_ok=True)
cmd = [
"podman", "run", "--rm",
"--network=host",
"-v", f"{nested_work_dir}:/zap/wrk:Z", # map nested folder
"ghcr.io/zaproxy/zaproxy:stable",
"zap-baseline.py",
"-I",
"-t", target_url,
"-J", "/zap/wrk/zap_report.json", # write report inside container
]
logging.info(f"{log_prefix} Running command: {' '.join(cmd)}")
result = subprocess.run(cmd, capture_output=True, text=True, check=False) # nosec B603
logging.info(f"{log_prefix} Scan completed. Output:\n{result.stdout}")
# Optional: print stderr if any
if result.stderr:
logging.warning(f"{log_prefix} STDERR:\n{result.stderr}")
# Verify report exists
report_path = work_dir / json_file_name
if report_path.exists():
logging.info(f"{log_prefix} Report successfully written to: {report_path}")
else:
logging.error(f"{log_prefix} Report not found: {report_path}")
except Exception as e:
logging.error(f"{log_prefix} Exception occurred: {e}")
# ------------------ Main entry point ------------------
if __name__ == "__main__":
logging.basicConfig(level=logging.INFO)
# Host folder to store the report
work_dir = Path.cwd() / "zap_output"
json_file_name = "zap_report.json"
cmd_baseline(
target_url="https://juice-shop.herokuapp.com",
json_file_name=json_file_name,
work_dir=work_dir,
)
Все работает нормально, но я не могу создать отчет:
INFO:root:cmd_baseline() Init
INFO:root:cmd_baseline() Running command: podman run --rm --network=host -v C:\Users\admin\python\baseline_scan\zap_output\zap\wrk:/zap/wrk:Z ghcr.io/zaproxy/zaproxy:stable zap-baseline.py -I -t https://juice-shop.herokuapp.com -J /zap/wrk/zap_report.json
INFO:root:cmd_baseline() Scan completed. Output:
Using the Automation Framework
Total of 96 URLs
PASS: Vulnerable JS Library (Powered by Retire.js) [10003]
PASS: In Page Banner Information Leak [10009]
...
https://juice-shop.herokuapp.com/ftp (200 OK)
https://juice-shop.herokuapp.com/sitemap.xml (200 OK)
FAIL-NEW: 0 FAIL-INPROG: 0 WARN-NEW: 12 WARN-INPROG: 0 INFO: 0 IGNORE: 0 PASS: 55
Automation plan failures:
Job report failed to generate report: NoSuchFileException /zap/wrk/zap/wrk/zap_report.json
ERROR:root:cmd_baseline() Report not found: C:\Users\admin\python\baseline_scan\zap_output\zap_report.json
Подробнее здесь: https://stackoverflow.com/questions/798 ... tputs-json
