Skip to content
This repository has been archived by the owner on Oct 7, 2024. It is now read-only.

Commit

Permalink
Add scan template file
Browse files Browse the repository at this point in the history
Signed-off-by: Sergio Arroutbi <[email protected]>
  • Loading branch information
sarroutbi committed Sep 22, 2023
1 parent a09afb6 commit 6660949
Showing 1 changed file with 50 additions and 0 deletions.
50 changes: 50 additions & 0 deletions tools/scan_tools/tang_operator_template.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
---
config:
# WARNING: `configVersion` indicates the schema version of the config file.
# This value tells RapiDAST what schema should be used to read this configuration.
# Therefore you should only change it if you update the configuration to a newer schema
# It is intended to keep backward compatibility (newer RapiDAST running an older config)
configVersion: 4

# `application` contains data related to the application, not to the scans.
application:
shortName: "tangservers"
url: "https://API_HOST_HERE:API_PORT_HERE/apis/daemons.redhat.com/v1alpha1"

# `general` is a section that will be applied to all scanners.
general:
authentication:
type: "http_header"
parameters:
name: "Authorization"
# Ways to obtain token:
# oc get secret $(oc get secret | grep ^default-token | awk '{print $1}') -o json | jq -Mr '.data.token' | base64 -d
# oc whoami -t
value: "Bearer AUTH_TOKEN_HERE"
container:
# currently supported: `podman` and `none`
type: "none"

scanners:
zap:
# parameters:
# executable: "ZAP_2.13.0/zap.sh"
# define a scan through the ZAP scanner
apiScan:
apis:
apiUrl: "https://API_HOST_HERE:API_PORT_HERE/openapi/v3/apis/daemons.redhat.com/v1alpha1"

passiveScan:
# optional list of passive rules to disable
disabledRules: "2,10015,10027,10096,10024,10054"

activeScan:
# If no policy is chosen, a default ("API-scan-minimal") will be selected
# The list of policies can be found in scanners/zap/policies/
policy: "API-scan-minimal"

miscOptions:
# enableUI (default: false), requires a compatible runtime (e.g.: flatpak or no containment)
enableUI: false
# Defaults to true, set false to prevent auto update of ZAP plugins
updateAddons: false

0 comments on commit 6660949

Please sign in to comment.