1

I have a specification file api.yaml As I understand I should use it like the following:

docker run -t owasp/zap2docker-weekly zap-api-scan.py -t api.yaml -f openapi

Should I put the file to some zap's directory?

Improve this question

1 Answer 1

Reset to default
2

It's more like a docker question: The file needs to be accessible inside the container, so you'll need to mount a volume (e.g. the folder containing this file) - check out the documentation for more details. Than, you can use the file using the mount point, for example:

docker run -v /path/to/dir:/app/config -t owasp/zap2docker-weekly zap-api-scan.py -t /app/config/api.yaml -f openapi

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

thank you! I converted yaml spec to json and use it the following way: docker run -v /etc/hosts:/etc/hosts -v $(pwd):/zap/wrk:rw -t owasp/zap2docker-weekly zap-api-scan.py -t apitest.json -f openapi
There is a simpler docker solution than mounting /etc/hosts': check out --add-host`, see the documentation here. Besides that, I glad I was able to help! If you need more Zap help don't hesitate to reach out!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.