This add-on provides a framework that allows ZAP to be automated in an easy and flexible way.
It provides the following command line options:
If the -autorun
option is used with the ZAP -cmd
option then the ZAP exit value will be set as follows:
Whether the plan completed after encountering errors or warnings will depend on the settings used in the environment.
To use the automation framework:
-autogen*
command line options-autorun
commandline option e.g. ./zap.sh -cmd -autorun config.yaml
In most cases it is recommended to also use the -cmd
command line option so that the ZAP desktop is not displayed and ZAP exits as soon as it has finished generating or running the jobs defined in the file. However you can choose to run Automation Framework jobs using the ZAP desktop to help you debug issues.
The Automation Framework supports all of the authentication mechanisms supported by ZAP.
A GUI is under development and provides an ever increasing set of features.
The Automation Options screen allows you to configure specific options.
The following API endpoints are provided by this add-on:
If the ZAP desktop is being used then the plan will also be shown in the GUI to make it easier to diagnose any problems.
The environment section of the file defines the applications which the rest of the jobs can act on.
All file and directory paths can either be absolute or relative to the directory containing the plan. Relative paths are recommended for portability.
The following automation jobs are supported by this add-on:
Job tests can be added to jobs to check that the jobs have performed as expected.
This framework is plugable and so other add-ons may add support for other jobs, see the Automation Framework website pages for a more complete list.
The ‘min’ and ‘max’ templates include comments giving more information about the fields.