zaproxy-job.yaml

apiVersion: v1
data:
  script.sh: |-
    sleep 1m
    apt-get update && \
    apt-get -y install apt-transport-https \
         ca-certificates \
         curl \
         gnupg2 \
         software-properties-common && \
    curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg > /tmp/dkey; apt-key add /tmp/dkey && \
    add-apt-repository \
       "deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \
       $(lsb_release -cs) \
       stable" && \
    apt-get update && \
    apt-get -y install docker-ce
    rm -rf /out/*
    chmod 777 /out/
    docker run --rm -v /out:/zap/wrk/:rw -t owasp/zap2docker-live zap-baseline.py   -t http://15.206.11.209  -d -r demo_Dev_ZAP_VULNERABILITY_REPORT.html -x  demo_Dev_ZAP_VULNERABILITY_REPORT.xml
    ls /out/
    curl -u zippyops:zippyops01 -X DELETE 'http://nextcloud.jcr.svc.cluster.local/remote.php/dav/files/zippyops/zaproxy'
    curl -u zippyops:zippyops01 -X MKCOL 'http://nextcloud.jcr.svc.cluster.local/remote.php/dav/files/zippyops/zaproxy'
    #curl -u admin:zippyops -X PUT "http://jfrog-artifactory.jcr.svc.cluster.local:8082/artifactory/example-repo-local/demo_Dev_ZAP_VULNERABILITY_REPORT.html" -T /out/demo_Dev_ZAP_VULNERABILITY_REPORT.html
    #curl -u admin:zippyops -X PUT "http://jfrog-artifactory.jcr.svc.cluster.local:8082/artifactory/example-repo-local/demo_Dev_ZAP_VULNERABILITY_REPORT.xml" -T /out/demo_Dev_ZAP_VULNERABILITY_REPORT.xml
    curl -u zippyops:zippyops01 -X PUT --upload-file /out/demo_Dev_ZAP_VULNERABILITY_REPORT.html 'http://nextcloud.jcr.svc.cluster.local/remote.php/dav/files/zippyops/zaproxy/demo_Dev_ZAP_VULNERABILITY_REPORT.html'
    curl -u zippyops:zippyops01 -X PUT --upload-file /out/demo_Dev_ZAP_VULNERABILITY_REPORT.xml 'http://nextcloud.jcr.svc.cluster.local/remote.php/dav/files/zippyops/zaproxy/demo_Dev_ZAP_VULNERABILITY_REPORT.xml'

kind: ConfigMap
metadata:
  name: zap-configmap
---
apiVersion: batch/v1
kind: Job
metadata:
  labels:
    app: nginx
  name: zaproxy-job
spec:
  template:
    spec:
      containers:
        - command:
            - sh
            - /opt/script/script.sh
          image: nginx
          name: nginx
          volumeMounts:
            - mountPath: /out
              name: host-volume
              readOnly: false
            - mountPath: /var/run/docker.sock
              name: docker-volume
              readOnly: false
            - mountPath: /opt/script
              name: zap-configmap
              readOnly: false
      restartPolicy: Never
      volumes:
        - name: host-volume
          hostPath:
            path: /out
        - name: docker-volume
          hostPath:
            path: /var/run/docker.sock
        - configMap:
            name: zap-configmap
          name: zap-configmap