I am trying to integrate OSWAP Security Plugin to Jenkins but here in below image i have selected Form based Authentication but In "Script Based Authentication" it is displaying Field is required. Please help me how to Integrate OWSAP With Jenkins
While this is a Jenkins plugin that leverages ZAP, it is not maintained by the ZAP core team. You should reach out to the maintainers of the plugin for support.
Related
At work we are using Azure repositories as version control and Jira for our project management needs and issue management. We wanted to integrate both of these platform, so I sucsseffully installed Azure Pipeline For Jira and tested it out with a demo repo on Github with Github for Jira and it worked, it integrated my git actions on issue pannels. But somehow it does not support the Azure repos (at least there is no free version).
Let me know if any one has a work around for this. (Obviously not paid)
My main Question is, now I am trying to use Azure webhooks to receive information regarding my git activity on Jira issue pannel. In order to receive this information I am trying to create a web trigger URL in Jira's Forge App but couldn't really make it work. Maybe the URL generated by Jira is too big or something it gives 424 error when GET request is sent to the URL. Can anyone help in this regard?
I want to use Roslyn analyser in our Azure pipelines. And got to know from below link that roslyn analyzer comes along with a plugin called Microsoft Security Code analysis extension.
https://learn.microsoft.com/en-us/azure/security/develop/security-code-analysis-overview
https://learn.microsoft.com/en-us/azure/security/develop/security-code-analysis-onboard
Can you please guide me how to install the extension in Azure pipeline?
Also is there any documentation regarding how to install Fxcop Analyzer in Azure pipelines?
The Microsoft Security Code Analysis can’t be installed directly in extension marketplace, you can link to https://secdevtools.azurewebsites.net/ and click Contact Us for general Availability Information to send a sign up email to Secure Development Tools group.
After the approval, you can get the extension in Organization Settings -> Extensions -> Shared. And more detail install information, you can check the documentation.
About the Fxcop Analyzer, you can install the Code Analysis Task for VSTS(from the Marketplace) and use this task on your pipeline and you can get more detailed information in Github.
Microsoft Security Code Analysis is a toolset (An additional subscription need to purchase at your Azure DevOps organization level), which provides different tools in the Azure DeOps pipeline to use. FxCopAnalyzer is one of the tool in it's offering under this subscription.
MS Code Analysis Onboarding and installation
https://learn.microsoft.com/en-us/azure/security/develop/security-code-analysis-onboard
FxCopAnalyzer configuration
https://learn.microsoft.com/en-us/azure/security/develop/security-code-analysis-customize#roslyn-analyzers-task
I am migrating from TFS 2015 to Azure DevOps. The process of creating the target project and importing the old git repository can easily be done through the Azure DevOps API.
But each new project, either created manually or by API has always all services (Boards, Pipelines, Test Lab, ...) enabled. Is there a way to change the default setting of which services should be enabled on new projects? Or even better an API method to switch certain services on / off?
We have hunderets of projects and therefor it's not feasible to open each project in the browser, change to the project settings page and adjust the services.
I haven't found anything in the docs: https://learn.microsoft.com/en-us/rest/api/azure/devops/?view=azure-devops-rest-5.0
This guy wrote a blog post on how to do this
This is an excerpt pulled from his post:
PATCH https://{account}.visualstudio.com/_apis/FeatureManagement/FeatureStates/host/project/{project-id}/{feature-id}?api-version='4.1-preview.1'
content-type: application/json
{"featureId":"{feature-id}","scope":{"settingScope":"project","userScoped":false},"state":0}
Replace account,project-id and feature-id as appropriate. Here are the feature id’s I know of.
ms.vss-build.pipelines [Azure Pipelines]
ms.vss-test-web.test [Test Plans]
ms.vss-work.agile [Azure Boards]
ms.vss-code.version-control [Azure Repos]
ms.feed.feed [Azure Artifacts]
It looks like turning a service off really just means hiding it from the UI.
Edit: it looks like the .net SDK has built in support for this as well
hoping someone has seen this before.
When I try to enable continuous integration in Visual Studio, using Visual Studio Team Services, I get the following error:
"This version control host is unsupported. Repositories must be hosted on VSTS or GigHub." This error gets zero results in google.
As you can see in the screenshot, the solution IS hosted by VSTS.
Explaining the screen shot:
Section 1 in the pic is the pop-up that appears after clicking 'Configure Continuous Integration' in the VS2017 status bar.
Section 2 is my VS team explorer window.
The grey boxes are the company website 'mycompany'.
Additional facts:
The VSTS account is owned by admin#mycompany.com, but my dev account, jason#quantumland.com, has full contributor permissions to the project. I get the same error whether red box 1 above has my personal account selected or admin#mycompany.com
The current loaded solution is the basic starter '.NET Core Web application' in VS2017 Community edition. No authentication selected, no changes to the auto-generated code.
I can build and run the solution locally, check in the solution to VSTS, see the code in the VSTS repository, publish to Azure web app, etc. Everything seems to be working but this.
Appreciate any help. My best guess is that my security permissions are wrong in VSTS, but both accounts are members of the 'admin team' group, and admin#mycompany.com is the creator/owner of the VSTS account and repository, so I don't see how.
You are using TFVC version control, the continuous delivery is used for Git version control, so you need to add a new git repository (can be in TFVC team project: Use Git and TFVC repos in the same team project), and use this git repository as source control.
Article about TFVC and Git: Choosing the right version control for your project
I was able to use TFVC for version control and get CI/CD to work. Following the newer instructions provided by #starain-MSFT:
Continuous Integration
This sets up CI/CD using the VSTS web portal exclusively. It works, but if I click 'configure continuous delivery' in the VS2017 status bar and use that form, I continue to get the error above.
If anyone posts an answer that fixes the exact question asked I'll update and mark that as the answer. Good news is that you can indeed use TFVC with CI/CD. yay, and thanks to #starain-MSFT for the updated link.
I want to activate mail service on webcenter portal. But mail service does not appear on the services and providers page. How do I make it appear the mail service?
Sory for my poor language.
Screenshot
There are several prerequisites.
Oracle provides a configuration roadmap for configuring the Mail Service:
http://docs.oracle.com/cd/E29542_01/webcenter.1111/e27738/wcadm_mail.htm#WCADM9793
I can tell from your screenshot you are not on the most recent 11.1.1.8 version yet, here is the same documentation, but for 11.1.1.6:
http://docs.oracle.com/cd/E23943_01/webcenter.1111/e12405/wcadm_mail.htm#WCADM9793