comment our sec tests

DTS-STN · Jan 21, 2025 · b4cdde1 · b4cdde1
1 parent 3bfd812
commit b4cdde1
Showing 1 changed file with 49 additions and 49 deletions.
diff --git a/AzurePipelines/prod-test-build-and-push.yml b/AzurePipelines/prod-test-build-and-push.yml
@@ -163,58 +163,58 @@ stages:
               artifact: "cypress-videos"
             condition: always()
 
-  - stage: SecurityTest
-    displayName: Security Testing
-    dependsOn: Build
-    jobs:
-      - job: OWASPZapTest
-        displayName: OWASP ZAP Security Tests
-        pool:
-          vmImage: $(vmImageName)
-        steps:
-          # Start the application container
-          - script: |
-              docker pull $(azureContainerRegistry.domain)/$(azureContainerRegistry.repository):$(tag)
-              docker run -d -p 3000:3000 $(azureContainerRegistry.domain)/$(azureContainerRegistry.repository):$(tag)
-            displayName: Start Application Container
-
-          # Use OWASP ZAP Scanner Task
-          - task: Zap@1
-            inputs:
-              aggressivemode: false
-              threshold: $(ZAP_THRESHOLD)
-              port: 3000
-              targeturl: $(ZAP_TARGET_URL)
-              scantype: "targetedScan"
-              contextpath: "$(System.DefaultWorkingDirectory)/zap"
-              reportfilename: "OWASP-ZAP-Report.html"
-              reportformat: "html"
-              enableVerifications: true
-              scantimeout: $(ZAP_TIMEOUT)
-              failonhigh: true
-              failonmedium: false
-              scanningmode: "targeted"
-
-          # Publish ZAP test results
-          - task: PublishPipelineArtifact@1
-            displayName: "Publish ZAP Results"
-            inputs:
-              targetPath: "$(System.DefaultWorkingDirectory)/zap"
-              artifact: "zap-security-report"
-            condition: always()
-
-          # Convert ZAP results to JUnit format for better visualization
-          - task: PublishTestResults@2
-            inputs:
-              testResultsFormat: "JUnit"
-              testResultsFiles: "**/zap-report.xml"
-              mergeTestResults: true
-              testRunTitle: "OWASP ZAP Security Tests"
-            condition: always()
+  # - stage: SecurityTest
+  #   displayName: Security Testing
+  #   dependsOn: Build
+  #   jobs:
+  #     - job: OWASPZapTest
+  #       displayName: OWASP ZAP Security Tests
+  #       pool:
+  #         vmImage: $(vmImageName)
+  #       steps:
+  #         # Start the application container
+  #         - script: |
+  #             docker pull $(azureContainerRegistry.domain)/$(azureContainerRegistry.repository):$(tag)
+  #             docker run -d -p 3000:3000 $(azureContainerRegistry.domain)/$(azureContainerRegistry.repository):$(tag)
+  #           displayName: Start Application Container
+
+  #         # Use OWASP ZAP Scanner Task
+  #         - task: Zap@1
+  #           inputs:
+  #             aggressivemode: false
+  #             threshold: $(ZAP_THRESHOLD)
+  #             port: 3000
+  #             targeturl: $(ZAP_TARGET_URL)
+  #             scantype: "targetedScan"
+  #             contextpath: "$(System.DefaultWorkingDirectory)/zap"
+  #             reportfilename: "OWASP-ZAP-Report.html"
+  #             reportformat: "html"
+  #             enableVerifications: true
+  #             scantimeout: $(ZAP_TIMEOUT)
+  #             failonhigh: true
+  #             failonmedium: false
+  #             scanningmode: "targeted"
+
+  #         # Publish ZAP test results
+  #         - task: PublishPipelineArtifact@1
+  #           displayName: "Publish ZAP Results"
+  #           inputs:
+  #             targetPath: "$(System.DefaultWorkingDirectory)/zap"
+  #             artifact: "zap-security-report"
+  #           condition: always()
+
+  #         # Convert ZAP results to JUnit format for better visualization
+  #         - task: PublishTestResults@2
+  #           inputs:
+  #             testResultsFormat: "JUnit"
+  #             testResultsFiles: "**/zap-report.xml"
+  #             mergeTestResults: true
+  #             testRunTitle: "OWASP ZAP Security Tests"
+  #           condition: always()
 
   - stage: Push
     displayName: Push to ACR
-    dependsOn: SecurityTest
+    dependsOn: Test
     jobs:
       - job: PushContainer
         displayName: Push Container to ACR