188597 (1) [Avatar] Offline
#1
I am working through the book, and I have been stuck on section 3.1 for the last couple of days. I got the deployment pipeline working in chapter 2, but when I updated the circle.yml to run ZAP, it isn't giving me the output I am expecting. The book shows a summary of vulnerabilities, but I don't see that at all. It looks to me like the docker container that is hosting the app is not running properly - kind of like it isn't listening on port 8080. When I look through the ZAP output (which there is a LOT - mostly things like "org.parosproxy.paros.extension.ExtensionLoader - Initializing <something>"), I do see this: "ERROR Failed to connect

2017-02-14 04:06:15,151 I/O error(5): Failed to connect".

I have tried forking the chapter 3 code, and I get the same result.
I have also tried running the build with ssh turned on and tried connecting to 172.17.0.2:8080, and it won't let me in.

Do you have any thoughts or suggestions? For now, I am going to skip the ZAP testing and move along in the book.