I wanted to use OWASP ZAP in my Azure DevOps pipelines and wanted to use the Docker Image that is available. Also wanted to run the docker container on demand. Found an article on Microsoft DevBlog that addresses this use case. When I tried to replicate that I ran into an issue. When i tried to execute the following command using Azure CLI i came across this error message.
az container exec --resource-group $resourceGroupName --name $aciInstanceName --exec-command "zap-baseline.py -t https://example.com -x OWASP-ZAP-Report.xml"
rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:247: starting container process caused "exec: \"zap-baseline.py -t https://example.com -x OWASP-ZAP-Report.xml\": stat zap-baseline.py -t https://example.com -x OWASP-ZAP-Report.xm l: no such file or directory"
When i did some digging around, I found that az container exec command does not support using arguments on the official documentation.
Then I created a custom docker image based off of owasp/zap2docker-stable image where I added a bash script that basically runs the same command and tried to call the bash file from Azure CLI
az container exec --resource-group $resourceGroupName --name $aciInstanceName --exec-command "execute-zap-baseline-test.sh"
But then i get the following error message.
rpc error: code = 2 desc = oci runtime error: exec failed: container_linux.go:247: starting container process caused "exec format error"
Would really appreciate some help resolving this issue. How can i execute the scan on the OWASP ZAP docker container running on Azure Container Instances
