Update Docker images in docs/faq

Usage images from SSP org or GHCR. Update file names of Root CA cert to match the latest release. Signed-off-by: thc202 <thc202@gmail.com>
zaproxy · Aug 11, 2023 · 5d618fc · 5d618fc
1 parent 2f113c1
commit 5d618fc
Show file tree

Hide file tree

Showing 7 changed files with 23 additions and 23 deletions.
diff --git a/site/content/docs/contribute/social.md b/site/content/docs/contribute/social.md
@@ -15,12 +15,12 @@ links:
     link: https://twitter.com/zaproxy
     desc: follow the official ZAP Twitter account (low volume)
 
-  - name: 'Docker: zap2docker-stable'
-    link: https://hub.docker.com/r/owasp/zap2docker-stable/
+  - name: 'Docker: ZAP Stable'
+    link: https://hub.docker.com/r/softwaresecurityproject/zap-stable/
     desc: like the ZAP stable Docker image
 
-  - name: 'Docker: zap2docker-weekly'
-    link: https://hub.docker.com/r/owasp/zap2docker-weekly/
+  - name: 'Docker: ZAP Weekly'
+    link: https://hub.docker.com/r/softwaresecurityproject/zap-weekly/
     desc: like the ZAP weekly Docker image
 
   - name: 'OpenHub: zaproxy'

diff --git a/site/content/docs/docker/baseline-scan.md b/site/content/docs/docker/baseline-scan.md
@@ -50,19 +50,19 @@ Options:
 ```
 To run it with no 'file' params use:
 ```
-docker run -t owasp/zap2docker-stable zap-baseline.py -t https://www.example.com
+docker run -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py -t https://www.example.com
 ```
 If you use 'file' params then you need to mount the directory those file are in or will be generated in, eg
 ```
-docker run -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-stable zap-baseline.py \
+docker run -v $(pwd):/zap/wrk/:rw -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py \
     -t https://www.example.com -g gen.conf -r testreport.html
 ```
 
 Note that `$(pwd)` is only supported on Linux and MacOS - on Windows you will need to replace this with the full current working directory.
 
 ### Example Output
 ```
-docker run -t owasp/zap2docker-stable zap-baseline.py -t https://www.example.com
+docker run -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py -t https://www.example.com
 May 17, 2016 1:24:32 PM java.util.prefs.FileSystemPreferences$1 run
 INFO: Created user preferences directory.
 Total of 3 URLs

diff --git a/site/content/docs/docker/diagnosing-problems.md b/site/content/docs/docker/diagnosing-problems.md
@@ -15,7 +15,7 @@ If ZAP cannot connect to your target app then the first thing to do is to see if
 To do that you can just use the `curl` command to make a request to the target. Change the Docker image name if you are not using the stable one:
 
 ```bash
-docker run -t owasp/zap2docker-stable curl https://www.example.com
+docker run -t ghcr.io/zaproxy/zaproxy:stable curl https://www.example.com
 ```
 
 If `curl` cannot access your target app then this is a Docker networking issue rather than a problem with ZAP.
@@ -38,7 +38,7 @@ If you cannot see files that should be being created then first check to make su
 If they are then check that any file can be created - the following command should create the file `test.txt` in the CWD on Linux / MacOS.
 
 ```bash
-docker run -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-stable touch /zap/wrk/test.txt
+docker run -v $(pwd):/zap/wrk/:rw -t ghcr.io/zaproxy/zaproxy:stable touch /zap/wrk/test.txt
 ```
 
 If this does not work then there is a permission issue in your environment - no ZAP options will be able to work around that.
@@ -55,13 +55,13 @@ Once that has completed you will be able to access the ZAP log file.
 So instead of running:
 
 ```bash
-docker run -t owasp/zap2docker-stable zap-baseline.py -t https://www.example.com
+docker run -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py -t https://www.example.com
 ```
 
 You need to run:
 
 ```bash
-docker run -i -t owasp/zap2docker-stable bash 
+docker run -i -t ghcr.io/zaproxy/zaproxy:stable bash 
 ```
 
 From the bash prompt then your command, e.g.:
@@ -97,7 +97,7 @@ If you are using one of the Packaged Scans then you just need to:
     * [LogMessages.js](https://github.com/zaproxy/community-scripts/blob/main/httpsender/LogMessages.js)
 2. Run your packaged scan mapping the CWD to `/zap/wrk/` and passing in the above scan hook, e.g.
    ```bash
-    docker run -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-stable zap-baseline.py -t https://www.example.com --hook=LogMessagesHook.py
+    docker run -v $(pwd):/zap/wrk/:rw -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py -t https://www.example.com --hook=LogMessagesHook.py
     ```
 
 All of the requests and responses made by or proxied through ZAP will be written to the `req-resp-log.txt` file in your CWD.

diff --git a/site/content/docs/docker/full-scan.md b/site/content/docs/docker/full-scan.md
@@ -48,11 +48,11 @@ Options:
 ```
 To run it with no 'file' params use:
 ```
-docker run -t owasp/zap2docker-stable zap-full-scan.py -t https://www.example.com
+docker run -t ghcr.io/zaproxy/zaproxy:stable zap-full-scan.py -t https://www.example.com
 ```
 If you use 'file' params then you need to mount the directory those file are in or will be generated in, eg
 ```
-docker run -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-stable zap-full-scan.py \
+docker run -v $(pwd):/zap/wrk/:rw -t ghcr.io/zaproxy/zaproxy:stable zap-full-scan.py \
     -t https://www.example.com -g gen.conf -r testreport.html
 ```
 

diff --git a/site/content/docs/docker/scan-hooks.md b/site/content/docs/docker/scan-hooks.md
@@ -48,7 +48,7 @@ def zap_ajax_spider(zap, target, max_time):
 zap-baseline.py -t https://example.com --hook=my-hooks.py
 
 # or using Docker 
-docker run -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-stable zap-baseline.py \
+docker run -v $(pwd):/zap/wrk/:rw -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py \
     -t https://www.example.com -g gen.conf -r testreport.html --hook=/zap/wrk/my-hooks.py
 ```
 

diff --git a/site/content/docs/docker/webswing.md b/site/content/docs/docker/webswing.md
@@ -11,9 +11,9 @@ Starting with version 2.5.0 you can run the ZAP Desktop UI in your browser witho
 
 To do this you will just need Docker installed. Start the container with webswing support:
 * Stable: 
-  * `docker run -u zap -p 8080:8080 -p 8090:8090 -i owasp/zap2docker-stable zap-webswing.sh`
+  * `docker run -u zap -p 8080:8080 -p 8090:8090 -i ghcr.io/zaproxy/zaproxy:stable zap-webswing.sh`
 * Weekly: 
-  * `docker run -u zap -p 8080:8080 -p 8090:8090 -i owasp/zap2docker-weekly zap-webswing.sh`
+  * `docker run -u zap -p 8080:8080 -p 8090:8090 -i ghcr.io/zaproxy/zaproxy:weekly zap-webswing.sh`
 
 Then point your browser at: 
   * http://localhost:8080/zap
@@ -32,12 +32,12 @@ You can even proxy your browser through ZAP, via the URL [http://localhost:8090]
 
 However it is not possible to launch browsers via ZAP started via Webswing so in order to proxy https based sites you need to start the docker container with a local drive mapped to `/zap/wrk` e.g. using:
 
-*  `docker run -v $(pwd):/zap/wrk/:rw -u zap -p 8080:8080 -p 8090:8090 -i owasp/zap2docker-stable zap-webswing.sh`
+*  `docker run -v $(pwd):/zap/wrk/:rw -u zap -p 8080:8080 -p 8090:8090 -i ghcr.io/zaproxy/zaproxy:stable zap-webswing.sh`
 
 When you do this ZAP will create 2 files on your mapped drive:
 
-* owasp_zap_root_ca.crt - the public ZAP Root CA certificate
-* owasp_zap_root_ca.key - the private ZAP Root CA certificate
+* zap_root_ca.crt - the public ZAP Root CA certificate
+* zap_root_ca.key - the private ZAP Root CA certificate
 
 You will then need to configure one of your browsers to [proxy via ZAP](/docs/desktop/start/proxies/) 
 and [import the public ZAP Root CA certificate](/docs/desktop/ui/dialogs/options/dynsslcert/#install) so that it is trusted to sign websites.
@@ -55,12 +55,12 @@ Note that you will need to visit http://localhost:8080/zap _before_ you can use
 When you run ZAP using Webswing then the following ZAP Command Line Options will be used:
 
 * If there is a `ZAP_WEBSWING_OPTS` environmental variable set then its value will be used
-* If not then if a `/zap/wrk/owasp_zap_root_ca.key` file exists then this is loaded as the ZAP root cert
+* If not then if a `/zap/wrk/zap_root_ca.key` file exists then this is loaded as the ZAP root cert
 * If not then if the `/zap/wrk` is writable then ZAP will output the public and private ZAP cert into that directory
 * If not then the default ZAP options will be used: `-host 0.0.0.0 -port 8090`
 
 For example to start ZAP listening on a different port (9090) use:
-  * `docker run -v $(pwd):/zap/wrk/:rw -e ZAP_WEBSWING_OPTS="-host 0.0.0.0 -port 9090" -u zap -p 8080:8080 -p 9090:9090 -i owasp/zap2docker-stable zap-webswing.sh`
+  * `docker run -v $(pwd):/zap/wrk/:rw -e ZAP_WEBSWING_OPTS="-host 0.0.0.0 -port 9090" -u zap -p 8080:8080 -p 9090:9090 -i ghcr.io/zaproxy/zaproxy:stable zap-webswing.sh`
 
 ## Blog post
 

diff --git a/site/content/faq/why-cant-zap-connect-to-my-website.md b/site/content/faq/why-cant-zap-connect-to-my-website.md
@@ -16,7 +16,7 @@ Can you connect to your application from the same machine using another tool lik
 If you are using one of the ZAP Docker images then be aware that using Docker will change the networking.
 In this case make sure that you run `curl` from the Docker image, e.g. using a command like:    
 
-    docker run --rm owasp/zap2docker-weekly /usr/bin/curl https://www.example.com/
+    docker run --rm ghcr.io/zaproxy/zaproxy:weekly /usr/bin/curl https://www.example.com/
 
 If `curl` fails to connect as well then try to find out if there are any firewalls installed which could be preventing access to your application.
 This will be a networking problem and not anything to do with ZAP.