Owasp Zap generate report error in azure pipeline

Question

We have a azure pipeline which runs weekly and executes owasp zap. Up until about 6 weeks about this job ran without issue but recently we are getting errors on the Geneate Report step and I cannot figure out why. Nothing has changed on our side so I am thinking this is something to do with Azure. Anyway these are the steps

   steps:
    - task: DockerInstaller@0
      displayName: 'Install Docker'
      condition: always()
    
    - bash: |
          mkdir wrk
          chmod 777 wrk
          docker run \
          --volume $(Agent.ReleaseDirectory)/wrk:/output:rw \
          --volume $(Agent.ReleaseDirectory)/wrk:/zap/wrk:rw \
          registry.gitlab.com/gitlab-org/security-products/dast:latest /analyze -t ${target} \
          --full-scan False \
          -r report.html \
          -x report.xml
       
      displayName: 'Run ZAP scan'
      continueOnError: true
      env:
        target: https://www.abcxyz.com
    
    - bash: 'wget -O OWASPToNUnit3.xslt https://gist.githubusercontent.com/sudhinsr/6dad07c20785d8d00ffd406a6c581b15/raw/42b2fe2201f6f054b97673239970e4d6eca2e308/OWASPToNUnit3.xslt'
      displayName: 'Download OWASPToNUnit3'
      continueOnError: true
        
    - bash: |
          wget https://www.saxonica.com/download/SaxonHE11-5J.zip
          unzip SaxonHE11-5J.zip
      displayName: 'Download Saxon'
      continueOnError: true
    
    - bash: |
       java -jar saxon-he-11.5.jar -xsl:$(Agent.ReleaseDirectory)/OWASPToNUnit3.xslt -s:$(Agent.ReleaseDirectory)/wrk/report.xml -o:$(Agent.ReleaseDirectory)/testReport.xml
       
      displayName: 'Generate Report'
      continueOnError: true
    
    - task: PublishTestResults@2
      displayName: 'Publish Pi Test Results'
      inputs:
        testResultsFormat: NUnit
        testResultsFiles: testReport.xml
        searchFolder: '$(Agent.ReleaseDirectory)'
      continueOnError: true

Everything appears fine until here

And when I log at the log you can see the report is not being created or does not exist

2023-06-13T14:52:50.6301926Z ##[section]Starting: Generate Report
2023-06-13T14:52:50.6305291Z ==============================================================================
2023-06-13T14:52:50.6305382Z Task         : Bash
2023-06-13T14:52:50.6305424Z Description  : Run a Bash script on macOS, Linux, or Windows
2023-06-13T14:52:50.6305494Z Version      : 3.214.0
2023-06-13T14:52:50.6305539Z Author       : Microsoft Corporation
2023-06-13T14:52:50.6305590Z Help         : https://docs.microsoft.com/azure/devops/pipelines/tasks/utility/bash
2023-06-13T14:52:50.6305676Z ==============================================================================
2023-06-13T14:52:50.7394911Z Generating script.
2023-06-13T14:52:50.7408248Z Script contents:
2023-06-13T14:52:50.7409109Z java -jar saxon-he-11.5.jar -xsl:/home/vsts/work/r1/a/OWASPToNUnit3.xslt -s:/home/vsts/work/r1/a/wrk/report.xml -o:/home/vsts/work/r1/a/testReport.xml
2023-06-13T14:52:50.7418064Z ========================== Starting Command Output ===========================
2023-06-13T14:52:50.7428255Z [command]/usr/bin/bash /home/vsts/work/_temp/8e936c3d-9c88-4700-9b19-bede87942d5b.sh
2023-06-13T14:52:51.3252644Z Source file /home/vsts/work/r1/a/wrk/report.xml does not exist
2023-06-13T14:52:51.3353558Z ##[error]Bash exited with code '2'.
2023-06-13T14:52:51.3368023Z ##[warning]RetryHelper encountered task failure, will retry (attempt #: 1 out of 2) after 1000 ms
2023-06-13T14:52:52.4318153Z Generating script.
2023-06-13T14:52:52.4334398Z Script contents:
2023-06-13T14:52:52.4336037Z java -jar saxon-he-11.5.jar -xsl:/home/vsts/work/r1/a/OWASPToNUnit3.xslt -s:/home/vsts/work/r1/a/wrk/report.xml -o:/home/vsts/work/r1/a/testReport.xml
2023-06-13T14:52:52.4348418Z ========================== Starting Command Output ===========================
2023-06-13T14:52:52.4357462Z [command]/usr/bin/bash /home/vsts/work/_temp/85785ffa-92cb-4954-bdd5-1f6074fd8d35.sh
2023-06-13T14:52:52.8587611Z Source file /home/vsts/work/r1/a/wrk/report.xml does not exist
2023-06-13T14:52:52.8688921Z ##[error]Bash exited with code '2'.
2023-06-13T14:52:52.8760982Z ##[warning]RetryHelper encountered task failure, will retry (attempt #: 2 out of 2) after 4000 ms
2023-06-13T14:52:56.9664077Z Generating script.
2023-06-13T14:52:56.9677388Z Script contents:
2023-06-13T14:52:56.9678043Z java -jar saxon-he-11.5.jar -xsl:/home/vsts/work/r1/a/OWASPToNUnit3.xslt -s:/home/vsts/work/r1/a/wrk/report.xml -o:/home/vsts/work/r1/a/testReport.xml
2023-06-13T14:52:56.9686945Z ========================== Starting Command Output ===========================
2023-06-13T14:52:56.9697289Z [command]/usr/bin/bash /home/vsts/work/_temp/4e9abd9b-d959-406e-b1e9-805f7b160469.sh
2023-06-13T14:52:57.4142049Z Source file /home/vsts/work/r1/a/wrk/report.xml does not exist
2023-06-13T14:52:57.4216908Z ##[error]Bash exited with code '2'.
2023-06-13T14:52:57.4252831Z ##[section]Finishing: Generate Report

As I have said this was working fine until a couple of weeks ago, can anyone shed any light on what is going on please?

Thanks in advance folks

Answer 1

So this is down to the Deprecate of DAST_HTML_REPORT, DAST_XML_REPORT, and DAST_MARKDOWN_REPORT for DAST

More info at https://gitlab.com/gitlab-org/gitlab/-/issues/384340/?_gl=1*16oaarv*_ga*MzQ1NjE3NjEuMTY4Nzc3NDE0OQ..*_ga_ENFH3X7M5Y*MTY4Nzc3NDE0OC4xLjEuMTY4Nzc3NDE1MC4wLjAuMA..