-
Notifications
You must be signed in to change notification settings - Fork 1
109 lines (95 loc) · 3.71 KB
/
zap_scans.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
name: Zap Scans
on:
pull_request:
branches: [ main ]
jobs:
baseline:
name: Zap Baseline Scan
runs-on: ubuntu-latest
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Setup env file ⚙
run: |
echo "# tool hosting information" > .env
echo "HTTP_PORT=70" >> .env
echo "DOMAIN=localhost" >> .env
echo "WS_PROTOCOL=ws" >> .env
echo "WS_PORT=70" >> .env
echo "" >> .env
echo "# database information" >> .env
echo "MYSQL_ROOT_PASSWORD=xFRcwhHSF4aHxpGv7n5DuzSz" >> .env
echo "MYSQL_PORT=3206" >> .env
echo "MYSQL_DATABASE=snnap" >> .env
echo "MYSQL_USER=snnap" >> .env
echo "MYSQL_PASSWORD=vGvmKAcPLeQpQ7gEKckN89dB" >> .env
echo "" >> .env
echo "# api information" >> .env
echo "API_PORT=3001" >> .env
echo "API_LIMIT=10000" >> .env
echo "" >> .env
echo "# third party information" >> .env
echo "GA_TRACKING_CODE=UA-000000-01" >> .env
echo "GEOAPIFY_API_KEY=${{ secrets.GEOAPIFY_API_KEY }}" >> .env
echo "" >> .env
echo "# email info" >> .env
echo "EMAIL_USER=${{ secrets.EMAIL_USER }}" >> .env
echo "EMAIL_PASS=${{ secrets.EMAIL_PASS }}" >> .env
- name: Setup key files ⚙
run: |
mkdir -p api/certs
echo "${{ secrets.KEY }}" > api/certs/key-rsa.pem
echo "${{ secrets.CERT }}" > api/certs/cert.pem
- name: Build Dockerfile 🐋
run: docker-compose -f docker-compose.yml up -d --build
- name: ZAP Scan
uses: zaproxy/[email protected]
with:
target: 'http://localhost:70'
allow_issue_writing: false
full:
name: Zap Full Scan
runs-on: ubuntu-latest
steps:
- name: Checkout 🛎️
uses: actions/checkout@v4
- name: Setup env file ⚙
run: |
echo "# tool hosting information" > .env
echo "HTTP_PORT=70" >> .env
echo "DOMAIN=localhost" >> .env
echo "WS_PROTOCOL=ws" >> .env
echo "WS_PORT=70" >> .env
echo "" >> .env
echo "# database information" >> .env
echo "MYSQL_ROOT_PASSWORD=xFRcwhHSF4aHxpGv7n5DuzSz" >> .env
echo "MYSQL_PORT=3206" >> .env
echo "MYSQL_DATABASE=snnap" >> .env
echo "MYSQL_USER=snnap" >> .env
echo "MYSQL_PASSWORD=vGvmKAcPLeQpQ7gEKckN89dB" >> .env
echo "" >> .env
echo "# api information" >> .env
echo "API_PORT=3001" >> .env
echo "API_LIMIT=10000" >> .env
echo "" >> .env
echo "# third party information" >> .env
echo "GA_TRACKING_CODE=UA-000000-01" >> .env
echo "GEOAPIFY_API_KEY=${{ secrets.GEOAPIFY_API_KEY }}" >> .env
echo "" >> .env
echo "# email info" >> .env
echo "EMAIL_USER=${{ secrets.EMAIL_USER }}" >> .env
echo "EMAIL_PASS=${{ secrets.EMAIL_PASS }}" >> .env
- name: Setup key files ⚙
run: |
mkdir -p api/certs
echo "${{ secrets.KEY }}" > api/certs/key-rsa.pem
echo "${{ secrets.CERT }}" > api/certs/cert.pem
- name: Build Dockerfile 🐋
run: docker-compose -f docker-compose.yml up -d --build
- name: ZAP Scan
uses: zaproxy/[email protected]
with:
target: 'http://localhost:70'
allow_issue_writing: false