forked from PrivateBin/docker-nginx-fpm-alpine
-
Notifications
You must be signed in to change notification settings - Fork 1
53 lines (46 loc) · 1.76 KB
/
owasp.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# This is a basic workflow to help you get started with Actions
name: Security-scan
# Controls when the action will run.
on:
schedule:
- cron: '0 3 * * *' # everyday at 03:00 UTC
pull_request:
branches: master
push:
branches: master
tags: '*'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: master
# Runs a single command using the runners shell
- name: Pull and start docker
run: docker run -d --read-only -p 8080:8080 privatebin/unit-alpine
# Run OWASP scan
- name: OWASP ZAP Full Scan
uses: zaproxy/[email protected]
with:
# GitHub Token to create issues in the repository
#token: # optional, default is ${{ github.token }}
# Target URL
target: http://localhost:8080
# Relative path of the ZAP configuration file
rules_file_name: ".github/rules.tsv" # optional
# The Docker file to be executed
#docker_name: # default is owasp/zap2docker-stable
# Additional command line options
#cmd_options: # optional
# The title for the GitHub issue to be created
#issue_title: # optional, default is ZAP Full Scan Report
# The action status will be set to fail if ZAP identifies any alerts during the full scan
#fail_action: # optional