generated from bcgov/quickstart-openshift
-
Notifications
You must be signed in to change notification settings - Fork 2
31 lines (29 loc) · 939 Bytes
/
pentests.yml
File metadata and controls
31 lines (29 loc) · 939 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
name: Penetration Tests
on:
schedule: [cron: "0 11 * * 6"] # 3 AM PST = 12 PM UDT, Saturdays
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions: {}
jobs:
zap_scan:
permissions:
issues: write # Required for ZAP scan to create security issues
runs-on: ubuntu-24.04
name: Penetration Tests
env:
DOMAIN: apps.silver.devops.gov.bc.ca
PREFIX: ${{ github.event.repository.name }}-test
strategy:
matrix:
name: [backendJava, backendPy]
steps:
- name: ZAP Scan
uses: zaproxy/action-full-scan@3c58388149901b9a03b7718852c5ba889646c27c # v0.13.0
with:
allow_issue_writing: true
artifact_name: "zap_${{ matrix.name }}"
cmd_options: "-a"
issue_title: "ZAP: ${{ matrix.name }}"
target: https://${{ env.PREFIX }}-${{ matrix.name }}.${{ env.DOMAIN }}