Skip to content

Security-scan

Security-scan #1638

Workflow file for this run

# This is a basic workflow to help you get started with Actions
name: Security-scan
# Controls when the action will run.
on:
schedule:
- cron: '0 3 * * *' # everyday at 03:00 UTC
pull_request:
branches: master
push:
branches: master
tags: '*'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: master
# Runs a single command using the runners shell
- name: Pull and start docker
run: docker run -d --read-only -p 8080:8080 privatebin/nginx-fpm-alpine
# Run OWASP scan
- name: OWASP ZAP Full Scan
uses: zaproxy/[email protected]
with:
# GitHub Token to create issues in the repository
#token: # optional, default is ${{ github.token }}
# Target URL
target: http://localhost:8080
# Relative path of the ZAP configuration file
rules_file_name: ".github/rules.tsv" # optional
# The Docker file to be executed
#docker_name: # default is owasp/zap2docker-stable
# Additional command line options
#cmd_options: # optional
# The title for the GitHub issue to be created
#issue_title: # optional, default is ZAP Full Scan Report
# The action status will be set to fail if ZAP identifies any alerts during the full scan
#fail_action: # optional