-
-
Notifications
You must be signed in to change notification settings - Fork 0
41 lines (36 loc) · 1.15 KB
/
security_checker.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# https://docs.github.com/en/actions
name: Run security OWASP checks
on: # yamllint disable-line rule:truthy
workflow_dispatch:
inputs:
HOST:
description: ""
required: true
type: choice
options:
- 'https://devtools.arnaud-ritti.fr/'
FULL_SCAN:
description: ""
required: false
type: boolean
jobs:
zap_scan:
runs-on: ubuntu-latest
name: Scan the webapplication
steps:
- name: Checkout
uses: actions/checkout@v3
- name: ZAP Scan
if: ${{ !github.event.inputs.FULL_SCAN || github.event.inputs.FULL_SCAN == 'false' }}
uses: zaproxy/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
target: ${{ github.event.inputs.HOST }}
cmd_options: '-z "-config view.locale=fr_FR"'
- name: ZAP Scan
if: ${{ github.event.inputs.FULL_SCAN && github.event.inputs.FULL_SCAN != 'false' }}
uses: zaproxy/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
target: ${{ github.event.inputs.HOST }}
cmd_options: '-z "-config view.locale=fr_FR"'