CCS-4 - zap scanning evidence 8

jfrog · Feb 5, 2025 · 740a732 · 740a732
1 parent 8505720
commit 740a732
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/.github/workflows/zap-evidence-example.yml b/.github/workflows/zap-evidence-example.yml
@@ -37,12 +37,13 @@ jobs:
         run: |
           docker pull ghcr.io/zaproxy/zaproxy:stable
           # zap test the mock site https://www.example.com
-          docker run -v $PWD:/zap/wrk/:rw -t ghcr.io/zaproxy/zaproxy:stable zap-full-scan.py -t https://www.example.com  -J report_json.json || true
+          docker run -v /tmp:/zap/wrk/:rw  -t ghcr.io/zaproxy/zaproxy:stable zap-full-scan.py -t https://www.example.com  -J report_json.json || true
           echo "Zap completed"
+          ls -ltr /tmp
           # create summary json
-          cat report_json.json | jq -r '.site[].alerts[].riskcode'   | sort | uniq -c | awk '{print "{\"riskcode\":\"" $2 "\", \"count\":" $1 "},"}' | sed '$ s/,$//' | awk 'BEGIN {print "["} {print} END {print "]"}' > report_summary.json
+          cat /tmp/report_json.json | jq -r '.site[].alerts[].riskcode'   | sort | uniq -c | awk '{print "{\"riskcode\":\"" $2 "\", \"count\":" $1 "},"}' | sed '$ s/,$//' | awk 'BEGIN {print "["} {print} END {print "]"}' > report_summary.json
           # create full report predicate  
-          jq -s '{summary: .[0], details: .[1]}' report_summary.json report_json.json  > summary.json
+          jq -s '{summary: .[0], details: .[1]}' report_summary.json /tmp/report_json.json  > summary.json
           echo "-----------Summary of ZAP scan-----------"
           cat summary.json