senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/docs/archive/workflows/zap-dast.yml.disabled

35 lines
988 B
Text
Raw Normal View History

ci: fix duplicate env block in staging-validation workflow Merge SSL env vars into existing env block instead of creating a duplicate (YAML doesn't allow duplicate top-level keys). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-09 12:51:10 +00:00
name: OWASP ZAP DAST
on:
schedule:
- cron: "0 3 * * *" # Nightly at 3am UTC
workflow_dispatch:
env:
GIT_SSL_NO_VERIFY: "true"
NODE_TLS_REJECT_UNAUTHORIZED: "0"
jobs:
zap-baseline:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: ZAP Baseline Scan
uses: zaproxy/action-baseline@v0.12.0
with:
target: ${{ secrets.STAGING_URL || 'http://localhost:5174' }}
rules_file_name: .zap/rules.tsv
fail_action: false
artifact_name: zap-report
- name: Upload ZAP report
if: always()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: zap-report
path: report_html.html
retention-days: 30
Reference in a new issue Copy permalink