Skip to content

More Securely Log Into Docker Registry #1533

More Securely Log Into Docker Registry

More Securely Log Into Docker Registry #1533

Workflow file for this run

name: ZAP
on:
push:
branches:
- main
pull_request:
branches:
- main
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
name: ZAP API Scan
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v3
with:
java-version: 17
distribution: corretto
cache: gradle
- name: ShadowJar
run: ./gradlew clean shadowJar
- name: Run App in Container
run: docker compose up --build -d
- name: Check API Health
run: ./health-check.sh
- name: Run ZAP API Scan
run: docker run -v $(pwd):/zap/wrk/:rw --user root -t owasp/zap2docker-weekly zap-api-scan.py -t http://$(ip -f inet -o addr show docker0 | awk '{print $4}' | cut -d '/' -f 1):8080/openapi -f openapi -r api-scan-report.html
- name: Upload Report
uses: actions/upload-artifact@v3
if: always()
with:
name: zap-scan-report
path: api-scan-report.html