Skip to content

Pen Tests

Pen Tests #3561

Workflow file for this run

name: Pen Tests
on:
# Be careful when using the workflow_run trigger
# https://github.community/t/workflow-run-completed-event-triggered-by-failed-workflow/128001/7
workflow_run:
workflows: ["Release"]
branches:
- master
types:
- completed
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
zap-scan:
if: ${{ github.event.workflow_run.conclusion == 'success' }}
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Docker Compose up
run: |
curl -fsSL https://raw.githubusercontent.com/logto-io/logto/HEAD/docker-compose.yml |\
TAG=edge docker compose -p logto -f - up -d
- name: Sleep for 30 seconds
run: sleep 30s
- name: ZAP Scan
uses: zaproxy/[email protected]
with:
target: http://localhost:3001
cmd_options: "-a"
fail_action: true
allow_issue_writing: false
rules_file_name: ".zap/rules.conf"
# TODO: send slack message on failure