Add owasp full scan to daily checks

2026-05-28 09:59:59 -04:00 · 2022-08-26 17:14:08 -04:00
parent 3341c08245
commit 581caa4d14
1 changed files with 19 additions and 0 deletions
--- a/.github/workflows/daily_checks.yml
+++ b/.github/workflows/daily_checks.yml
@@ -52,3 +52,22 @@ jobs:
        run: pip install bandit
      - name: Run scan
        run: bandit -r app/ --confidence-level medium
+
+  dynamic-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: ./.github/actions/setup-project
+      - name: Run server
+        run: make run-flask &
+        env:
+          NOTIFY_ENVIRONMENT: scanning
+      - name: Run OWASP Full Scan
+        uses: zaproxy/action-full-scan@v0.4.0
+        with:
+          docker_name: 'owasp/zap2docker-weekly'
+          target: 'http://localhost:6012'
+          fail_action: true
+          allow_issue_writing: false
+          rules_file_name: 'zap.conf'
+          cmd_options: '-I'