Update OWASP ZAP scans

The OWASP ZAP scan GitHub Actions have been updated recently and we need to make sure our GitHub Actions account for the recent changes.  This changeset makes sure we are using the latest version of the OWASP ZAP API scan, the correct Docker image, and adjusts the name of the step to accurately reflect what scan is being run.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>

.github/workflows/checks.yml

@@ -131,7 +131,7 @@ jobs:
         run: make run-flask &
         env:
           SQLALCHEMY_DATABASE_TEST_URI: postgresql://user:password@localhost:5432/test_notification_api
-      - name: Run OWASP Baseline Scan
+      - name: Run OWASP API Scan
         uses: zaproxy/action-api-scan@v0.5.0
         with:
           docker_name: 'ghcr.io/zaproxy/zaproxy:weekly'

.github/workflows/daily_checks.yml

@@ -75,14 +75,18 @@ jobs:
         run: make bootstrap
         env:
           SQLALCHEMY_DATABASE_TEST_URI: postgresql://user:password@localhost:5432/test_notification_api
+          NOTIFY_E2E_TEST_EMAIL: ${{ secrets.NOTIFY_E2E_TEST_EMAIL }}
+          NOTIFY_E2E_TEST_HTTP_AUTH_PASSWORD: ${{ secrets.NOTIFY_E2E_TEST_HTTP_AUTH_PASSWORD }}
+          NOTIFY_E2E_TEST_HTTP_AUTH_USER: ${{ secrets.NOTIFY_E2E_TEST_HTTP_AUTH_USER }}
+          NOTIFY_E2E_TEST_PASSWORD: ${{ secrets.NOTIFY_E2E_TEST_PASSWORD }}
       - name: Run server
         run: make run-flask &
         env:
           SQLALCHEMY_DATABASE_TEST_URI: postgresql://user:password@localhost:5432/test_notification_api
-      - name: Run OWASP Baseline Scan
+      - name: Run OWASP API Scan
-        uses: zaproxy/action-api-scan@v0.4.0
+        uses: zaproxy/action-api-scan@v0.5.0
         with:
-          docker_name: 'owasp/zap2docker-weekly'
+          docker_name: 'ghcr.io/zaproxy/zaproxy:weekly'
           target: 'http://localhost:6011/docs/openapi.yml'
           fail_action: true
           allow_issue_writing: false