Skip to content
OWASP Zap Scan and Report

added process.env.ZAP_RISK_CODE #6

Sign in to view logs

added process.env.ZAP_RISK_CODE

added process.env.ZAP_RISK_CODE #6

Workflow file for this run

.github/workflows/zap-scan.yml at c6ff896
name: OWASP Zap Scan and Report
on:
push:
branches: [ zap-integration ]
pull_request:
branches: [ main ]
permissions:
id-token: write
jobs:
zap_scan:
permissions:
contents: write
runs-on: ubuntu-latest
name: Run Zap Scan for PR and Push
if: github.event_name == 'pull_request' || 'push'
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up Node.js
uses: actions/setup-node@v2
with:
node-version: 18
- name: OWASP ZAP Baseline Scan
continue-on-error: true
uses: zaproxy/action-baseline@v0.3.0
with:
target: "https://d37uopclgv3e6p.cloudfront.net/"
- name: Install Jira library for Node.js
run: npm install jira-client --legacy-peer-deps
- name: Parse Zap output and create Jira tickets
run: node .github/workflows/parse_zap_outputs.cjs report_json.json
env:
SCAN_OUTPUT_FILE_PATH: 'report_json.json'
ZAP_RISK_CODE: '2'
JIRA_PROJECT_KEY: MDCT
JIRA_ISSUE_TYPE: Task
JIRA_LABELS: MCR,zap
JIRA_EPIC_KEY: MDCT-2280
JIRA_TITLE_PREFIX: '[MCR] - Zap :'
JIRA_BASE_URL: qmacbis.atlassian.net
JIRA_API_TOKEN: ${{ secrets.JIRA_SERVICE_USER_TOKEN }}
JIRA_USER_EMAIL: ${{ secrets.JIRA_SERVICE_USERNAME }}