/
scan-odoo.yml
62 lines (56 loc) · 1.37 KB
/
scan-odoo.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
name: DAST Scan
on:
pull_request:
branches: ["*"]
push:
branches: [main]
workflow_dispatch:
concurrency: dast-scan
permissions:
actions: read
checks: write
contents: read
packages: read
security-events: write
statuses: write
jobs:
dast:
name: Run DAST Scan
runs-on: ubuntu-latest
container: ubuntu
timeout-minutes: 20
services:
postgres:
image: postgres:13
ports: ["5432:5432"]
env:
POSTGRES_USER: odoo
POSTGRES_PASSWORD: odoo
POSTGRES_DB: postgres
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
odoo:
image: odoo
ports: ["8069:8069"]
env:
POSTGRES_USER: odoo
POSTGRES_PASSWORD: odoo
POSTGRES_DB: postgres
HOST: postgres
options: >-
--health-cmd "curl --fail http://localhost:8069 || exit 1"
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- run: apt-get update; apt-get install curl -y
- run: curl -vvv http://odoo:8069/ > curl_result_docker
- run: cat curl_result_docker
- name: Run Dastardly
uses: chtzvt/dastardly@v1
with:
target-url: http://odoo:8069/
enable-sarif-report: true