Skip to content

Penetration Tests

Penetration Tests #61

Workflow file for this run

name: Penetration Tests
on:
schedule: [cron: "0 11 * * 6"] # 3 AM PST = 12 PM UDT, Saturdays
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
zap_scan:
name: Penetration Tests
env:
DOMAIN: apps.silver.devops.gov.bc.ca
PREFIX: ${{ github.event.repository.name }}-test
runs-on: ubuntu-latest
strategy:
matrix:
component: [backend, frontend]
steps:
- name: ZAP Scan
uses: zaproxy/action-full-scan@v0.11.0
with:
allow_issue_writing: true
artifact_name: "zap_${{ matrix.component }}"
cmd_options: "-a"
issue_title: "ZAP: ${{ matrix.component }}"
target: https://${{ env.PREFIX }}-${{ matrix.component }}.${{ env.DOMAIN }}