Skip to content
ZAP Full Scan

Chain of Responsibility design pattern implementation #16

Sign in to view logs

Chain of Responsibility design pattern implementation

Chain of Responsibility design pattern implementation #16

Workflow file for this run

.github/workflows/zap-scan.yml at aabc0bf
name: ZAP Full Scan
on:
push:
branches: [main, feature/*]
pull_request:
branches: [main]
jobs:
zap_scan:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up JDK 21
uses: actions/setup-java@v3
with:
java-version: '21'
distribution: 'temurin'
- name: Build with Maven
run: mvn clean package
# Step 1: Create Docker network
- name: Create Docker Network
run: docker network create zap-network
# Step 2: Build the Docker image for the central-hub
- name: Build Docker Image
uses: docker/build-push-action@v4
with:
context: .
file: ./Dockerfile
push: false
tags: central-hub:latest
# Step 3: Run the Docker container for the application in the zap-network
- name: Run Docker Container
run: docker run -d --name central-hub --network zap-network -p 8082:8082 central-hub:latest
# Step 4: Wait for the application to start and be available
- name: Wait for Application to Start
run: |
echo "Waiting for the application to start..."
for i in {1..10}; do
if curl -s http://localhost:8082 >/dev/null; then
echo "Application is up!"
break
fi
echo "Waiting for 10 seconds..."
sleep 10
done
# Step 5: Run ZAP Full Scan in the same Docker network
- name: ZAP Full Scan
uses: zaproxy/action-full-scan@v0.11.0
with:
target: 'http://central-hub:8082' # Target by container name in the zap-network
token: ${{ secrets.GITHUB_TOKEN }}
cmd_options: '-t http://central-hub:8082 -r zap_report.html'
# Step 6: Upload the ZAP report as an artifact
- name: Upload ZAP Report
uses: actions/upload-artifact@v3
with:
name: zap-report
path: zap_report.html