Update gosec.yml

akindemirsec · Apr 3, 2024 · 8dba4de · 8dba4de
1 parent a29e10a
commit 8dba4de
Showing 1 changed file with 20 additions and 1 deletion.
diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
@@ -25,7 +25,26 @@ jobs:
         uses: securego/gosec@master
         with:
           args: '-no-fail -fmt sarif -out results.sarif ./...'
+
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: results.sarif
+
+      - name: Change file permission to executable
+        run: chmod +x startservices.sh
+
+      - name: Start Application
+        id: start-app
+        run: ./startservices.sh
+
+      - name: Wait for Application to Start
+        id: wait-app
+        run: sleep 10
+
+      - name: ZAP Full Scan
+        id: zap-scan
+        uses: zaproxy/action-full-scan@v0.10.0
+        with:
+          token: ${{ secrets.github_token }}
+          target: http://localhost:8080