From 8dba4de6d66f815e6d10406736ee279f77eee2e5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ak=C4=B1n=20Demir?=
 <128565483+GrimezSec@users.noreply.github.com>
Date: Wed, 3 Apr 2024 23:34:05 +0300
Subject: [PATCH] Update gosec.yml

---
 .github/workflows/gosec.yml | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
index aca15be..4dbf4a4 100644
--- a/.github/workflows/gosec.yml
+++ b/.github/workflows/gosec.yml
@@ -25,7 +25,26 @@ jobs:
         uses: securego/gosec@master
         with:
           args: '-no-fail -fmt sarif -out results.sarif ./...'
+      
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: results.sarif
+      
+      - name: Change file permission to executable
+        run: chmod +x startservices.sh
+        
+      - name: Start Application
+        id: start-app
+        run: ./startservices.sh
+
+      - name: Wait for Application to Start
+        id: wait-app
+        run: sleep 10
+
+      - name: ZAP Full Scan
+        id: zap-scan
+        uses: zaproxy/action-full-scan@v0.10.0
+        with:
+          token: ${{ secrets.github_token }}
+          target: http://localhost:8080