Skip to content

Penetration Tests

Penetration Tests #37

Workflow file for this run

name: Penetration Tests
on:
schedule: [cron: "0 11 * * 6"] # 3 AM PST = 12 PM UDT, Saturdays
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
zap_scan:
runs-on: ubuntu-latest
name: Penetration Tests
env:
DOMAIN: apps.silver.devops.gov.bc.ca
PREFIX: ${{ github.event.repository.name }}-test
strategy:
matrix:
name: [backendGo, backendJava, backendPy]
steps:
- name: ZAP Scan
uses: zaproxy/action-full-scan@v0.10.0
with:
allow_issue_writing: true
artifact_name: "zap_${{ matrix.name }}"
cmd_options: "-a"
issue_title: "ZAP: ${{ matrix.name }}"
target: https://${{ env.PREFIX }}-${{ matrix.name }}.${{ env.DOMAIN }}