Skip to content

Merge pull request #739 from bcgov/dev #440

Merge pull request #739 from bcgov/dev

Merge pull request #739 from bcgov/dev #440

Workflow file for this run

name: Zap Scanning
on:
push:
branches:
- dev
- main
workflow_dispatch:
inputs:
environment:
description: 'The environment to deploy to'
required: true
default: 'dev'
type: choice
options:
- 'dev'
- 'test'
- 'prod'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
zap_scan_frontend_dev:
runs-on: ubuntu-latest
name: Scan the epd-Frontend-dev
if: ${{ github.event.inputs.environment == 'dev' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-full-scan@v0.10.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_DEV_EPD_FRONTEND_URL }}
zap_scan_applications_dev:
runs-on: ubuntu-latest
name: Scan the epd-backend-applications-dev
if: ${{ github.event.inputs.environment == 'dev' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_DEV_EPD_APPLICATIONS_URL }}
zap_scan_gateway_dev:
runs-on: ubuntu-latest
name: Scan the epd-backend-gateway-dev
if: ${{ github.event.inputs.environment == 'dev' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_DEV_EPD_GATEWAY_URL }}
zap_scan_users_dev:
runs-on: ubuntu-latest
name: Scan the epd-backend-users-dev
if: ${{ github.event.inputs.environment == 'dev' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_DEV_EPD_USERS_URL }}
zap_scan_forms-flow-analytics_dev:
runs-on: ubuntu-latest
name: Scan the forms-flow-analytics-dev
if: ${{ github.event.inputs.environment == 'dev' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_DEV_FORMSFLOW_ANALYTICS_URL }}
zap_scan_forms-flow-api_dev:
runs-on: ubuntu-latest
name: Scan the forms-flow-api-dev
if: ${{ github.event.inputs.environment == 'dev' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_DEV_FORMSFLOW_API_URL }}
zap_scan_forms-flow-bpm_dev:
runs-on: ubuntu-latest
name: Scan the forms-flow-bpm-dev
if: ${{ github.event.inputs.environment == 'dev' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_DEV_FORMSFLOW_BPM_URL }}
zap_scan_forms-flow-data-analysis_dev:
runs-on: ubuntu-latest
name: Scan the forms-flow-data-analysis-dev
if: ${{ github.event.inputs.environment == 'dev' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_DEV_FORMSFLOW_DATA_ANALYSIS_URL }}
# zap_scan_forms-flow-documents_dev:
# runs-on: ubuntu-latest
# name: Scan the forms-flow-documents-dev
# if: ${{ github.event.inputs.environment == 'dev' }}
# steps:
# - name: ZAP Scan
# uses: zaproxy/action-api-scan@v0.6.0
# with:
# allow_issue_writing: false
# token: ${{ secrets.GITHUB_TOKEN }}
# issue_title: 'ZAP Scan Report'
# target: ${{ secrets.ZAP_DEV_FORMSFLOW_DOCUMENTS_URL }}
zap_scan_forms-flow-forms_dev:
runs-on: ubuntu-latest
name: Scan the forms-flow-forms-dev
if: ${{ github.event.inputs.environment == 'dev' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_DEV_FORMSFLOW_FORMS_URL }}
zap_scan_forms-flow-web_dev:
runs-on: ubuntu-latest
name: Scan the forms-flow-web-dev
if: ${{ github.event.inputs.environment == 'dev' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_DEV_FORMSFLOW_WEB_URL }}
zap_scan_frontend_test:
runs-on: ubuntu-latest
name: Scan the epd-Frontend-test
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_TEST_EPD_FRONTEND_URL }}
zap_scan_applications_test:
runs-on: ubuntu-latest
name: Scan the epd-backend-applications-test
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_TEST_EPD_APPLICATIONS_URL }}
zap_scan_gateway_test:
runs-on: ubuntu-latest
name: Scan the epd-backend-gateway-test
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_TEST_EPD_GATEWAY_URL }}
zap_scan_users_test:
runs-on: ubuntu-latest
name: Scan the epd-backend-users-test
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_TEST_EPD_USERS_URL }}
zap_scan_forms-flow-analytics_test:
runs-on: ubuntu-latest
name: Scan the forms-flow-analytics-test
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_TEST_FORMSFLOW_ANALYTICS_URL }}
zap_scan_forms-flow-api_test:
runs-on: ubuntu-latest
name: Scan the forms-flow-api-test
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_TEST_FORMSFLOW_API_URL }}
zap_scan_forms-flow-bpm_test:
runs-on: ubuntu-latest
name: Scan the forms-flow-bpm-test
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_TEST_FORMSFLOW_BPM_URL }}
zap_scan_forms-flow-data-analysis_test:
runs-on: ubuntu-latest
name: Scan the forms-flow-data-analysis-test
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_TEST_FORMSFLOW_DATA_ANALYSIS_URL }}
# zap_scan_forms-flow-documents_test:
# runs-on: ubuntu-latest
# name: Scan the forms-flow-documents-test
# if: ${{ github.event.inputs.environment == 'test' }}
# steps:
# - name: ZAP Scan
# uses: zaproxy/action-api-scan@v0.6.0
# with:
# allow_issue_writing: false
# token: ${{ secrets.GITHUB_TOKEN }}
# issue_title: 'ZAP Scan Report'
# target: ${{ secrets.ZAP_TEST_FORMSFLOW_DOCUMENTS_URL }}
zap_scan_forms-flow-forms_test:
runs-on: ubuntu-latest
name: Scan the forms-flow-forms-test
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_TEST_FORMSFLOW_FORMS_URL }}
zap_scan_forms-flow-web_test:
runs-on: ubuntu-latest
name: Scan the forms-flow-web-test
if: ${{ github.event.inputs.environment == 'test' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_TEST_FORMSFLOW_WEB_URL }}
zap_scan_frontend_prod:
runs-on: ubuntu-latest
name: Scan the epd-Frontend-prod
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_PROD_EPD_FRONTEND_URL }}
zap_scan_applications_prod:
runs-on: ubuntu-latest
name: Scan the epd-backend-applications-prod
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_PROD_EPD_APPLICATIONS_URL }}
zap_scan_gateway_prod:
runs-on: ubuntu-latest
name: Scan the epd-backend-gateway-prod
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_PROD_EPD_GATEWAY_URL }}
zap_scan_users_prod:
runs-on: ubuntu-latest
name: Scan the epd-backend-users-prod
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_PROD_EPD_USERS_URL }}
zap_scan_forms-flow-analytics_prod:
runs-on: ubuntu-latest
name: Scan the forms-flow-analytics-prod
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_PROD_FORMSFLOW_ANALYTICS_URL }}
zap_scan_forms-flow-api_prod:
runs-on: ubuntu-latest
name: Scan the forms-flow-api-prod
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_PROD_FORMSFLOW_API_URL }}
zap_scan_forms-flow-bpm_prod:
runs-on: ubuntu-latest
name: Scan the forms-flow-bpm-prod
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_PROD_FORMSFLOW_BPM_URL }}
zap_scan_forms-flow-data-analysis_prod:
runs-on: ubuntu-latest
name: Scan the forms-flow-data-analysis-prod
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_PROD_FORMSFLOW_DATA_ANALYSIS_URL }}
# zap_scan_forms-flow-documents_prod:
# runs-on: ubuntu-latest
# name: Scan the forms-flow-documents-prod
# if: ${{ github.event.inputs.environment == 'prod' }}
# steps:
# - name: ZAP Scan
# uses: zaproxy/action-api-scan@v0.6.0
# with:
# allow_issue_writing: false
# token: ${{ secrets.GITHUB_TOKEN }}
# issue_title: 'ZAP Scan Report'
# target: ${{ secrets.ZAP_PROD_FORMSFLOW_DOCUMENTS_URL }}
zap_scan_forms-flow-forms_prod:
runs-on: ubuntu-latest
name: Scan the forms-flow-forms-prod
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_PROD_FORMSFLOW_FORMS_URL }}
zap_scan_forms-flow-web_prod:
runs-on: ubuntu-latest
name: Scan the forms-flow-web-prod
if: ${{ github.event.inputs.environment == 'prod' }}
steps:
- name: ZAP Scan
uses: zaproxy/action-api-scan@v0.6.0
with:
allow_issue_writing: false
token: ${{ secrets.GITHUB_TOKEN }}
issue_title: 'ZAP Scan Report'
target: ${{ secrets.ZAP_PROD_FORMSFLOW_WEB_URL }}