From aa94acd842fc4f5dc31508bb605e566c069e6d70 Mon Sep 17 00:00:00 2001
From: Om Mishra <32200996+mishraomp@users.noreply.github.com>
Date: Tue, 23 Apr 2024 13:17:48 -0700
Subject: [PATCH] fix: zap scan (#135)

* fix: ZAP SCAN URL in scheduled

* adding ZAP scan to main merge
---
 .github/workflows/merge.yml     | 15 +++++++++++++++
 .github/workflows/scheduled.yml |  2 +-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml
index cb13260..d75e9f4 100644
--- a/.github/workflows/merge.yml
+++ b/.github/workflows/merge.yml
@@ -49,6 +49,21 @@ jobs:
           parameters:
             -p ZONE=test -p PROMOTE=${{ github.repository }}/${{ matrix.name }}:${{ needs.vars.outputs.pr }} -p MAX_REPLICAS=3
 
+  zap_scan:
+    runs-on: ubuntu-22.04
+    needs: [deploys, vars]
+    name: Penetration Tests
+    env:
+      URL: ${{ github.event.repository.name }}-test-frontend.apps.silver.devops.gov.bc.ca
+    steps:
+      - name: ZAP Scan
+        uses: zaproxy/action-full-scan@v0.10.0
+        with:
+          allow_issue_writing: true
+          artifact_name: "zap_rctool"
+          cmd_options: "-a"
+          issue_title: "ZAP: rctool"
+          target: https://${{ env.URL }}
   promotions:
     name: Promote Images
     needs: [deploys, vars]
diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml
index 19b43a9..8fcdc80 100644
--- a/.github/workflows/scheduled.yml
+++ b/.github/workflows/scheduled.yml
@@ -54,7 +54,7 @@ jobs:
     runs-on: ubuntu-latest
     name: Penetration Tests
     env:
-      URL: ${{ github.event.repository.name }}-test-test-frontend.apps.silver.devops.gov.bc.ca/rctool/
+      URL: ${{ github.event.repository.name }}-test-frontend.apps.silver.devops.gov.bc.ca
     steps:
       - name: ZAP Scan
         uses: zaproxy/action-full-scan@v0.10.0