Skip to content

Commit

Permalink
ci: test wapiti reports
Browse files Browse the repository at this point in the history
  • Loading branch information
gipo355 committed Jun 11, 2024
1 parent bbddbb2 commit 87a9566
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 1 deletion.
10 changes: 9 additions & 1 deletion .github/actions/attack/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,20 @@ runs:
using: composite
steps:
#
# wapiti
# emits .wapiti/generated_reports/report.html
# for now, base default scan
- name: Wapiti Scan
uses: gipo355/[email protected]
with:
target: "http://localhost:8080/tomcat-webapp-boilerplate/app"
github_token: ${{ inputs.github_token }}
- name: ZAP Scan
uses: zaproxy/action-full-scan@d2a07475d467566c9a3e3c700f31f47724aa1060 # v0.10.0
with:
token: ${{ inputs.pat }}
# docker_name: ${{ env.TEST_TAG }}
target: "http://localhost:8080/tomcat-webapp-boilerplate"
target: "http://localhost:8080/tomcat-webapp-boilerplate/app"
# rules_file_name: ".zap/rules.tsv"
cmd_options: "-a"
# TODO: ZAP emits json or creates an issue only
Expand Down
7 changes: 7 additions & 0 deletions .github/workflows/vulnerability-scans.yml
Original file line number Diff line number Diff line change
Expand Up @@ -85,12 +85,19 @@ jobs:
run: mv ./report_json.json ./docs/gh-pages/zap/report_json.json
- name: Copy snyk-container.sarif report to docs/gh-pages/snyk-container
run: mv ./snyk-container.sarif ./docs/gh-pages/snyk-container/snyk-container.json
- name: Copy wapiti report to docs/gh-pages/nmap
# requires sudo as docker container creating those files runs as root
run: |
sudo mv ./.wapiti/generated_reports/* ./docs/gh-pages/wapiti/
- name: Copy nmap report to docs/gh-pages/nmap
# requires sudo as docker container creating those files runs as root
run: |
sudo mv ./nmap-reports/vulner/vulner-output.log ./docs/gh-pages/nmap/vulner-output.log
sudo mv ./nmap-reports/direct/direct-output.log ./docs/gh-pages/nmap/direct-output.log
sudo mv ./nmap-reports/vulscan/vulscan-output.log ./docs/gh-pages/nmap/vulscan-output.log
- name: Change ownerhip of docs/gh-pages
run: |
sudo chown -R $USER:$USER ./docs/gh-pages
#
# post all results to github pages
- name: Deploy to GitHub Pages
Expand Down

0 comments on commit 87a9566

Please sign in to comment.