Upgrade ZAPSCAN to 0.7.0 (#328)

* Update Trivy scan version to v2 * Upgrade ZAPSCAN to 0.7.0 --------- Co-authored-by: githubmamatha <[email protected]>
bcgov · Apr 23, 2024 · ff5588e · ff5588e
1 parent 4813ebb
commit ff5588e
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/.github/workflows/build.from.main.branch.deploy.to.dev.yml b/.github/workflows/build.from.main.branch.deploy.to.dev.yml
@@ -136,6 +136,6 @@ jobs:
 
       # now hit it with a zap scan
       - name: ZAP Scan
-        uses: zaproxy/action-api-scan@v0.1.0
+        uses: zaproxy/action-api-scan@v0.7.0
         with:
-          target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs'
+          target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.apps.silver.devops.gov.bc.ca/api/v1/api-docs'
diff --git a/.github/workflows/build.from.release.branch.deploy.to.dev.yml b/.github/workflows/build.from.release.branch.deploy.to.dev.yml
@@ -145,6 +145,6 @@ jobs:
 
       # now hit it with a zap scan
       - name: ZAP Scan
-        uses: zaproxy/action-api-scan@v0.1.0
+        uses: zaproxy/action-api-scan@v0.7.0
         with:
-          target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}-dev.apps.silver.devops.gov.bc.ca/api/v1/api-docs'
+          target: 'https://${{ env.REPO_NAME }}-${{ env.OPENSHIFT_NAMESPACE }}.apps.silver.devops.gov.bc.ca/api/v1/api-docs'
diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml
@@ -42,7 +42,7 @@ jobs:
           severity: 'CRITICAL'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: 'trivy-results.sarif'
       - name: Cache SonarCloud packages