From 469571890b17b284cad2523ff2444888bd1fb411 Mon Sep 17 00:00:00 2001 From: ychung-mot Date: Mon, 25 Nov 2024 07:36:59 -0800 Subject: [PATCH] chore: zap-api-scan --- .github/workflows/zap-api-scan.yml | 39 ++++++++++++++++++++++++++++++ server/StrDss.Common/Constants.cs | 2 +- 2 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/zap-api-scan.yml diff --git a/.github/workflows/zap-api-scan.yml b/.github/workflows/zap-api-scan.yml new file mode 100644 index 00000000..3dc71cb2 --- /dev/null +++ b/.github/workflows/zap-api-scan.yml @@ -0,0 +1,39 @@ +name: Run ZAP API Scan + +on: + workflow_dispatch: + inputs: + api_url: + type: string + description: The base URL of the API to scan + default: https://dev.strdata.gov.bc.ca/api + spec_url: + type: string + description: The URL of the OpenAPI/GraphQL spec + default: https://dev.strdata.gov.bc.ca/api/swagger/strdata/swagger.json + +jobs: + zap-api-scan: + runs-on: ubuntu-22.04 + timeout-minutes: 30 + permissions: + contents: read + issues: write + + steps: + - uses: actions/checkout@v3 + + - name: ZAP API Scan + uses: zaproxy/action-api-scan@v0.10.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} + api_url: ${{ github.event.inputs.api_url }} + openapi: ${{ github.event.inputs.spec_url }} + rules_file_name: '.zap/rules.tsv' + context_file: '.zap/context.context' + + - name: Upload ZAP Scan Report + uses: actions/upload-artifact@v3 + with: + name: zap-api-scan-report + path: zap_api_scan_report.html diff --git a/server/StrDss.Common/Constants.cs b/server/StrDss.Common/Constants.cs index 6df4a620..59d5342e 100644 --- a/server/StrDss.Common/Constants.cs +++ b/server/StrDss.Common/Constants.cs @@ -561,7 +561,7 @@ public static class ListingExportFileNames public static class ApiTags { - public const string Default = "stadata"; + public const string Default = "strdata"; public const string Aps = "aps"; public static readonly string[] ApsTagList = { "aps" }; }