-
Notifications
You must be signed in to change notification settings - Fork 1
83 lines (79 loc) · 2.52 KB
/
owaspscan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
name: DAST-security-scan
on:
pull_request:
branches:
- "**"
- "!main"
env:
NODE_VERSION: "20.x"
DB_USERNAME: postgres
DB_PASSWORD: postgres
DB_DATABASE: postgres
DATABASE_URL: postgres://postgres:postgres@localhost:5432/postgres?schema=public
jobs:
install:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup node
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Get npm cache directory
id: npm-cache-dir
run: echo "dir=$(npm config get cache)" >> ${GITHUB_OUTPUT}
- name: Cache npm
uses: actions/cache@v4
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: "${{ runner.os }}-npm-${{ hashFiles('package-lock.json') }}"
restore-keys: |
${{ runner.os }}-npm-
- name: Cache node modules
uses: actions/cache@v4
with:
path: ./node_modules
key: "${{ runner.os }}-node_modules-${{ hashFiles('package-lock.json') }}-${{ hashFiles('**/schema.prisma') }}"
restore-keys: |
${{ runner.os }}-node_modules-
- name: Install node dependencies
run: npm ci
- name: Generate prisma types
run: npm run prisma -- generate
owaspscan:
runs-on: ubuntu-latest
needs:
- install
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup node
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODE_VERSION }}
- name: Restore cached node modules
uses: actions/cache/restore@v4
with:
path: ./node_modules
key: "${{ runner.os }}-node_modules-${{ hashFiles('package-lock.json') }}-${{ hashFiles('**/schema.prisma') }}"
- name: Start services
env:
DB_USER: ${{ env.DB_USERNAME }}
DB_PASSWORD: ${{ env.DB_PASSWORD }}
run: |
cd development
chmod +x ./init/elasticsearch/init.sh
sed -i 's/- \.\/volumes\/elasticsearch\/data:\/usr\/share\/elasticsearch\/data//g' ./docker-compose.yaml
docker compose up -d db oidc elasticsearch
sleep 60
- name: Migrate database
run: npm run prisma -- migrate deploy
- name: OWASP ZAP Full Scan
uses: zaproxy/[email protected]
with:
target: "http://localhost:4200"
- name: Stop services
run: |
cd development
docker compose down