Skip to content
ZAP vs Firing Range

ZAP vs Firing Range #1012

Sign in to view logs

ZAP vs Firing Range

ZAP vs Firing Range #1012

Workflow file for this run

.github/workflows/zap-vs-firingrange.yml at be52f83
name: ZAP vs Firing Range
on:
schedule:
- cron: '0 2 * * *' # 2 am every day
workflow_dispatch:
jobs:
scan:
runs-on: ubuntu-latest
steps:
- name: Clone zap-mgmt-scripts and zaproxy-website
run: |
# Setup git details
export GITHUB_USER=zapbot
export GITHUB_TOKEN=${{ secrets.ZAPBOT_TOKEN }}
git config --global user.email "12745184+zapbot@users.noreply.github.com"
git config --global user.name $GITHUB_USER
git clone https://github.com/$GITHUB_USER/zap-mgmt-scripts.git
git clone https://github.com/$GITHUB_USER/zaproxy-website.git
# Update to the latest upstream
cd zaproxy-website
git remote set-url origin https://$GITHUB_USER:$GITHUB_TOKEN@github.com/$GITHUB_USER/zaproxy-website.git
git remote add upstream https://github.com/zaproxy/zaproxy-website.git
git checkout -B firingrange
git pull upstream main
git reset --hard upstream/main
git push --set-upstream origin firingrange --force
- name: Scan Firing Range
run: |
cd zap-mgmt-scripts/scans/firingrange
sections=( "escape" "mixedcontent" "reflected" "remoteinclude" "reverseclickjacking" "leakedcookie" "clickjacking")
for s in "${sections[@]}"
do
cat fr-$s.js firing-range-score-main.js > firing-range-score.js
docker run --user=root -v $(pwd):/zap/wrk/:rw -t ghcr.io/zaproxy/zaproxy:nightly zap.sh -cmd -silent -autorun /zap/wrk/fr-$s.yaml
cp $s.yml ../../../zaproxy-website/site/data/scans/firingrange/
done
- name: Raise a PR on the website
run: |
cd zaproxy-website
# Update the index to be sure git is aware of changes
git update-index -q --refresh
## If there are changes: comment, commit, PR
if ! git diff-index --quiet HEAD --; then
git add site/data/scans/firingrange/*
git commit -s -m "Updated Firing Range Results"
git push origin
echo ${{ secrets.ZAPBOT_TOKEN }} | gh auth login --with-token
gh pr create --fill
fi