From 0fe49a81e90e36eae25edc6466754090c5b63244 Mon Sep 17 00:00:00 2001
From: frank basham <frankabasham@gmail.com>
Date: Tue, 26 Sep 2023 13:25:16 -0400
Subject: [PATCH] update ZAP target

update zap test
---
 .github/workflows/dast.yml     | 37 ++++++++++++++++++++++++++++++++++
 .github/workflows/zap-test.yml | 22 --------------------
 2 files changed, 37 insertions(+), 22 deletions(-)
 create mode 100644 .github/workflows/dast.yml
 delete mode 100644 .github/workflows/zap-test.yml

diff --git a/.github/workflows/dast.yml b/.github/workflows/dast.yml
new file mode 100644
index 0000000000..0f954ac583
--- /dev/null
+++ b/.github/workflows/dast.yml
@@ -0,0 +1,37 @@
+name: Dynamic Application Security Tests
+
+on:  
+  push:
+    branches: [main]
+
+jobs:
+  zap-proxy-scan:
+    name: ZAP Proxy Test
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Install
+        env:
+          CI: true
+          
+      - name: Docker Build
+        run: docker build --build-arg AEM_GRAPHQL_ENDPOINT=${{secrets.AEM_GRAPHQL_ENDPOINT}} -t sc-labs .
+        env:
+          CI: true
+          AEM_GRAPHQL_ENDPOINT: ${{secrets.AEM_GRAPHQL_ENDPOINT}}
+
+      - name: Docker run
+        run: docker run -d -p 3000:3000 sc-labs
+        env:
+          CI: true
+          AEM_GRAPHQL_ENDPOINT: ${{secrets.AEM_GRAPHQL_ENDPOINT}}
+
+      - name: OWASP ZAP FULL Scan
+        uses: zaproxy/action-full-scan@v0.4.0
+        with:
+          target: "http://localhost:3000"
+          fail_action: "false"
+          token: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
diff --git a/.github/workflows/zap-test.yml b/.github/workflows/zap-test.yml
deleted file mode 100644
index 483c189319..0000000000
--- a/.github/workflows/zap-test.yml
+++ /dev/null
@@ -1,22 +0,0 @@
-name: ZAP
-
-on:
-  pull_request:
-    branches: 
-      - main
-
-jobs:
-  zap_scan:
-    runs-on: ubuntu-latest
-    name: Scan the webapplication
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-      - name: ZAP Scan
-        uses: zaproxy/action-full-scan@v0.3.0
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          # docker_name: 'owasp/zap2docker-stable'
-          target: 'https://alphasite.dts-stn.com/'
-          # rules_file_name: '.zap/rules.tsv'
-          # cmd_options: '-a' 
\ No newline at end of file