TechQA.

Save two artifacts from two jobs within a workflow in GH actions for ZAP tool

37 views Asked by At

I have been trying to run both ZAP API scan and ZAP Full scan using GH actions to run within a workflow and generate two different artifacts. However, the yaml script that I have been trying cannot do so.

At the end of it, the two scans should generate "artifact1" and "artifact2" from the scans that is availble to be downloaded into your local dir.

name: ZAP Security Scans

on:
  push:
    branches:
      - main

jobs:
  Full_scans:
    runs-on: ubuntu-latest
    outputs:
      full_scan_result: ${{ steps.store_full_scan_result.outputs.full_scan_result }}
    
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          ref: main

      - name: ZAP Full Scan
        id: full_scan
        uses: zaproxy/[email protected]
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
          target: 'www.targeturl.com'
      
     - name: Store Full Scan Result
       id: store_full_scan_result
       run: |
         mkdir -p full_scan_results
         mv *.html full_scan_results/ || true
         FULL_RESULT_FILE=$(find full_scan_results -name "*.html" -type f)
         echo "::set-output name=full_scan_result::$FULL_RESULT_FILE"

At this point, I want to upload the results of the full scan.

And the workflow continues for API Scan:

  API_scan:
    runs-on: ubuntu-latest
    outputs:
      api_scan_result: ${{ steps.store_api_scan_result.outputs.api_scan_result }}

    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          ref: main

      - name: ZAP API Scan
        id: api_scan
        uses: zaproxy/[email protected]
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
          format: openapi
          target: 'www.targeturl.com'
          
      - name: Store API Scan Result
        id: store_api_scan_result
        run: |
          mkdir -p api_scan_results
          mv *.html api_scan_results/ || true
          API_RESULT_FILE=$(find api_scan_results -name "*.html" -type f)
          echo "::set-output name=api_scan_result::$API_RESULT_FILE"

  Upload_Artifacts:
    needs:
      - Full_scans
      - API_scan
    runs-on: ubuntu-latest

    steps:
      - name: Upload Full Scan Artifact
        uses: actions/upload-artifact@v2
        with:
          name: artifact1
          path: ${{ needs.Full_scans.outputs.full_scan_result }}

      - name: Upload API Scan Artifact
        uses: actions/upload-artifact@v2
        with:
          name: artifact2
          path: ${{ needs.API_scan.outputs.api_scan_result }}
github-actions zap
Original Q&A
0

There are 0 answers

Related Questions in GITHUB-ACTIONS

Related Questions in ZAP

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions