Update go.yml to add OWAP ZAP Baseline Scan

USEPA / revampd

Basic tutorial for the EPA Clean Air Markets Division to go through the process of creating a small web app, in the problem space of AMPD, with automated tests and deployment to cloud.gov at https://revampd.app.cloud.gov

Other

2 stars 1 forks source link

Update go.yml to add OWAP ZAP Baseline Scan #31

Closed j-tafoya closed 4 years ago

j-tafoya commented 4 years ago

Given that the action spins up a docker container in an ubuntu virtual machine, the zap scan (which also resides in a docker container) should be able to access the app within the docker container via localhost. However, I could be wrong in that assumption.

We could also have it point to the deployed app within cloud.gov after that step. Not sure what is best, but I want to try this and see if it can reach it via localhost within the virtual env.

j-tafoya commented 4 years ago

It does not work. Off to more testing