On-demand scanning of websites for accessibility and security vulnerabilities/compliance / Analyse à la demande des sites Web pour les vulnérabilités/conformité en matière d'accessibilité et de sécurité
/pub_sub/
/pub_sub/
outputs.tf
to include newly created items/scanners/
/runners/
. This will be invoked by your nodejs lambda..json
/.github/
name: Scan for security vulnerabilities (Weekly on Sunday)
on: schedule:
jobs: security-scan: name: Run scan websites (security) uses: cds-snc/scan-websites/.github/workflows/start_scan.yml@main with: dynamic: true secrets: scan_websites_key: ${{ secrets.SCAN_WEBSITES_KEY }} scan_websites_template: ${{ secrets.SCAN_WEBSITES_TEMPLATE }}
- You can also trigger a scan directly in a workflow with:
```sh
curl -X GET -H 'X-API-KEY: ${{ secrets.SCAN_WEBSITES_KEY }}' -H 'X-TEMPLATE-TOKEN: ${{ secrets.SCAN_WEBSITES_TEMPLATE }}' https://scan-websites.alpha.canada.ca/scans/start
Run this in a dev container.
To interact with aws localstack use
laws
make install && make install-dev
cd api && make seed
laws s3api list-buckets
laws s3api list-objects --bucket oswasp-zap-report-data --prefix Reports
laws s3api put-object --bucket owasp-zap-report-data --key Reports/
laws s3 cp zap_report.json s3://owasp-zap-report-data/Reports/
laws s3 rm s3://owasp-zap-report-data/Reports/zap_report.json
docker ps
docker logs --follow [localstack CONTAINER_ID]