Closed DominikPinsel closed 10 months ago
While merged Catena-X NG to Tractus-X I removed the old DAST security checks, as they had a dependency to the catena-x kubernetes node.
This issue is about finding a way to reintroduce the checks in a tractus-x conform way.
Old DAST workflow:
name: DAST on: push: branches: [ "main" ] paths-ignore: - '**/*.md' - '**/*.txt' workflow_dispatch: inputs: target_url: description: URL to test required: true type: choice options: - "https://managed-identity-wallet.dev.demo.catena-x.net/" - "https://managed-identity-wallet.int.demo.catena-x.net/" - "https://managed-identity-wallet.beta.demo.catena-x.net/" - "https://managed-identity-wallet.stable.demo.catena-x.net/" default: "https://managed-identity-wallet.dev.demo.catena-x.net/" jobs: zap_scan: runs-on: ubuntu-latest name: OWASP ZAP steps: - name: Checkout uses: actions/checkout@v2 with: ref: main - name: ZAP Scan uses: zaproxy/action-full-scan@v0.5.1 with: token: ${{ secrets.GITHUB_TOKEN }} docker_name: 'owasp/zap2docker-stable' target: '${{ github.event.inputs.target_url }}'
Seems that this task is done? @DominikPinsel
Runs on main, closing due to inactivity.
main
While merged Catena-X NG to Tractus-X I removed the old DAST security checks, as they had a dependency to the catena-x kubernetes node.
This issue is about finding a way to reintroduce the checks in a tractus-x conform way.
Old DAST workflow: