Feature Request: Allow specifying artifact name

[iamjoeker]

I use a single workflow file to run zap scans on multiple sites. Each site is its own job so they can fail or succeed independently. However, since the artifact name is hard-coded, only the report of the last job to complete is saved.

Would the project be open to a adding support for specifying the artifact name as an option? I'd be glad to submit PRs both here and in actions-common to add this.

• Artifact name hard-coded in actions-common

[psiinon]

Sounds good to me! PR much appreciated :)

[AlexDCraig]

I would also like this. Maybe I will work on this sometime.

[AlexDCraig]

@psiinon this issue is resolved with the merging in of this patch to the upstream common library (https://github.com/zaproxy/actions-common/pull/15) and this patch to this repo (https://github.com/zaproxy/action-baseline/pull/64)

[Israphel]

is this feature available to be used yet?

[psiinon]

Sorry no, #64 hasnt been merged yet - its still WIP, I'll see whats blocking it...

[Israphel]

I'm using a workaround for the moment, if anybody is interested:

  job-one:
    name: Dast report for site one
    runs-on: ubuntu-latest
    steps:
      - name: ZAP Scan
        uses: zaproxy/action-api-scan@v0.1.0
        with:
          issue_title: site-one
          token: ${{ secrets.GITHUB_TOKEN }}
          fail_action: false
          target: 'https://siteone.com'
          format: openapi

      - name: Upload report
        uses: actions/upload-artifact@v3
        with:
          name: custom_name.zip
          path: zap_scan.zip