From 788f793eab4c6e2ffbc2251b5b2ae5b44007d390 Mon Sep 17 00:00:00 2001
From: Trevor Richards <trev@trevdev.ca>
Date: Tue, 9 Jul 2024 11:04:52 -0700
Subject: [PATCH] fix: zap scans

Also removes Zap from Prod, where we don't want accidental data sent
---
 .github/workflows/deploy-to-openshift-backend-dev.yml   | 8 ++++----
 .github/workflows/deploy-to-openshift-backend-prod.yml  | 5 -----
 .github/workflows/deploy-to-openshift-backend-qa.yml    | 2 +-
 .github/workflows/deploy-to-openshift-backend-uat.yml   | 2 +-
 .github/workflows/deploy-to-openshift-frontend-dev.yml  | 9 +++++----
 .github/workflows/deploy-to-openshift-frontend-prod.yml | 5 -----
 .github/workflows/deploy-to-openshift-frontend-qa.yml   | 2 +-
 .github/workflows/deploy-to-openshift-frontend-uat.yml  | 2 +-
 8 files changed, 13 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/deploy-to-openshift-backend-dev.yml b/.github/workflows/deploy-to-openshift-backend-dev.yml
index 6255259d5..a5caa2fc4 100644
--- a/.github/workflows/deploy-to-openshift-backend-dev.yml
+++ b/.github/workflows/deploy-to-openshift-backend-dev.yml
@@ -188,7 +188,7 @@ jobs:
           # Get status, returns 0 if rollout is successful
           oc rollout status dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}
 
-    # - name: ZAP Scan
-    #   uses: zaproxy/action-full-scan@v0.3.0
-    #   with:
-    #     target: 'https://${{ env.HOST_ROUTE }}'
+      - name: ZAP Scan
+        uses: zaproxy/action-full-scan@v0.8.0
+        with:
+          target: 'https://${{ env.HOST_ROUTE }}/api'
diff --git a/.github/workflows/deploy-to-openshift-backend-prod.yml b/.github/workflows/deploy-to-openshift-backend-prod.yml
index 3bc062ccb..6f48524f8 100644
--- a/.github/workflows/deploy-to-openshift-backend-prod.yml
+++ b/.github/workflows/deploy-to-openshift-backend-prod.yml
@@ -157,8 +157,3 @@ jobs:
 
         # Get status, returns 0 if rollout is successful
         oc rollout status dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}
-
-    - name: ZAP Scan
-      uses: zaproxy/action-full-scan@v0.3.0
-      with:
-        target: 'https://${{ env.HOST_ROUTE }}/api'
diff --git a/.github/workflows/deploy-to-openshift-backend-qa.yml b/.github/workflows/deploy-to-openshift-backend-qa.yml
index 86bd010b3..c3f2e09e6 100644
--- a/.github/workflows/deploy-to-openshift-backend-qa.yml
+++ b/.github/workflows/deploy-to-openshift-backend-qa.yml
@@ -150,6 +150,6 @@ jobs:
         oc rollout status dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}
 
     - name: ZAP Scan
-      uses: zaproxy/action-full-scan@v0.3.0
+      uses: zaproxy/action-full-scan@v0.8.0
       with:
         target: 'https://${{ env.HOST_ROUTE }}/api'
diff --git a/.github/workflows/deploy-to-openshift-backend-uat.yml b/.github/workflows/deploy-to-openshift-backend-uat.yml
index efb349fb9..dd32c7ed8 100644
--- a/.github/workflows/deploy-to-openshift-backend-uat.yml
+++ b/.github/workflows/deploy-to-openshift-backend-uat.yml
@@ -156,6 +156,6 @@ jobs:
         oc rollout status dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}
 
     - name: ZAP Scan
-      uses: zaproxy/action-full-scan@v0.3.0
+      uses: zaproxy/action-full-scan@v0.8.0
       with:
         target: 'https://${{ env.HOST_ROUTE }}/api'
diff --git a/.github/workflows/deploy-to-openshift-frontend-dev.yml b/.github/workflows/deploy-to-openshift-frontend-dev.yml
index 6b10e7ef8..9ef0122e3 100644
--- a/.github/workflows/deploy-to-openshift-frontend-dev.yml
+++ b/.github/workflows/deploy-to-openshift-frontend-dev.yml
@@ -185,7 +185,8 @@ jobs:
 
           # Get status, returns 0 if rollout is successful
           oc rollout status dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}
-    # - name: ZAP Scan
-    #   uses: zaproxy/action-full-scan@v0.3.0
-    #   with:
-    #     target: 'https://${{ env.HOST_ROUTE }}'
+    
+      - name: ZAP Scan
+        uses: zaproxy/action-full-scan@v0.8.0
+        with:
+          target: 'https://${{ env.HOST_ROUTE }}'
diff --git a/.github/workflows/deploy-to-openshift-frontend-prod.yml b/.github/workflows/deploy-to-openshift-frontend-prod.yml
index 46ff5633c..b7fede45a 100644
--- a/.github/workflows/deploy-to-openshift-frontend-prod.yml
+++ b/.github/workflows/deploy-to-openshift-frontend-prod.yml
@@ -151,8 +151,3 @@ jobs:
 
         # Get status, returns 0 if rollout is successful
         oc rollout status dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}
-
-    # - name: ZAP Scan
-    #   uses: zaproxy/action-full-scan@v0.3.0
-    #   with:
-    #     target: 'https://${{ env.HOST_ROUTE }}'
diff --git a/.github/workflows/deploy-to-openshift-frontend-qa.yml b/.github/workflows/deploy-to-openshift-frontend-qa.yml
index 3f8eafe35..fd8e55873 100644
--- a/.github/workflows/deploy-to-openshift-frontend-qa.yml
+++ b/.github/workflows/deploy-to-openshift-frontend-qa.yml
@@ -146,6 +146,6 @@ jobs:
         oc rollout status dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}
 
     - name: ZAP Scan
-      uses: zaproxy/action-full-scan@v0.3.0
+      uses: zaproxy/action-full-scan@v0.8.0
       with:
         target: 'https://${{ env.HOST_ROUTE }}'
diff --git a/.github/workflows/deploy-to-openshift-frontend-uat.yml b/.github/workflows/deploy-to-openshift-frontend-uat.yml
index 04e2cda05..1031711eb 100644
--- a/.github/workflows/deploy-to-openshift-frontend-uat.yml
+++ b/.github/workflows/deploy-to-openshift-frontend-uat.yml
@@ -153,6 +153,6 @@ jobs:
         oc rollout status dc/${{ env.APP_NAME }}-${{ env.IMAGE_NAME }}-${{ env.APP_ENVIRONMENT }}
 
     - name: ZAP Scan
-      uses: zaproxy/action-full-scan@v0.3.0
+      uses: zaproxy/action-full-scan@v0.8.0
       with:
         target: 'https://${{ env.HOST_ROUTE }}'