Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow to choose the name of report files #96

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Allow to choose the name of report files #96

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,20 @@ You do not have to create a dedicated token. Make sure to use the GitHub's defau
**Optional** By default ZAP Docker container will fail with an [exit code](https://github.com/zaproxy/zaproxy/blob/efb404d38280dc9ecf8f88c9b0c658385861bdcf/docker/zap-baseline.py#L31),
if it identifies any alerts. Set this option to `true` if you want to fail the status of the GitHub Scan if ZAP identifies any alerts during the scan.

### `json_report_name`

**Optional** File to write the full ZAP HTML report

### `md_report_name`

**Optional** File to write the full ZAP Wiki (Markdown) report

### `html_report_name`

**Optional** File to write the full ZAP HTML report



## Example usage

** Basic **
Expand Down
13 changes: 13 additions & 0 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,19 @@ inputs:
description: 'The action will file the report to the GitHub issue using the issue_title input'
required: false
default: true
json_report_name:
description: 'file to write the full ZAP JSON document'
required: false
default: 'report_json.json'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What happens if the user provides an empty string or an invalid file name?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you so much for reviewing 🙏 in that case, workflow returns error from zap-baseline.py. in my opinion, it would be better if we give that error handling to zap-baseline.py instead of handling in workflow. wdty?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But we touch before then.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you're right 😄. I'm on it.

md_report_name:
description: 'file to write the full ZAP Wiki (Markdown) report'
required: false
default: 'report_md.md'
html_report_name:
description: 'file to write the full ZAP HTML report'
required: false
default: 'report_html.html'

runs:
using: 'node16'
main: 'dist/index.js'
8 changes: 3 additions & 5 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,6 @@ const exec = require('@actions/exec');
const common = require('@zaproxy/actions-common-scans');
const _ = require('lodash');

// Default file names
let jsonReportName = 'report_json.json';
let mdReportName = 'report_md.md';
let htmlReportName = 'report_html.html';

async function run() {

try {
Expand All @@ -23,6 +18,9 @@ async function run() {
let failAction = core.getInput('fail_action');
let allowIssueWriting = core.getInput('allow_issue_writing');
let createIssue = true;
let jsonReportName = core.getInput("json_report_name");
let mdReportName = core.getInput("md_report_name");
let htmlReportName = core.getInput("html_report_name");

if (!(String(failAction).toLowerCase() === 'true' || String(failAction).toLowerCase() === 'false')) {
console.log('[WARNING]: \'fail_action\' action input should be either \'true\' or \'false\'');
Expand Down