A GitHub Action for running ZAP Automation Framework plans.
Required The file system path or URL to the Automation Framework plan to run.
Optional if specified must not be empty. The name of the ZAP Docker image to be used. By default the action runs the stable image.
Optional Additional command line options for ZAP.
The action will exit with the value of the plan, as indicated in the Automation Framework documentation.
Files created with the plan that need to be used after the plan has finished should be saved to the /zap/wrk/
directory, which is mapped to the GITHUB_WORKSPACE directory.
If set, the following ZAP authentication environment variables will be copied into the docker container:
ZAP_AUTH_HEADER_VALUE
ZAP_AUTH_HEADER
ZAP_AUTH_HEADER_SITE
steps:
- name: ZAP Scan
uses: zaproxy/action-af@v0.1.0
with:
plan: '.github/workflows/zap/plan.yml'