Klagarge/MSE-PI-E2EEDA-Plein-de-eeeeeeeeeee
Archived
1
0
Fork 0
Code Releases 1 Activity

fix(ci): fix CodeQL permissions and ZAP target URL and action version

Browse Source 
Add security-events: write at workflow level to allow CodeQL SARIF upload.
Update ZAP action from v0.12.0 to v0.14.0 to fix invalid artifact name error.
Target /actuator/health instead of root path which returns 404.
This commit is contained in:
khalil-bot
2026-06-01 12:48:43 +02:00
parent c26896df02
commit 38cec485f8
1 changed files with 7 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
.github/workflows/notification-service.yml vendored
View File

@@ -12,6 +12,10 @@ on:
- notification_service/** - notification_service/**
- .github/workflows/notification-service.yml - .github/workflows/notification-service.yml
permissions:
contents: read
security-events: write
jobs: jobs:
# ── 1. Build & test ────────────────────────────────────────────────────────── # ── 1. Build & test ──────────────────────────────────────────────────────────
ci: ci:
@@ -135,19 +139,12 @@ jobs:
MOCK_MODE: "true" MOCK_MODE: "true"
- name: ZAP Baseline Scan - name: ZAP Baseline Scan
uses: zaproxy/action-baseline@v0.12.0 uses: zaproxy/action-baseline@v0.14.0
with: with:
target: http://localhost:8080 target: http://localhost:8080/actuator/health
fail_action: false fail_action: false
allow_issue_writing: false allow_issue_writing: false
artifact_name: zap-report
- name: Upload ZAP report
if: always()
uses: actions/upload-artifact@v4
with:
name: zap-report
path: report_html.html
retention-days: 14
# ── 5. Docker build & push ─────────────────────────────────────────────────── # ── 5. Docker build & push ───────────────────────────────────────────────────
docker: docker: