From 852ac6b30c34cdcc005a89f6dd4de818509f6f9a Mon Sep 17 00:00:00 2001 From: pm Date: Fri, 8 May 2026 16:21:12 +0000 Subject: [PATCH] Modificar .gitea/workflows/deploy.yaml atualizar deploy 66x --- .gitea/workflows/deploy.yaml | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index 746a765..462f388 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -67,16 +67,22 @@ jobs: # O parâmetro "-I" garante que a pipeline NÃO falha devido a avisos (warnings). - name: OWASP ZAP Baseline Scan run: | - mkdir -p ${{ github.workspace }}/qatests - chmod 777 ${{ github.workspace }}/qatests + # Criamos a pasta local onde o runner espera encontrar o relatório + mkdir -p qatests - docker run --user root \ + # Corremos o ZAP sem mapear volumes. Damos-lhe apenas um nome (--name) para o podermos aceder a seguir. + docker run --name zap-scanner \ --link website-test-sandbox:website-test-sandbox \ - -v ${{ github.workspace }}/qatests:/zap/wrk/:rw \ -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py \ -t http://website-test-sandbox \ -r report.html \ - -I + -I || true + + # Copiamos o relatório diretamente de dentro do container do ZAP para a nossa pasta local do runner! + docker cp zap-scanner:/zap/wrk/report.html qatests/report.html + + # Limpamos o container do ZAP para não deixar lixo no servidor + docker rm -f zap-scanner # Garante que a Sandbox é desmantelada mesmo que o passo do ZAP falhe - name: Destruir Sandbox @@ -114,7 +120,7 @@ jobs: uses: actions/upload-artifact@v3 with: name: owasp-zap-report - path: ${{ github.workspace }}/qatests/report.html + path: qatests/report.html - name: Slack/Discord Notification if: always()