From 857db7df2457c13cf9b8d602131e714cdb34f665 Mon Sep 17 00:00:00 2001
From: pm <pedro.maio@each-cs.com>
Date: Fri, 8 May 2026 16:33:43 +0000
Subject: [PATCH] Modificar .gitea/workflows/deploy.yaml

atualizar deploy
---
 .gitea/workflows/deploy.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml
index 990e1cc..79f9768 100644
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@@ -59,7 +59,7 @@ jobs:
           # Aguardar 5 segundos para o servidor Nginx iniciar
           sleep 5
 
-     # ==========================================
+    # ==========================================
       # ETAPA 3: DAST - TESTE DINÂMICO (OWASP ZAP)
       # ==========================================
       - name: OWASP ZAP Baseline Scan
@@ -69,11 +69,11 @@ jobs:
           mkdir -p /tmp/zap-share
           chmod 777 /tmp/zap-share
           
-          # LIMPEZA PREVENTIVA: Remove o container zap-scanner de execuções passadas, se existir
+          # LIMPEZA PREVENTIVA
           docker rm -f zap-scanner || true
           
-          # Corremos o ZAP apontando o volume para /tmp/zap-share
-          docker run --name zap-scanner \
+          # Corremos o ZAP com "--user root" para evitar erros de permissão (AccessDenied)
+          docker run --user root --name zap-scanner \
             --link website-test-sandbox:website-test-sandbox \
             -v /tmp/zap-share:/zap/wrk/:rw \
             -t ghcr.io/zaproxy/zaproxy:stable zap-baseline.py \