help us

Author: damienjburks

.github/workflows/unit-sec-test.yml

@@ -22,20 +22,17 @@ jobs:
   stupid_snyk:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@master
-      - uses: snyk/actions/setup@master
-      - uses: actions/setup-python@master
-
+      - uses: actions/checkout@main
+      
       - name: Install dependencies
         run: |
           pip install -r requirements.txt
           python -m pip install --upgrade pip
-
-      - name: Authenticate with Snyk
-        run: snyk auth ${{ secrets.SNYK_TOKEN }}
-
-      - name: Snyk test
-        run: snyk test
+      
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/python@master
+        with:
+          args: --file=requirements.txt
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
 
@@ -97,12 +94,20 @@ jobs:
           - name: Checkout
             uses: actions/checkout@v4
 
+          # Build and Tag Image
+          # Run Docker Image in detached mode
+          - name: Build Docker Image
+            run: |
+              docker build -t awesome-fastapi:${{ github.sha }} .
+              docker run -d -p 8000:8000 awesome-fastapi:${{ github.sha }}
+
+          # Run OWASP ZAP scan
           - name: zap scan
             uses: zaproxy/action-api-scan@v0.9.0
             with:
              token: ${{ secrets.GITHUB_TOKEN }}
              docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
              format: openapi
-             target: '<fast-api-url>'
+             target: 'http://localhost:8000'
              rules_file_name: '.zap/rules.tsv'
              cmd_options: '-a'