Merge pull request #278 from robinmordasiewicz/fortidevsec

Fix: adding dast fortidevsec workflow

.github/workflows/fortidevsec-sast.yml → .github/workflows/fortidevsec.yml

@@ -1,15 +1,14 @@
 ---
-name: fortidevsec-sast
+name: fortidevsec
 
 on: # yamllint disable-line rule:truthy
-  push:
-    branches: [main]
+  pull_request:
 
 permissions:
   contents: read
 
 concurrency:
-  group: ${{ github.workflow }}
+  group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 jobs:
@@ -23,7 +22,7 @@ jobs:
         name: "init"
         shell: bash
         run: |
-          if [[ -n "${{ secrets.FORTIDASTORGID }}" && -n "${{ secrets.FORTIDASTAPPID }}" ]]
+          if [[ -n "${{ secrets.FORTIDEVSECORGID }}" && -n "${{ secrets.FORTIDEVSECAPPID }}" ]]
           then
               echo 'action=true' >> "${GITHUB_OUTPUT}"
           else
@@ -42,4 +41,4 @@ jobs:
           env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
           #docker pull registry.fortidevsec.forticloud.com/fdevsec_sast:latest
           docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest main s --org-id ${{ secrets.FORTIDEVSECORGID }} --app-id ${{ secrets.FORTIDEVSECAPPID }} --risk_rating 1
-          docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest main s --org-id ${{ secrets.FORTIDEVSECORGID }} --app-id ${{ secrets.FORTIDEVSECAPPID }} --url https://robinmordasiewicz.github.io/devops-toolkit/
+          #docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest main s --org-id ${{ secrets.FORTIDEVSECORGID }} --app-id ${{ secrets.FORTIDEVSECAPPID }} --url https://robinmordasiewicz.github.io/devops-toolkit/