From 4d90181a94d9e9b72dab02ac6c3d38bb6a48ad20 Mon Sep 17 00:00:00 2001
From: dosen123 <dosen123@163.com>
Date: Sat, 22 Mar 2025 10:38:21 +0800
Subject: [PATCH] Create code-saomiao

---
 .github/workflows/code-saomiao | 35 ++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 .github/workflows/code-saomiao

diff --git a/.github/workflows/code-saomiao b/.github/workflows/code-saomiao
new file mode 100644
index 000000000000..74562285dad5
--- /dev/null
+++ b/.github/workflows/code-saomiao
@@ -0,0 +1,35 @@
+name: OWASP ZAP Security Scan
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  zap_scan:
+    runs-on: ubuntu-latest
+
+    steps:
+      # Step 1: Checkout the repository code
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # Step 2: Set up Java (ZAP requires Java)
+      - name: Set up Java
+        uses: actions/setup-java@v3
+        with:
+          java-version: '11'
+          distribution: 'adopt'
+
+      # Step 3: Download and run OWASP ZAP
+      - name: Run OWASP ZAP baseline scan
+        uses: zaproxy/action-baseline@v0.6.0
+        with:
+          target: 'https://www.kobelcogps.com'  # Replace with your target URL
+          rules: ''      # Optional: Custom scan rulesrules/scan-rules.tsv
+          format: 'markdown'                 # Report format (markdown, json, etc.)
+          output-file: 'www-kobelcogps-com.md'       # Output file name
+          fail-action: true                  # Fail the job if vulnerabilities are found