OWASP OWASP#714 : Fixing workflow triggering isues

puneeth072003 · Oct 31, 2023 · da7be73 · da7be73
1 parent cc14526
commit da7be73
Showing 1 changed file with 15 additions and 7 deletions.
diff --git a/.github/workflows/dast-zap-test.yml b/.github/workflows/dast-zap-test.yml
@@ -43,14 +43,22 @@ jobs:
 #            JarCache-${{ runner.os }}-
       - name: Trigger Building JAR cache
         if: steps.cache.outputs.cache-hit != 'true'
-        uses: actions/checkout@v2
+        uses: actions/github-script@v4
         with:
-          repository: owner/repo
-          token: ${{ secrets.GITHUB_TOKEN }}
-          path: .github/workflows/building-jar-cache.yml
-      - name: Run Building JAR cache workflow
-        if: steps.cache.outputs.cache-hit != 'true'
-        run: gh workflow run "Building JAR cache" --ref main
+        script: |
+              const { data: workflows } = await octokit.actions.listRepoWorkflows({
+                owner: context.repo.owner,
+                repo: context.repo.repo
+              });
+              const secondWorkflow = workflows.workflows.find(w => w.name === "building-jar-cache.yml");
+              if (secondWorkflow) {
+                await octokit.actions.createWorkflowDispatch({
+                  owner: context.repo.owner,
+                  repo: context.repo.repo,
+                  workflow_id: secondWorkflow.id
+                });
+              }
+            token: ${{ secrets.GITHUB_TOKEN }}
       - name: Start wrongsecrets
         run: nohup ./mvnw spring-boot:run -Dspring-boot.run.profiles=without-vault &
       - name: ZAP Scan