meta csp

tubone24 · Dec 31, 2022 · 183ad06 · 183ad06
1 parent 2161097
commit 183ad06
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 5 deletions.
diff --git a/.github/workflows/owaspzap.yml b/.github/workflows/owaspzap.yml
@@ -1,7 +1,6 @@
 name: OWASP ZAP Actions
 on:
   workflow_dispatch:
-  push:
 env:
   cache-version: v1
 jobs:
@@ -61,7 +60,7 @@ jobs:
         run: |
           chmod 777 owasp/zap
           docker-compose -f owasp/docker-compose-ci.yml up -d
-          docker-compose -f owasp/docker-compose-ci.yml exec -T owasp zap-full-scan.py -t http://web:9000 -r report.html -a -d -j -I -m 1 -z "-config alert.maxInstances=0 -config view.locale=ja_JP"
+          docker-compose -f owasp/docker-compose-ci.yml exec -T owasp zap-full-scan.py -t http://web:9000 -r report.html -a -d -j -I -z "-config alert.maxInstances=0 -config view.locale=ja_JP"
       - name: Deploy Report
         uses: peaceiris/actions-gh-pages@v3
         with:

diff --git a/README.md b/README.md
@@ -68,6 +68,8 @@ Special, thanks!
 - unused dependencies check by [depcheck](https://www.npmjs.com/package/depcheck) in [depcheck_action](https://github.com/tubone24/depcheck_action)
 - Update dependencies by [Renovate](https://www.whitesourcesoftware.com/free-developer-tools/renovate/)
 - Detect browser's memory leaks by [memlab](https://github.com/facebookincubator/memlab)
+- Detect vulnerability by [Snyk](https://app.snyk.io/)
+- Detect vulnerability by [OWASP ZAP](https://www.zaproxy.org/)
 
 ### For contributor of articles
 
@@ -215,7 +217,7 @@ cp .env.example .env
 | STORYBOOK_ALGOLIA_INDEX_NAME     | Algolia search's APP ID                                  | posts   | 
 | STORYBOOK_ALGOLIA_SEARCH_API_KEY | Algolia search's index name                              | -       | 
 | GATSBY_GITHUB_CLIENT_ID          | GitHub oAuth Client ID, use Gitalk                       | -       | 
-| GATSBY_GITHUB_CLIENT_SECRET      | GitHub oAuth Client Secret, use Gitalk                   | -       | 
+| GATSBY_GITHUB_CLIENT_SECRET      | GitHub oAuth Client Secret, use Gitalk                   | -       |
 | FAUNADB_SERVER_SECRET            | FaunaDB's Secret, use FaunaDB                            | -       | 
 
 ## CI/CD
@@ -271,7 +273,9 @@ I use [textlint](https://textlint.github.io/) to proofread my blog text.
 yarn textlint
 ```
 
-## Change Netlify Config
+## Infrastructure
+
+### Change Netlify Config
 
 Use Terraform Cloud to change Netlify configuration values.
 
@@ -308,7 +312,23 @@ The results can be viewed at the following URL
 
 <https://tubone24.github.io/blog/owasp/report.html>
 
-Full Scan of OWASP ZAP has a very long execution time, so manual execution with `workflow_dispatch` is recommended.
+Full Scan of OWASP ZAP has a very long execution time, so manual execution with [workflow_dispatch](https://github.com/tubone24/blog/actions/workflows/owaspzap.yml) is recommended.
+
+## CI Healthy
+
+Last 14 days, CI Score by [meercode.io](https://meercode.io)
+
+### CI Score
+
+![blog Actions](https://api.meercode.io/badge/tubone24/blog?type=ci-score&lastDay=14)
+
+### CI Count
+
+![blog Actions](https://api.meercode.io/badge/tubone24/blog?type=ci-count&lastDay=14)
+
+### CI Success Rate
+
+![blog Actions](https://api.meercode.io/badge/tubone24/blog?type=ci-success-rate&lastDay=14)
 
 # License