Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow the target hostname(s) to be set when triggering the GHA manually #370

Open
stevejalim opened this issue Apr 18, 2024 · 0 comments
Open

Allow the target hostname(s) to be set when triggering the GHA manually #370

stevejalim opened this issue Apr 18, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@stevejalim
Copy link
Collaborator

The workflow_dispatch trigger for the Site Scanning action currenlty just asks for the branch to draw the action from. We could extend this to accept a particular hostname (or several, to cover origin server(s) and CDN) rather than the defaults (which are drawn from Secrets. This would let us run entire-site checks against Dev or Staging.

Points to consider

  • We currently keep the hostnames of origins somewhat secret and exclude them from logs - can we do that with manaual params?
  • Would we want a PR with changes to the allowlist to be generated for a non-prod domain? Could we make it toggleable
  • Same as above, but for creating new Issues for things that aren't just automatically updating the allowlist
@stevejalim stevejalim added the enhancement New feature or request label Apr 18, 2024
stevejalim added a commit that referenced this issue Aug 21, 2024
@stevejalim
Temporarily include dev-focused hostnames, while testing CDN - see #370
a31dde6 
… for a better path
stevejalim added a commit that referenced this issue Aug 21, 2024
@stevejalim
Revert "Temporarily include dev-focused hostnames, while testing CDN …
a39b745 
…- see #370 for a better path"

This reverts commit a31dde6.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@stevejalim