zap-nightly #8

	name: zap-nightly
	on:
	schedule: [{ cron: "0 1 * * *" }]
	workflow_dispatch:

	permissions: write-all
	jobs:
	load-targets:
	runs-on: ubuntu-latest
	outputs:
	matrix: ${{ steps.mk.outputs.matrix }}
	steps:
	- uses: actions/checkout@v4
	- id: mk
	run: \|
	output=$(python3 - <<'EOF'
	import yaml, json, sys
	with open("security/targets.yml") as f:
	data = yaml.safe_load(f)
	print(f"matrix={json.dumps({'include': data['services']})}")
	EOF
	)
	echo "$output" >> $GITHUB_OUTPUT
	zap-fanout:
	needs: load-targets
	permissions:
	contents: read
	security-events: write
	actions: read
	issues: write
	strategy:
	fail-fast: false
	matrix: ${{ fromJson(needs.load-targets.outputs.matrix) }}
	uses: ./.github/workflows/reuse-zap.yml
Check failure on line 34 in .github/workflows/zap.yml View workflow run for this annotation GitHub Actions / .github/workflows/zap.yml Invalid workflow file error parsing called workflow ".github/workflows/zap.yml" -> "./.github/workflows/reuse-zap.yml" (source branch with sha:025861a9b89772e9ce41587b35380c96486c3985) : secret name `GITHUB_TOKEN` within `workflow_call` can not be used since it would collide with system reserved name
	with:
	service_name: ${{ matrix.name }}
	target_url: ${{ matrix.url }}
	auth_type: ${{ matrix.auth.type \|\| 'none' }}
	secret_name: ${{ matrix.auth.secret_name \|\| '' }}
	secrets:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback