Adding DAST to the description

Author: sshniro

README.md

@@ -1,2 +1,91 @@
-# action-full-scan
-A GitHub Action for running the OWASP ZAP Full scan 
+# ZAP Action Full Scan
+
+A GitHub Action for running the OWASP ZAP [Full Scan](https://www.zaproxy.org/docs/docker/full-scan/) to perform
+Dynamic Application Security Testing (DAST). 
+
+The ZAP full scan action runs the ZAP spider against the specified target (by default with no time limit) followed by an 
+optional ajax spider scan and then a full active scan before reporting the results. The alerts will be maintained as a 
+GitHub issue in the corresponding repository.
+
+## Inputs
+
+### `target`
+
+**Required** The URL of the web application to be scanned. This can be either a publicly available web application or a locally
+accessible URL.
+
+### `docker_name`
+
+**Optional** The name of the docker file to be executed. By default the action runs the stable version of ZAP. But you can 
+configure the parameter to use the weekly builds.
+
+### `rules_file_name`
+
+**Optional** You can also specify a relative path to the rules file to ignore any alerts from the ZAP scan. Make sure to create
+the rules file inside the relevant repository. The following shows a sample rules file configuration.
+Make sure to checkout the repository (actions/checkout@v2) to provide the ZAP rules to the scan action.
+
+```tsv
+10011	IGNORE	(Cookie Without Secure Flag)
+10015	IGNORE	(Incomplete or No Cache-control and Pragma HTTP Header Set)
+``` 
+
+### `cmd_options`
+
+**Optional** Additional command lines options for the full scan script
+
+### `issue_title`
+
+**Optional** The title for the GitHub issue to be created.
+
+### `token`
+
+**Optional** ZAP action uses the default action token provided by GitHub to create and update the issue for the full scan.
+You do not have to create a dedicated token. Make sure to use the GitHub's default action token when running the action(`secrets.GIT_TOKEN`).
+
+## Example usage
+
+** Basic **
+```
+steps:
+  - name: ZAP Scan
+    uses: zaproxy/action-full-scan@v0.1.0
+    with:
+      target: 'https://www.zaproxy.org/'
+```
+
+** Advanced **
+
+```
+on: [push]
+
+jobs:
+  zap_scan:
+    runs-on: ubuntu-latest
+    name: Scan the webapplication
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          ref: master
+      - name: ZAP Scan
+        uses: zaproxy/action-full-scan@v0.1.0
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          docker_name: 'owasp/zap2docker-stable'
+          target: 'https://www.zaproxy.org/'
+          rules_file_name: '.zap/rules.tsv'
+          cmd_options: '-a'
+```
+
+## Localised Alert Details
+
+ZAP is internationalised and alert information is available in many languages.
+
+You can change the language used by this action by changing the locale via the `cmd_options` e.g.: `-z "-config view.locale=fr_FR"`
+
+This is currently only available with the `owasp/zap2docker-weekly` or `owasp/zap2docker-live` Docker images.
+
+See [https://github.com/zaproxy/zaproxy/tree/develop/zap/src/main/dist/lang](https://github.com/zaproxy/zaproxy/tree/develop/zap/src/main/dist/lang) for the full set of locales currently supported.
+
+You can help improve ZAP translations via [https://crowdin.com/project/owasp-zap](https://crowdin.com/project/owasp-zap). 

action.yml

@@ -1,12 +1,13 @@
 name: 'OWASP ZAP Full Scan'
-description: 'Scans the web application with the OWASP ZAP Baseline Scan'
+description: 'Scans the web application with the OWASP ZAP Full Scan'
 branding:
   icon: 'zap'
   color: 'blue'
 inputs:
   token:
     description: 'GitHub Token to create issues in the repository'
-    required: true
+    required: false
+    default: ${{ github.token }}
   target:
     description: 'Target URL'
     required: true
@@ -21,9 +22,9 @@ inputs:
     description: 'Additional command line options'
     required: false
   issue_title:
-    description: 'The title for the GitHub issue that is created'
+    description: 'The title for the GitHub issue to be created'
     required: false
-    default: 'ZAP Scan Baseline Report'
+    default: 'ZAP Full Scan Report'
 runs:
   using: 'node12'
   main: 'dist/index.js'

index.js

@@ -1,6 +1,6 @@
 const core = require('@actions/core');
 const exec = require('@actions/exec');
-const common = require('actions-common-scans');
+const common = require('@zaproxy/actions-common-scans');
 const _ = require('lodash');
 
 // Default file names
@@ -39,7 +39,7 @@ async function run() {
         try {
             await exec.exec(command);
         } catch (err) {
-            core.setFailed('The ZAP Baseline scan has failed, starting to analyze the alerts. err: ' + err.toString());
+            core.setFailed('The ZAP full scan has failed, starting to analyze the alerts. err: ' + err.toString());
         }
         await common.main.processReport(token, workspace, plugins, currentRunnerID, issueTitle, repoName);
     } catch (error) {

package-lock.json

@@ -1,7 +1,7 @@
 {
-  "name": "action-baseline-scan",
+  "name": "action-full-scan",
   "version": "1.0.0",
-  "description": "ZAP baseline scan action",
+  "description": "ZAP full scan action",
   "main": "index.js",
   "scripts": {
     "lint": "eslint index.js",
@@ -10,7 +10,7 @@
   },
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/zaproxy/action-baseline.git"
+    "url": "git+https://github.com/zaproxy/action-full-scan.git"
   },
   "keywords": [
     "GitHub",
@@ -20,7 +20,7 @@
   ],
   "author": "ZAP Team",
   "bugs": {
-    "url": "https://github.com/zaproxy/action-baseline/issues"
+    "url": "https://github.com/zaproxy/action-full-scan/issues"
   },
   "dependencies": {
     "@actions/artifact": "^0.2.0",