fix: resolve ZAP baseline scan report filename mismatch

[HarshitVerma109]

Proposed change

Resolves #3183

This PR fixes the CI/CD pipeline failure in the ZAP Baseline Scan jobs. The zaproxy/action-baseline action expects the HTML report to be named report_html.html by default, but the workflow configuration was overriding this with -r zap-report.html in cmd_options, causing a file not found error.

Changes made:

• Remove -r zap-report.html from cmd_options to use default filename
• Update artifact upload path to report_html.html
• Fixes both staging and production scan jobs
• Resolves issue where action expected report_html.html but got zap-report.html

Files modified:

• .github/workflows/run-ci-cd.yaml

Checklist

• Required: I read and followed the contributing guidelines
• Required: I ran make check-test locally and all tests passed
• I used AI for code, documentation, or tests in this PR

[coderabbitai]

Caution

Review failed

The pull request is closed.

Summary by CodeRabbit

Release Notes

• Chores
  • Updated CI/CD workflow configuration for improved clarity and maintainability.
  • Enhanced job display names in GitHub Actions for better readability.
  • Refined security scanning tool configuration.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

Walkthrough

CI/CD workflow configuration updates to the GitHub Actions pipeline. Job display names changed to capitalized forms in staging and production sections. ZAP baseline scan command options simplified from '-a -r zap-report.html' to '-a', and artifact upload path changed from zap-report.html to report_html.html.

Changes

Cohort / File(s)	Summary
Workflow Configuration .github/workflows/run-ci-cd.yaml	Updated job display names for staging and production image builds to use capitalized titles. Modified ZAP baseline scan configuration: simplified command options (removed report generation flag) and changed artifact upload path from zap-report.html to report_html.html in both staging and production workflow sections.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• ci: add ZAP Baseline Scan to CI/CD pipeline #3172 — Introduced the run-zap-baseline-scan job with ZAP reporting configuration that this PR modifies.

Suggested labels

ci

Suggested reviewers

• arkid15r
• kasya

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 572877b and c864879.

📒 Files selected for processing (1)

• .github/workflows/run-ci-cd.yaml

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

PR validation failed: No linked issue and no valid closing issue reference in PR description

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud