AquaSec workflow fix

tmikula-dev · tmikula-dev · commit 77f0e240b2ff · 2025-11-27T15:15:52.000+01:00
diff --git a/.github/workflows/aquasec_repository_scan.yml b/.github/workflows/aquasec_repository_scan.yml
@@ -29,14 +29,14 @@ jobs:
         run: |
           echo "=== Authenticating with AquaSec ==="
   
-          TIMESTAMP=$(date +%s)
+          TIMESTAMP=$(date -u +%s)
           AUTH_ENDPOINT="https://eu-1.api.cloudsploit.com/"
           METHOD="POST"
-          POST_BODY='{"validity":240,"allowed_endpoints":["GET"]}'
+          POST_BODY='{"validity":240,"allowed_endpoints":["GET","POST"]}'
           STRING_TO_SIGN="${TIMESTAMP}${METHOD}/v2/tokens${POST_BODY}"
           SIGNATURE=$(echo -n "$STRING_TO_SIGN" | openssl dgst -sha256 -hmac "$AQUA_SECRET" -hex | sed 's/.*= //g')
           
-          AUTH_RESPONSE=$(curl -s -X POST "$AUTH_ENDPOINT" \
+          AUTH_RESPONSE=$(curl -s -X "$METHOD" "$AUTH_ENDPOINT" \
             -H "Content-Type: application/json" \
             -H "X-API-Key: $AQUA_KEY" \
             -H "X-Timestamp: $TIMESTAMP" \
