download mapi instead of use docker

src/commands/scan.yml

@@ -53,15 +53,28 @@ parameters:
   # run-args:
   #   type: string
   #   description: A list of additional arguments (separated by '\n') to include in the call to 'mapi run'. Run 'mapi run --help' for a complete list of arguments.
+  mapi-path:
+    type: string
+    description: The path to install the latest binary executable to.
+    default: "/usr/local/bin"
+  mapi-version:
+    type: string
+    description: The binary version of Mayhem for API to use
+    default: "latest"
 steps:
   - run:
       environment:
         API_URL: <<parameters.api-url>>
         API_SPEC: <<parameters.api-spec>>
+        DURATION: <<parameters.duration>>
         GITHUB_TOKEN: <<parameters.github-token>>
         MAPI_TOKEN: <<parameters.mapi-token>>
+        MAPI_PATH: <<parameters.mapi-path>>
+        MAPI_VERSION: <<parameters.mapi-version>>
         POSTMAN_ENVIRONMENT: <<parameters.postman-environment-id>>
         POSTMAN_API_KEY: <<parameters.postman-api-key>>
+        TARGET: <<parameters.target>>
+        ZAP_API_SCAN: <<parameters.zap-api-scan>>
 
       name: Scan your API with Mayhem for API
       command: <<include(scripts/scan.sh)>>

src/executors/default.yml

@@ -0,0 +1,4 @@
+description: >
+  Execute Mayhem for API on ubuntu.
+machine:
+  image: "ubuntu-2004:202010-01"

src/scripts/scan.sh

@@ -1,9 +1,8 @@
 #!/bin/bash
-docker run -it \
-  --env MAPI_TOKEN \
-  --env GITHUB_TOKEN \
-  --env POSTMAN_ENVIRONMENT \
-  --env POSTMAN_API_KEY \
-  forallsecure/mapi:latest \
-  --url "${API_URL}" \
-  "${API_SPEC}"
+MAPI="${MAPI_PATH}/mapi"
+
+# Download executable
+curl -Lo "${MAPI}" "https://mayhem4api.forallsecure.com/downloads/cli/${MAPI_VERSION}/linux-musl/mapi" \
+  && chmod +x "${MAPI}"
+
+${MAPI} run --url "${API_URL}" "${TARGET}" "${DURATION}" "${API_SPEC}"