nuclei-templates/.github/workflows/cve-annotate.yml

49 lines
1.5 KiB
YAML
Raw Normal View History

2021-09-10 12:11:35 +00:00
name: ✍🏻 CVE Annotate
on:
2021-09-11 08:23:26 +00:00
push:
2021-09-10 12:11:35 +00:00
branches:
2023-01-05 10:56:27 +00:00
- main
2021-09-10 12:11:35 +00:00
workflow_dispatch:
jobs:
docs:
runs-on: ubuntu-latest
steps:
2022-03-06 09:01:18 +00:00
- uses: actions/checkout@v2
2021-09-10 12:18:49 +00:00
2022-03-06 09:01:18 +00:00
- name: Get Github tag
id: meta
run: |
curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT
2022-03-06 09:01:18 +00:00
- name: Setup CVE annotate
if: steps.meta.outputs.TAG != ''
2022-03-06 09:01:18 +00:00
env:
VERSION: ${{ steps.meta.outputs.TAG }}
2022-03-06 09:01:18 +00:00
run: |
wget -q https://github.com/projectdiscovery/nuclei/releases/download/${VERSION}/cve-annotate.zip
sudo unzip cve-annotate.zip -d /usr/local/bin
working-directory: /tmp
2021-09-10 12:11:35 +00:00
- name: Generate CVE Annotations
id: cve-annotate
run: |
2022-08-27 04:25:46 +00:00
cve-annotate -i . -d .
git status -s | wc -l | xargs -I {} echo CHANGES={} >> $GITHUB_OUTPUT
2021-09-10 12:11:35 +00:00
- name: Commit files
if: steps.cve-annotate.outputs.CHANGES > 0
2021-09-10 12:11:35 +00:00
run: |
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"
2022-02-27 11:03:05 +00:00
git pull
2021-09-10 12:11:35 +00:00
git add cves
git commit -m "Auto Generated CVE annotations [$(date)] :robot:" -a
- name: Push changes
if: steps.cve-annotate.outputs.CHANGES > 0
2021-09-10 12:11:35 +00:00
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
2022-03-06 09:01:18 +00:00
branch: ${{ github.ref }}