From 6491fe19e25a408a951aa2dfafba9b341e64ab4e Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Mon, 27 Mar 2023 00:20:56 +0530
Subject: [PATCH] Update cve-annotate.yml

---
 .github/workflows/cve-annotate.yml | 48 +++++++++++++++++++-----------
 1 file changed, 30 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/cve-annotate.yml b/.github/workflows/cve-annotate.yml
index a151b74014..eeb36d5987 100644
--- a/.github/workflows/cve-annotate.yml
+++ b/.github/workflows/cve-annotate.yml
@@ -1,11 +1,12 @@
-name: ✍🏻 CVE Annotate
+name: TemplateMan
 
 on:
   push:
     branches:
       - main
+  pull_request:
     paths:
-      - 'cves/**.yaml'
+      - '**.yaml'
   workflow_dispatch:
 
 jobs:
@@ -16,32 +17,43 @@ jobs:
         with: 
           fetch-depth: 0
 
-      - name: Set up Go
-        uses: actions/setup-go@v4
-        with:
-          go-version: 1.19
-
-      - name: cve-annotate install
-        run: go install -v github.com/projectdiscovery/nuclei/v2/cmd/cve-annotate@latest
-
-      - name: Generate CVE Annotations
-        id: cve-annotate
+      - name: Install dependencies
         run: |
-          cve-annotate -i . -d .
-          git status -s | wc -l | xargs -I {} echo CHANGES={} >> $GITHUB_OUTPUT
+          sudo apt-get update
+          sudo apt-get install -y python3-pip
+          pip3 install pyyaml
+
+      - name: Send YAML to endpoint and check response
+        id: templateman-enhance
+        run: |
+          API_ENDPOINT="https://orca-app-65k3t.ondigitalocean.app/enhance?resp_format=plain"
+          FILENAME="${GITHUB_WORKSPACE}/${{ github.event.pull_request.head.repo.full_name }}/${{ github.event.pull_request.head.ref }}/${{ github.event.pull_request.changed_files }}"
+          for file in $(git diff --name-only "${{ github.event.pull_request.base.sha }}" "${{ github.event.pull_request.head.sha }}" --diff-filter=AM | grep "\.yaml$"); do
+            echo "Sending file: $file"
+            response=$(curl -X POST -H "Content-Type: application/x-yaml" --data-binary "@$file" "$API_ENDPOINT")
+            if python -c "import yaml, sys; yaml.safe_load(sys.stdin)" <<< "$response"; then
+              echo "Response is valid YAML, updating file..."
+              printf "%s\n" "$response" > "$file.tmp"
+              mv "$file.tmp" "$file"
+            else
+              echo "Error: invalid YAML in response for $file"
+              printf "%s\n" "$response" > "${file}.debug.txt"
+              exit 1
+            fi
+          done
 
       - name: Commit files
-        if: steps.cve-annotate.outputs.CHANGES > 0
+        if: steps.templateman-enhance.outputs.CHANGES > 0
         run: |
           git config --local user.email "action@github.com"
           git config --local user.name "GitHub Action"
           git pull
-          git add cves
-          git commit -m "Auto Generated CVE annotations [$(date)] :robot:" -a
+          git add .
+          git commit -m "Templateman Enhancement [$(date)] :robot:" -a
 
       - name: Push changes
         if: steps.cve-annotate.outputs.CHANGES > 0
         uses: ad-m/github-push-action@master
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
-          branch: ${{ github.ref }}
\ No newline at end of file
+          branch: ${{ github.ref }}