Merge pull request #2627 from projectdiscovery/cve-annotate-workflow

Added CVE Annotation workflow
2021-09-10 22:53:06 +05:30 · 2021-09-10 22:53:06 +05:30 · 7b2e6a7559
parent 47cb6a7df0 e4c3490a28
commit 7b2e6a7559
3 changed files with 55 additions and 20 deletions
--- a/.github/workflows/cve-annotate.yml
+++ b/.github/workflows/cve-annotate.yml
@ -0,0 +1,45 @@
+name: ✍🏻 CVE Annotate
+
+on:
+  pull_request:
+    branches:
+      - master
+  workflow_dispatch:
+
+jobs:
+  docs:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+        with:
+          persist-credentials: false
+          fetch-depth: 0
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: actions/setup-go@v2
+        with:
+          go-version: 1.17
+
+      - name: Generate CVE Annotations
+        id: cve-annotate
+        run: |
+          if ! which cve-annotate > /dev/null; then
+            echo -e "Command cve-annotate not found! Installing\c"
+            go install github.com/projectdiscovery/nuclei/v2/cmd/cve-annotate@master
+          fi
+          cve-annotate -i ./cves/ -d .
+          echo "::set-output name=changes::$(git status -s | wc -l)"
+
+      - name: Commit files
+        if: steps.cve-annotate.outputs.changes > 0
+        run: |
+          git config --local user.email "action@github.com"
+          git config --local user.name "GitHub Action"
+          git add cves
+          git commit -m "Auto Generated CVE annotations [$(date)] :robot:" -a
+
+      - name: Push changes
+        if: steps.cve-annotate.outputs.changes > 0
+        uses: ad-m/github-push-action@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/template-validate.yml
+++ b/.github/workflows/template-validate.yml
@ -6,13 +6,10 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - name: Checkout Repo
-        uses: actions/checkout@master
-
-      - name: Setup golang
-        uses: actions/setup-go@v2
-        with:
-          go-version: 1.14
+      - uses: actions/checkout@master
+      - uses: actions/setup-go@v2
+        with: 
+          go-version: 1.17

      #- name: Cache Go
      #  id: cache-go
@ -26,7 +23,7 @@ jobs:
        env:
          GO111MODULE: on
        run: |
-          go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei
+          go install github.com/projectdiscovery/nuclei/v2/cmd/nuclei@master
        shell: bash

      - name: Template Validation
--- a/.github/workflows/templates-stats.yml
+++ b/.github/workflows/templates-stats.yml
@ -11,21 +11,14 @@ jobs:
    runs-on: ubuntu-latest
    if: github.repository == 'projectdiscovery/nuclei-templates' && github.ref == 'refs/heads/master'
    steps:
-      - name: Checkout Repo
-        uses: actions/checkout@master
-        with:
-          fetch-depth: 0
-
-      - name: Setup golang
-        uses: actions/setup-go@v2
-        with:
-          go-version: 1.14
+      - uses: actions/checkout@master
+      - uses: actions/setup-go@v2
+        with: 
+          go-version: 1.17

      - name: Installing Template Stats
-        env:
-          GO111MODULE: on
        run: |
-          go get -v github.com/projectdiscovery/templates-stats@main
+          go install github.com/projectdiscovery/templates-stats@main
        shell: bash

      - name: Markdown Stats