47 lines
1.3 KiB
YAML
47 lines
1.3 KiB
YAML
name: ✍🏻 CVE Annotate
|
|
|
|
on:
|
|
pull_request:
|
|
branches:
|
|
- master
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
docs:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@master
|
|
with:
|
|
persist-credentials: false
|
|
fetch-depth: 0
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- uses: actions/setup-go@v2
|
|
with:
|
|
go-version: 1.17
|
|
|
|
- name: Generate CVE Annotations
|
|
id: cve-annotate
|
|
run: |
|
|
if ! which cve-annotate > /dev/null; then
|
|
echo -e "Command cve-annotate not found! Installing\c"
|
|
go install github.com/projectdiscovery/nuclei/v2/cmd/cve-annotate@master
|
|
fi
|
|
cve-annotate -i ./cves/ -d .
|
|
echo "::set-output name=changes::$(git status -s | wc -l)"
|
|
|
|
- name: Commit files
|
|
if: steps.cve-annotate.outputs.changes > 0
|
|
run: |
|
|
git config --local user.email "action@github.com"
|
|
git config --local user.name "GitHub Action"
|
|
git add cves
|
|
git commit -m "Auto Generated CVE annotations [$(date)] :robot:" -a
|
|
|
|
- name: Push changes
|
|
if: steps.cve-annotate.outputs.changes > 0
|
|
uses: ad-m/github-push-action@master
|
|
with:
|
|
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
branch: ${{ github.ref }}
|