Update vuln-list repo #1444
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Update vuln-list repo | |
on: | |
schedule: | |
- cron: "0 */6 * * *" | |
workflow_dispatch: | |
jobs: | |
update: | |
name: Update repo vuln-list | |
runs-on: ubuntu-latest | |
env: | |
GITHUB_TOKEN: ${{ secrets.ORG_REPO_TOKEN }} | |
VULN_LIST_DIR: "vuln-list" | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version-file: go.mod | |
- name: Check out vuln-list repo | |
uses: actions/checkout@v4 | |
with: | |
repository: ${{ github.repository_owner }}/vuln-list | |
token: ${{ secrets.ORG_REPO_TOKEN }} | |
path: ${{ env.VULN_LIST_DIR }} | |
- name: Setup github user email and name | |
run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "GitHub Action" | |
- name: Compile vuln-list-update | |
run: go build -o vuln-list-update . | |
- if: always() | |
name: Alpine Issue Tracker | |
run: ./scripts/update.sh alpine "Alpine Issue Tracker" | |
- if: always() | |
name: Alpine Unfixed Vulnerability Tracker | |
run: ./scripts/update.sh alpine-unfixed "Alpine Secshfixes Tracker" | |
- if: always() | |
name: Ubuntu CVE Tracker | |
run: ./scripts/update.sh ubuntu "Ubuntu CVE Tracker" | |
- if: always() | |
name: Amazon Linux AMI Security Advisory | |
run: ./scripts/update.sh amazon "Amazon Linux Security Center" | |
- if: always() | |
name: Oracle Linux OVAL | |
run: ./scripts/update.sh oracle-oval "Oracle Linux OVAL" | |
- if: always() | |
name: Photon CVE Advisory | |
run: ./scripts/update.sh photon "Photon Security Advisories" | |
- if: always() | |
name: GitHub Security Advisory | |
run: ./scripts/update.sh ghsa "GitHub Security Advisory" | |
- if: always() | |
name: CWE | |
run: ./scripts/update.sh cwe "CWE" | |
- if: always() | |
name: SUSE CVRF | |
run: ./scripts/update.sh suse-cvrf "SUSE CVRF" | |
- if: always() | |
name: GitLab Advisory Database | |
run: ./scripts/update.sh glad "GitLab Advisory Database" | |
- if: always() | |
name: AlmaLinux Security Advisory | |
run: ./scripts/update.sh alma "AlmaLinux Security Advisory" | |
- if: always() | |
name: Rocky Linux Security Advisory | |
run: ./scripts/update.sh rocky "Rocky Linux Security Advisory" | |
- if: always() | |
name: CBL-Mariner Vulnerability Data | |
run: ./scripts/update.sh mariner "CBL-Mariner Vulnerability Data" | |
- if: always() | |
name: OSV Database | |
run: ./scripts/update.sh osv "OSV Database" | |
- if: always() | |
name: Wolfi Secdb | |
run: ./scripts/update.sh wolfi "Wolfi Security Data" | |
- if: always() | |
name: Chainguard Secdb | |
run: ./scripts/update.sh chainguard "Chainguard Security Data" |