name: Update vuln-list-redhat repo
on:
  schedule:
  - cron: "0 */6 * * *"
  workflow_dispatch:

jobs:
  update:
    name: Update vuln-list-redhat
    runs-on: ubuntu-latest
    env:
      GITHUB_TOKEN: ${{ secrets.ORG_REPO_TOKEN }}
      VULN_LIST_DIR: "vuln-list-redhat"
    steps:
    - name: Check out code
      uses: actions/checkout@v4

    - name: Set up Go
      uses: actions/setup-go@v5
      with:
        go-version-file: go.mod

    - name: Check out vuln-list-redhat repo
      uses: actions/checkout@v4
      with:
        repository: ${{ github.repository_owner }}/${{ env.VULN_LIST_DIR }}
        token: ${{ secrets.ORG_REPO_TOKEN }}
        path: ${{ env.VULN_LIST_DIR }}

    - name: Setup github user email and name
      run: |
        git config --global user.email "action@github.com"
        git config --global user.name "GitHub Action"

    - name: Compile vuln-list-update
      run: go build -o vuln-list-update .

    - if: always()
      name: Red Hat OVALv2
      run: ./scripts/update.sh redhat-oval "Red Hat OVAL v2"

    - if: always()
      name: Red Hat Security Data API
      run: ./scripts/update.sh redhat "Red Hat Security Data API"