155 lines
4.2 KiB
YAML

name: Update vuln-list repo
on:
schedule:
- cron: "0 */6 * * *"
workflow_dispatch:
jobs:
update:
name: Update repo vuln-list
runs-on: ubuntu-latest
env:
GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }}
steps:
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.17
- name: Check out code into the Go module directory
uses: actions/checkout@v3
- name: Set Owner
run: echo "VULNLIST_REPOSITORY_OWNER=$(echo ${GITHUB_REPOSITORY} | awk -F / '{print $1}' | sed -e 's/:refs//')" >> $GITHUB_ENV
shell: bash
- name: Setup github user email and name
run: |
git config --global user.email "action@github.com"
git config --global user.name "GitHub Action"
- name: Compile vuln-list-update
run: go build -o vuln-list-update .
- if: always()
name: NVD
run: ./vuln-list-update -target nvd
- if: always()
name: Alpine Issue Tracker
run: ./vuln-list-update -target alpine
- if: always()
name: Alpine Unfixed Vulnerability Tracker
run: ./vuln-list-update -target alpine-unfixed
- if: always()
name: Debian Security Bug Tracker
run: ./vuln-list-update -target debian
- if: always()
name: Ubuntu CVE Tracker
run: ./vuln-list-update -target ubuntu
- if: always()
name: Amazon Linux AMI Security Advisory
run: ./vuln-list-update -target amazon
- if: always()
name: Oracle Linux OVAL
run: ./vuln-list-update -target oracle-oval
- if: always()
name: Red Hat OVALv2
run: ./vuln-list-update -target redhat-oval
- if: always()
name: Photon CVE Advisory
run: ./vuln-list-update -target photon
- if: always()
name: GitHub Security Advisory
run: ./vuln-list-update -target ghsa
- if: always()
name: CWE
run: ./vuln-list-update -target cwe
- if: always()
name: SUSE CVRF
run: ./vuln-list-update -target suse-cvrf
- if: always()
name: GitLab Advisory Database
run: ./vuln-list-update -target glad
- if: always()
name: Arch Linux Security Advisory
run: ./vuln-list-update -target arch-linux
- if: always()
name: AlmaLinux Security Advisory
run: ./vuln-list-update -target alma
- if: always()
name: Rocky Linux Security Advisory
run: ./vuln-list-update -target rocky
- if: always()
name: CBL-Mariner Vulnerability Data
run: ./vuln-list-update -target mariner
- if: always()
name: OSV Database
run: ./vuln-list-update -target osv
- if: always()
name: Go Vulnerability Database
run: ./vuln-list-update -target go-vulndb
# Red Hat Security Data API is unstable.
# It should be split into small pieces to reduce the impact of failure.
- if: always()
name: Red Hat Security Data API 1996-2002
run: ./vuln-list-update -target redhat -years 1996,1997,1998,1999,2000,2001,2002
- if: always()
name: Red Hat Security Data API 2003-2008
run: ./vuln-list-update -target redhat -years 2003,2004,2005,2006,2007,2008
- if: always()
name: Red Hat Security Data API 2009-2011
run: ./vuln-list-update -target redhat -years 2009,2010,2011
- if: always()
name: Red Hat Security Data API 2012
run: ./vuln-list-update -target redhat -years 2012
- if: always()
name: Red Hat Security Data API 2013
run: ./vuln-list-update -target redhat -years 2013
- if: always()
name: Red Hat Security Data API 2014
run: ./vuln-list-update -target redhat -years 2014
- if: always()
name: Red Hat Security Data API 2015
run: ./vuln-list-update -target redhat -years 2015
- if: always()
name: Red Hat Security Data API 2016
run: ./vuln-list-update -target redhat -years 2016
- if: always()
name: Red Hat Security Data API 2017
run: ./vuln-list-update -target redhat -years 2017
- if: always()
name: Red Hat Security Data API 2018
run: ./vuln-list-update -target redhat -years 2018
- if: always()
name: Red Hat Security Data API 2019-2022
run: ./vuln-list-update -target redhat -years 2019,2020,2021,2022