CVE Update #119785
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Github Action for updates to this repository | |
name: CVE Update | |
on: | |
# run every 5~10 minutes (min Github scheduling allowed) | |
# note this may not complete when the hourly "CVE Release" workflow starts, | |
# so that the updates in this task may not be reflected | |
# in the CVE Release artifacts running in a separate workflow | |
# note also that if this job runs longer than 5 minutes, | |
# the next job will run 5 minutes after this completes | |
schedule: | |
- cron: '*/5 * * * *' | |
# Enables manual runs of this workflow from the Actions tab | |
workflow_dispatch: | |
inputs: | |
# logLevel: | |
# description: 'Log level' | |
# required: false | |
# default: 'debug' | |
params: | |
description: 'command line arguments to update' | |
required: false | |
default: '' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
jobs: | |
update-cves: | |
environment: deployment | |
runs-on: ubuntu-latest | |
env: | |
CVE_SERVICES_URL: https://cveawg.mitre.org | |
CVE_SERVICES_RECORDS_PER_PAGE: 500 | |
CVE_ORG_URL: https://www.cve.org | |
CVES_BASE_DIRECTORY: cves | |
CVES_RECENT_ACTIVITIES_FILENAME: recent_activities.json | |
CVES_DEFAULT_UPDATE_LOOKBACK_IN_MINS: 180 | |
CVES_DEFAULT_DELTA_LOG_HISTORY_IN_DAYS: 30 | |
CVE_API_ORG: ${{secrets.CVE_API_ORG}} | |
CVE_API_USER: ${{secrets.CVE_API_USER}} | |
CVE_API_KEY: ${{secrets.CVE_API_KEY}} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 1 | |
- name: Setup Node to specific version | |
uses: actions/setup-node@v3 | |
with: | |
node-version: 18 | |
- name: Update CVEs | |
run: | | |
export TEMP_TIMESTAMP=$(date '+%Y-%m-%d_%H%M_UTC') | |
echo "out=$TEMP_TIMESTAMP" >> $GITHUB_OUTPUT | |
git pull | |
git config --global user.email "github_action@example.com" | |
git config --global user.name "cvelistV5 Github Action" | |
git remote set-url origin https://${GITHUB_TOKEN}@github.com/${{github.repository}}.git | |
export PREV_TS=$(jq -c -r .[2].fetchTime < $CVES_BASE_DIRECTORY/deltaLog.json) | |
node ./.github/workflows/dist/index.js update ${{ github.event.inputs.params }} --start=$PREV_TS | |
git push | |
# - name: output | |
# uses: actions/github-script@v6 | |
# with: | |
# script: | | |
# core.notice("this is a notice") |