forked from osquery/osquery
-
Notifications
You must be signed in to change notification settings - Fork 1
36 lines (27 loc) · 1006 Bytes
/
cve_scan_runner.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: cve-scan-runner
on:
workflow_dispatch:
schedule:
- cron: "17 23 * * *"
env:
# To see the script output in real time
PYTHONUNBUFFERED: 1
jobs:
scan-and-open-issues:
runs-on: ubuntu-20.04
timeout-minutes: 20
steps:
- name: Clone the osquery repository
uses: actions/checkout@v3
- name: Install python pre-requisites
run: |
pip3 install -r ./tools/ci/scripts/cve/requirements.txt
- name: Scan CVEs and open issues
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# NIST_API_KEY: ${{ secrets.NVD_API_KEY }}
run: |
./tools/ci/scripts/cve/validate_manifest_libraries_versions.py --manifest libraries/third_party_libraries_manifest.json \
--repository .
./tools/ci/scripts/cve/third_party_libraries_cves_scanner.py --manifest libraries/third_party_libraries_manifest.json \
--create-issues --source-repo Smjert/osquery --dest-repo Smjert/osquery --debug