/
action.yml
59 lines (59 loc) · 2.23 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
name: WordPress Vulnerability Scanner
description: A GitHub action that can be used to run vulnerability checks using the 10up WP-CLI Vulnerability Scanner
author: jazzsequence
branding:
icon: crosshair
color: yellow
inputs:
api-provider:
description: The API provider to use for the vulnerability check. Valid options are `patchstack`, `wpscan` and `wordfence`. Defaults to `wordfence`.
required: false
default: wordfence
api-token:
description: The API token to use for the vulnerability check. Defaults to `''`. Patchstack and WPScan both require an API token. The API token is optional for Wordfence.
required: false
default: ''
type:
description: The type of vulnerability check to run. Valid options are `plugin`, `theme` and `core`. Defaults to `plugin`.
required: false
default: plugin
name:
description: The name of the plugin or theme to check. Defaults to the name of the repository.
required: false
default: ${{ github.repository }}
runs:
using: composite
steps:
- uses: shogo82148/actions-setup-mysql@v1
with:
distribution: mariadb
mysql-version: 10.5
root-password: root
- name: Install Extras
shell: bash
run: |
sudo apt-get update
sudo apt-get install subversion
- name: Install WordPress Test Suite
shell: bash
run: |
echo "Installing WP Test Suite so we can use it for vulnerability scanning..."
bash bin/install-wp-tests.sh wordpress root root 127.0.0.1 latest
- name: Install WP-CLI
shell: bash
run: |
echo "Installing WP-CLI..."
bash bin/functions.sh install_wp_cli
- name: Set up WordPress
shell: bash
run: |
echo "Setting up WordPress..."
bash bin/functions.sh install_wp
- name: Set up package & vulnerability scanner
shell: bash
run: |
echo "Setting up your package to scan & the vulnerability scanner..."
bash bin/functions.sh setup_vuln_scanner ${{ inputs.type }} ${{ inputs.name }} ${{ inputs.api-token }} ${{ inputs.api-provider }}
- name: Scan for vulnerabilities
shell: bash
run: bash bin/functions.sh run_scan ${{ inputs.type }} ${{ inputs.name }} '' '' ${{ github.workspace }}