Vulnerability Scanner - Generate database

Vulnerability Scanner - Generate database #52

Workflow file for this run

.github/workflows/vulnerability-scanner-generate-database.yml at cdc4409

	name: Vulnerability Scanner - Generate database

	on:
	workflow_dispatch:
	schedule:
	- cron: '0 0 * * *'

	jobs:
	vulnerability-scanner-upload-database:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v3
	with:
	submodules: recursive

	- name: Project dependencies
	uses: ./.github/actions/vulnerability_scanner_deps

	########################
	# Compilation #
	########################

	# Router
	- name: Router - Compilation and test
	uses: ./.github/actions/compile_and_test
	with:
	path: src/shared_modules/router

	# Indexer connector
	- name: Indexer connector - Compilation and test
	uses: ./.github/actions/compile_and_test
	with:
	path: src/shared_modules/indexer_connector

	# Content manager
	- name: Content manager - Compilation and test
	uses: ./.github/actions/compile_and_test
	with:
	path: src/shared_modules/content_manager

	# Vulnerability scanner
	- name: Vulnerability scanner - Compilation and test
	uses: ./.github/actions/compile_and_test
	with:
	path: src/wazuh_modules/vulnerability_scanner

	- name: Vulnerability scanner - Run vd_scanner_testtool
	run: \|
	./src/wazuh_modules/vulnerability_scanner/build/testtool/scanner/vd_scanner_testtool -c src/wazuh_modules/vulnerability_scanner/testtool/scanner/config.json -t src/wazuh_modules/vulnerability_scanner/indexer/template/legacy-template.json -d
	shell: bash

	- name: Vulnerability scanner - Compress queue folder
	run: \|
	rm -rf queue/indexer
	rm -rf queue/sockets
	rm -rf queue/router
	rm -rf queue/vd_updater/tmp

	VD_FILENAME=vd_1.0.0_vd_4.8.0.tar.xz

	echo "Compressing file"
	tar -cJf ${VD_FILENAME} queue

	if ! [ -f ${VD_FILENAME} ]; then
	echo "Error generating ${VD_FILENAME} file"
	else
	echo "File ${VD_FILENAME} generated"
	du -h ${VD_FILENAME}
	fi
	shell: bash

	- name: Vulnerability scanner - Uploading file to S3
	run: \|
	root_folder=$(pwd)
	bucket="${{ secrets.FEED_AWS_BUCKET }}"
	file="vd_1.0.0_vd_4.8.0.tar.xz"
	dest_dir="deps/vulnerability_model_database"
	aws s3 cp ${file} s3://${bucket}/${dest_dir}/${file} --acl public-read
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.FEED_AWS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.FEED_AWS_SECRET_ACCESS_KEY}}
	AWS_DEFAULT_REGION: 'us-west-1'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerability Scanner - Generate database #52

Workflow file

Vulnerability Scanner - Generate database #52

Jobs

Run details

Workflow file for this run