Skip to content

Automatically crawl CVEs #33289

Automatically crawl CVEs

Automatically crawl CVEs #33289

Workflow file for this run

name: Automatically crawl CVEs
on:
pull_request:
branches:
- master
workflow_dispatch:
branches:
- master
schedule:
- cron: '0 0/3 * * *'
jobs:
build-and-deploy:
runs-on: ubuntu-latest
# 当仓库隶属组织时,赋予流水线“写权限”以便提交变更
permissions:
contents: write
steps:
- name: Check out repo
uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.8
- uses: actions/cache@v2
name: Configure pip caching
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Install Python dependencies
run: |
python -m pip install -r requirements.txt
- name: Crawl CVEs
run: |-
python main.py -g "${{ secrets.CRAWL_PWD }}" --gtk ${{ secrets.GRAPAQL_TOKEN }}
# 若该时间段没有 CVE, 则 file://cache/mail.dat 文件不会生成,此时不会发送邮件
# - name: Send mail
# if: ${{ secrets.CRAWL_PWD != '' && github.event_name != 'pull_request' }}
# uses: lyy289065406/action-send-mail@master
# with:
# server_address: ${{ secrets.MAIL_SMTP }}
# server_port: 465
# username: ${{ secrets.MAIL_USER }}
# password: ${{ secrets.MAIL_PASS }}
# from: ${{ secrets.MAIL_USER }}
# to: file://cache/mail_recvs.dat
# body: file://cache/mail_content.dat
# content_type: text/html
# subject: 威胁情报播报
# 如果不希望污染 commit 记录,user.email 和 user.name 随便填即可
# Github Runner 是有权限提交到仓库的,只要 user 不是 owner ,当次 commit 不会被记录
- name: Commit and push Github page (if changed)
if: ${{ github.event_name != 'pull_request' }}
run: |-
git diff
git config --global user.email "[email protected]"
git config --global user.name "Github-Bot"
git add -A
git commit -m "Updated by Github Bot" || exit 0
git push origin master