Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

msf-6.4.47 #9

Merged
merged 13 commits into from
Feb 4, 2025
+83 −45
Merged

msf-6.4.47 #9

Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
8d721dd
feat(ci): add Clang compiler setup to workflow
matusso Feb 2, 2025
bc16d46
chore: update Metasploit version in workflow config
matusso Feb 2, 2025
945ce0f
fix: correct shell command order in workflow
matusso Feb 2, 2025
7a13255
fix(workflow): update compiler configuration in CI
matusso Feb 2, 2025
69654c4
ci: update Docker build step for multi-platform support
matusso Feb 2, 2025
bb091fe
feat(ci): add libpq-dev to Metasploit workflow
matusso Feb 2, 2025
3c5ba33
chore: simplify Docker build process in workflow
matusso Feb 3, 2025
2f3e976
feat(ci): improve Docker build caching in workflow
matusso Feb 3, 2025
a814173
feat(ci): update GitHub Actions workflow for Docker builds
matusso Feb 4, 2025
73cfb65
feat(ci): enhance GitHub Actions for multi-arch support
matusso Feb 4, 2025
65f0d15
fix(ci): update ARM64 runner to use Ubuntu 22.04
matusso Feb 4, 2025
e9c6f44
chore: update workflow to use Ubuntu 24.04 for ARM
matusso Feb 4, 2025
9da358c
feat(ci): add checkout step for Metasploit Framework repo
matusso Feb 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
128 changes: 83 additions & 45 deletions .github/workflows/metasploit-framework.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
name: rapid7/metasploit-framework

on:
push:
branches:
- main # Change to your default branch if not main
- msf-6.4.41
- main
- msf-6.4.47
pull_request:
types: [opened, synchronize, reopened]

Expand All @@ -15,69 +14,104 @@ permissions:

env:
RELEASE_VERSION: "6.4.47"
RUBY_VERSION: "3.2.5"

jobs:
build-and-push:
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest]

jobs:
build-and-push-amd64:
runs-on: ubuntu-latest # Native amd64 GitHub runner
steps:
- name: Checkout Metasploit Framework Repository
uses: actions/checkout@v4
with:
repository: rapid7/metasploit-framework
path: metasploit-framework # Optional: Clone into a specific directory
path: metasploit-framework
ref: ${{ env.RELEASE_VERSION }}

- uses: snyk/actions/setup@master

- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Cache Docker layers
uses: actions/cache@v3
- name: Build and push amd64 Docker image
run: |
docker build --platform linux/amd64 \
--tag ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }}-amd64 \
--tag ghcr.io/${{ github.repository_owner }}/metasploit-framework:latest-amd64 \
metasploit-framework
docker push ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }}-amd64
docker push ghcr.io/${{ github.repository_owner }}/metasploit-framework:latest-amd64

- name: Logout from Docker Hub
run: docker logout

build-and-push-arm64:
runs-on: ubuntu-24.04-arm
steps:
- name: Checkout Metasploit Framework Repository
uses: actions/checkout@v4
with:
path: ${{ github.workspace }}/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-

- name: Install libpcap
run: sudo apt update && sudo apt install -y libpcap-dev

# Set up Ruby environment
- name: Set up Ruby
uses: ruby/setup-ruby@v1
repository: rapid7/metasploit-framework
path: metasploit-framework
ref: ${{ env.RELEASE_VERSION }}

- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
ruby-version: ${{ env.RUBY_VERSION }}
bundler-cache: true

# Install Ruby dependencies
- name: Install Ruby dependencies
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Build and push arm64 Docker image
run: |
cd metasploit-framework
bundle install --path vendor/bundle
docker build --platform linux/arm64 \
--tag ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }}-arm64 \
--tag ghcr.io/${{ github.repository_owner }}/metasploit-framework:latest-arm64 \
metasploit-framework
docker push ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }}-arm64
docker push ghcr.io/${{ github.repository_owner }}/metasploit-framework:latest-arm64

- name: Build and push Docker image
- name: Logout from Docker Hub
run: docker logout

create-multiarch-manifest:
needs: [build-and-push-amd64, build-and-push-arm64]
runs-on: ubuntu-latest
steps:
- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Create and push multi-platform manifest
run: |
docker buildx build --push \
--tag ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }} \
--tag ghcr.io/${{ github.repository_owner }}/metasploit-framework:latest \
--platform linux/amd64,linux/arm64 ./metasploit-framework
docker manifest create ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }} \
--amend ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }}-amd64 \
--amend ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }}-arm64

docker manifest create ghcr.io/${{ github.repository_owner }}/metasploit-framework:latest \
--amend ghcr.io/${{ github.repository_owner }}/metasploit-framework:latest-amd64 \
--amend ghcr.io/${{ github.repository_owner }}/metasploit-framework:latest-arm64

docker manifest push ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }}
docker manifest push ghcr.io/${{ github.repository_owner }}/metasploit-framework:latest

- name: Logout from Docker Hub
run: docker logout


security-scan:
needs: create-multiarch-manifest
runs-on: ubuntu-latest
steps:
- name: Checkout Metasploit Framework Repository
uses: actions/checkout@v4
with:
repository: rapid7/metasploit-framework
path: metasploit-framework
ref: ${{ env.RELEASE_VERSION }}

- name: Check ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }} image
uses: snyk/actions/docker@master
continue-on-error: true
Expand All @@ -87,18 +121,22 @@ jobs:
image: ghcr.io/${{ github.repository_owner }}/metasploit-framework:${{ env.RELEASE_VERSION }}
args: --file=./metasploit-framework/Dockerfile
json: true

- uses: garethr/snyk-to-sarif@master
- uses: actions/upload-artifact@v4
with:
name: SARIF
path: snyk.sarif

- name: Upload SARIF Report to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: snyk.sarif

# SonarCloud Scan for Metasploit Framework
sonarcloud-scan:
needs: create-multiarch-manifest
runs-on: ubuntu-latest
steps:
- name: SonarCloud Scan
uses: sonarsource/sonarqube-scan-action@v4
continue-on-error: true
Expand Down
Loading