Last active
May 15, 2024 13:42
-
-
Save getvictor/5b708d408ec5508fbc5f1b3487e8f8a9 to your computer and use it in GitHub Desktop.
Example GitHub action for general data processing. Full article at https://victoronsoftware.com/posts/use-github-actions-for-general-purpose-tasks/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| branches: | |
| - master | |
| schedule: | |
| - cron: "40 * * * *" | |
| workflow_dispatch: # Manual | |
| permissions: | |
| contents: write | |
| jobs: | |
| security_artifacts: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout NVD repo | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: release | |
| - name: Checkout Fleet | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: fleetdm/fleet | |
| fetch-depth: 1 | |
| ref: main | |
| token: ${{ github.token }} | |
| path: fleet | |
| - name: Setup Go | |
| uses: actions/setup-go@v4.1.0 | |
| with: | |
| cache: false | |
| go-version: '^1.21.4' | |
| - name: Generate security artifacts | |
| uses: nick-fields/retry@943e742917ac94714d2f408a0e8320f2d1fcafcd # v2.8.3 | |
| with: | |
| timeout_minutes: 180 | |
| max_attempts: 3 | |
| retry_wait_seconds: 120 | |
| command: | | |
| cd fleet | |
| go mod download | |
| go run -tags fts5 cmd/cve/generate.go --db_dir ./vulndb --debug | |
| - name: Current date | |
| id: date | |
| run: | | |
| echo "date=$(date +'%Y%m%d%H%M')" >> $GITHUB_OUTPUT | |
| # Note that a new commit must be made for each release, otherwise GitHub does not order | |
| # the releases properly. | |
| - name: Tag | |
| run: | | |
| git config --global user.email "" | |
| git config --global user.name "GitHub Actions Bot" | |
| git pull | |
| git commit --allow-empty -m 'Release ${{ steps.date.outputs.date }}' | |
| git push origin release | |
| - name: Release | |
| uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v0.1.15 | |
| with: | |
| files: | | |
| fleet/vulndb/* | |
| tag_name: ${{ steps.date.outputs.date }} | |
| target_commitish: release | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Delete Old Releases | |
| uses: dev-drprasad/delete-older-releases@v0.3.2 | |
| with: | |
| keep_latest: 60 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment