Skip to content

Daily Retrieve CVE

Daily Retrieve CVE #16

Workflow file for this run

name: Daily Retrieve CVE
on:
schedule:
- cron: '10 0 * * *'
workflow_dispatch: # Allows manual triggering
jobs:
retrieve_cve:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Retrieve CVE
env:
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
run: python retrieve_cve.py
- name: Commit and push changes
run: |
git config --global user.name "github-actions"
git config --global user.email "[email protected]"
git diff --quiet && git diff --staged --quiet || git add lastUpdate.txt
git diff --quiet && git diff --staged --quiet || git add results/new_cves.jsonl
git diff --staged --quiet || git commit -m "Retrieve new CVEs"
git push
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
retrieve_cwe:
runs-on: ubuntu-latest
needs: retrieve_cve
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Pull latest changes
run: git pull
- name: Retrieve CWE
run: python cve2cwe.py
- name: Commit and push changes
run: |
git config --global user.name "github-actions"
git config --global user.email "[email protected]"
git diff --quiet && git diff --staged --quiet || git add results/new_cves.jsonl
git diff --staged --quiet || git commit -m "Retrieve CWE from new CVEs"
git push
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
retrieve_capec:
runs-on: ubuntu-latest
needs : retrieve_cwe
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Pull latest changes
run: git pull
- name: Retrieve CAPEC
run: python cwe2capec.py
- name: Commit and push changes
run: |
git config --global user.name "github-actions"
git config --global user.email "[email protected]"
git diff --quiet && git diff --staged --quiet || git add results/new_cves.jsonl
git diff --staged --quiet || git commit -m "Retrieve CAPEC from new CVEs's CWE"
git push
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
retrieve_techniques:
runs-on: ubuntu-latest
needs: retrieve_capec
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Pull latest changes
run: git pull
- name: Retrieve TECHNIQUES
run: python capec2technique.py
- name: Commit and push changes
run: |
git config --global user.name "github-actions"
git config --global user.email "[email protected]"
git diff --quiet && git diff --staged --quiet || git add results/new_cves.jsonl
git diff --quiet && git diff --staged --quiet || git add lastUpdate.txt
git diff --quiet && git diff --staged --quiet || git add database/*.jsonl
git diff --staged --quiet || git commit -m "Retrieve new CVEs and update CVE DB"
git push
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}