added wafw00f as submodule #30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: threat9/routersploit | |
| on: | |
| push: | |
| branches: | |
| - main # Change to your default branch if not main | |
| pull_request: | |
| branches: | |
| - main # Change to your default branch if not main | |
| permissions: | |
| contents: read | |
| packages: write | |
| security-events: write | |
| jobs: | |
| # Job 1: Build and Push Docker Image | |
| build-and-push: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest] | |
| steps: | |
| # Checkout the repository | |
| - uses: actions/checkout@v3 | |
| with: | |
| submodules: true # Ensure submodules are checked out | |
| # Snyk setup | |
| - uses: snyk/actions/setup@master | |
| # Set release version | |
| - name: Set release version | |
| id: set_version | |
| run: echo "RELEASE_VERSION=3.4.6" >> $GITHUB_ENV | |
| # Log in to GitHub Container Registry | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Set up Docker Buildx | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| # Cache Docker layers | |
| - name: Cache Docker layers | |
| uses: actions/cache@v3 | |
| with: | |
| path: ${{ github.workspace }}/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| # Build and push Docker image | |
| - name: Build and push Docker image | |
| run: | | |
| docker buildx build --push \ | |
| --tag ghcr.io/${{ github.repository_owner }}/routersploit:${{ env.RELEASE_VERSION }} \ | |
| --tag ghcr.io/${{ github.repository_owner }}/routersploit:latest \ | |
| --platform linux/amd64,linux/arm64 -f ./files/routersploit/Dockerfile . | |
| # Logout from Docker Hub | |
| - name: Logout from Docker Hub | |
| run: docker logout | |
| # Check Docker image with Snyk | |
| - name: Check ghcr.io/${{ github.repository_owner }}/routersploit:${{ env.RELEASE_VERSION }} image | |
| uses: snyk/actions/docker@master | |
| continue-on-error: true | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| with: | |
| image: ghcr.io/${{ github.repository_owner }}/routersploit:${{ env.RELEASE_VERSION }} | |
| args: --file=./files/routersploit/Dockerfile | |
| json: true | |
| # Convert Snyk results to SARIF | |
| - uses: garethr/snyk-to-sarif@master | |
| # Upload SARIF Report | |
| - uses: actions/upload-artifact@v4 | |
| with: | |
| name: SARIF | |
| path: snyk.sarif | |
| # Upload SARIF Report to GitHub Code Scanning | |
| - name: Upload SARIF Report to GitHub Code Scanning | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: snyk.sarif | |
| # Job 2: SonarCloud Analysis | |
| sonarcloud: | |
| runs-on: ubuntu-latest | |
| needs: build-and-push # Ensure this job runs after the build-and-push job | |
| steps: | |
| # Checkout the repository | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| with: | |
| submodules: true # Ensure submodules are checked out | |
| # Set up Python | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: 3.13 | |
| # Cache Python dependencies | |
| - name: Cache Python packages | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| # Install dependencies | |
| - name: Install dependencies | |
| run: | | |
| pip install -r src/routersploit/requirements.txt | |
| # Run SonarCloud analysis | |
| - name: Run SonarCloud Scan | |
| uses: sonarsource/[email protected] | |
| with: | |
| projectBaseDir: src/routersploit | |
| args: > | |
| -Dsonar.organization=matusso | |
| -Dsonar.projectKey=matusso_docker-builds | |
| -Dsonar.verbose=true | |
| -Dsonar.python.version=3.13 | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |