Merge pull request #4 from matusso/msf-6.4.39

Msf 6.4.39
matusso · Dec 7, 2024 · 6537152 · 6537152
2 parents 41ed703 + 2f07814
commit 6537152
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 69 deletions.
diff --git a/.github/workflows/kiterunner.yml b/.github/workflows/kiterunner.yml
@@ -25,7 +25,7 @@ jobs:
         os: [ubuntu-latest]
 
     steps:        
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: snyk/actions/setup@master
 
       - name: Log in to GitHub Container Registry

diff --git a/.github/workflows/metasploit-framework.yml b/.github/workflows/metasploit-framework.yml
@@ -4,15 +4,20 @@ on:
   push:
     branches:
       - main  # Change to your default branch if not main
+      - msf-6.4.39
   pull_request:
-    branches:
-      - main  # Change to your default branch if not main
+    types: [opened, synchronize, reopened]
 
 permissions:
   contents: read
   packages: write
   security-events: write
 
+
+env:
+  RELEASE_VERSION: "6.4.39"
+  RUBY_VERSION: "3.2.5"
+
 jobs:
   build-and-push:
     runs-on: ${{ matrix.os }}
@@ -21,16 +26,14 @@ jobs:
         os: [ubuntu-latest]
 
     steps:
-      - uses: actions/checkout@v3
-      - uses: snyk/actions/setup@master
-
-      - name: Set release version
-        id: set_version
-        run: echo "RELEASE_VERSION=6.4.38" >> $GITHUB_ENV
+      - name: Checkout Metasploit Framework Repository
+        uses: actions/checkout@v4
+        with:
+          repository: rapid7/metasploit-framework
+          path: metasploit-framework  # Optional: Clone into a specific directory
+          ref: ${{ env.RELEASE_VERSION }}
 
-      - name: Clone Metasploit Framework repository at specific version
-        run: |
-          git clone --branch ${{ env.RELEASE_VERSION }} https://github.com/rapid7/metasploit-framework.git
+      - uses: snyk/actions/setup@master
 
       - name: Log in to GitHub Container Registry
         uses: docker/login-action@v3
@@ -50,6 +53,22 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-buildx-
 
+      - name: Install libpcap
+        run: sudo apt update && sudo apt install -y libpcap-dev
+
+            # Set up Ruby environment
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ env.RUBY_VERSION }}
+          bundler-cache: true
+
+            # Install Ruby dependencies
+      - name: Install Ruby dependencies
+        run: |
+          cd metasploit-framework
+          bundle install --path vendor/bundle
+
       - name: Build and push Docker image
         run: |
           docker buildx build --push \
@@ -79,4 +98,22 @@ jobs:
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: snyk.sarif
-
+
+      # SonarCloud Scan for Metasploit Framework
+      - name: SonarCloud Scan
+        uses: sonarsource/sonarqube-scan-action@v4
+        continue-on-error: true
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          args: >
+            -Dsonar.organization=matusso
+            -Dsonar.projectKey=docker-builds:metasploit-framework
+            -Dsonar.verbose=true
+            -Dsonar.projectName=metasploit-framework
+            -Dsonar.languages=ruby
+            -Dsonar.sources=metasploit-framework
+            -Dsonar.exclusions=**/*.java,**/*.c,**/*.cpp,**/*.h,**/*.mm,**/*.m
+            -Dsonar.c.file.suffixes=-
+            -Dsonar.cpp.file.suffixes=-
+            -Dsonar.objc.file.suffixes=-
diff --git a/.github/workflows/metasploit-framework_sonarcloud.yml b/.github/workflows/metasploit-framework_sonarcloud.yml