Extract(Nightly) #36

Workflow file for this run

.github/workflows/extract-nightly.yml at f0a5b40

	name: Extract(Nightly)
	on:
	workflow_run:
	workflows: [Extract]
	types:
	- completed
	workflow_dispatch:

	jobs:
	extract-main:
	name: Extract vuls-data-extracted-${{ matrix.target }}
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	target:
	- "alma-errata"
	- "alma-osv"
	# - "alma-oval"
	- "alpine-secdb"
	- "alpine-osv"
	- "amazon"
	# - "android-osv"
	- "arch"
	# - "attack"
	# - "bitnami-osv"
	# - "capec"
	# - "cargo-ghsa"
	# - "cargo-osv"
	# - "cargo-db"
	# - "chainguard-osv"
	# - "composer-ghsa"
	# - "composer-glsa"
	# - "composer-osv"
	# - "composer-db"
	# - "conan-glsa"
	# - "cwe"
	# - "debian-osv"
	# - "debian-oval"
	# - "debian-security-tracker-api"
	# - "debian-security-tracker-salsa"
	- "epss"
	# - "erlang-ghsa"
	# - "erlang-osv"
	# - "exploit-exploitdb"
	# - "exploit-github"
	# - "exploit-inthewild"
	# - "exploit-trickest"
	# - "fedora"
	# - "fortinet-handmade"
	# - "fortinet-cvrf"
	- "freebsd"
	# - "gentoo"
	# - "ghactions-osv"
	# - "git-osv"
	# - "golang-ghsa"
	# - "golang-glsa"
	# - "golang-osv"
	# - "golang-db"
	# - "golang-vulndb"
	# - "haskell-osv"
	# - "jvn-feed-detail"
	# - "jvn-feed-product"
	# - "jvn-feed-rss"
	- "kev"
	# - "linux-osv"
	# - "maven-ghsa"
	# - "maven-glsa"
	# - "maven-osv"
	# - "mitre-cvrf"
	# - "mitre-v4"
	- "mitre-v5"
	# - "msf"
	# - "netbsd"
	# - "npm-ghsa"
	# - "npm-glsa"
	# - "npm-osv"
	# - "npm-db"
	# - "nuget-ghsa"
	# - "nuget-glsa"
	# - "nuget-osv"
	# - "nvd-api-cpe"
	# - "nvd-feed-cve"
	# - "nvd-feed-cpe"
	# - "nvd-feed-cpematch"
	- "oracle"
	# - "oss-fuzz-osv"
	# - "perl-db"
	# - "pip-ghsa"
	# - "pip-glsa"
	# - "pip-osv"
	# - "pip-db"
	# - "pub-ghsa"
	# - "pub-osv"
	# - "r-osv"
	# - "redhat-cve"
	# - "redhat-cvrf"
	# - "redhat-osv"
	- "rocky-errata"
	# - "rocky-osv"
	# - "rubygems-ghsa"
	# - "rubygems-glsa"
	# - "rubygems-osv"
	# - "rubygems-db"
	# - "snort"
	# - "suse-oval"
	# - "suse-cvrf"
	# - "suse-cvrf-cve"
	# - "suse-csaf"
	# - "suse-csaf-vex"
	# - "suse-osv"
	# - "swift-ghsa"
	# - "swift-osv"
	# - "ubuntu-oval"
	# - "ubuntu-cve-tracker"
	# - "ubuntu-osv"
	# - "vulncheck-kev"
	# - "windows-bulletin"
	# - "windows-cvrf"
	# - "windows-msuc"
	# - "windows-wsusscn2"
	# - "wolfi-osv"
	steps:
	- name: Maximize build space
	uses: easimon/maximize-build-space@v10
	with:
	root-reserve-mb: 32768
	remove-dotnet: "true"
	remove-android: "true"
	remove-haskell: "true"
	remove-codeql: "true"
	remove-docker-images: "true"

	- name: Install Oras
	run: \|
	# https://oras.land/docs/installation/#linux
	VERSION="1.2.2"
	curl -LO "https://github.com/oras-project/oras/releases/download/v${VERSION}/oras_${VERSION}_linux_amd64.tar.gz"
	mkdir -p oras-install/
	tar -zxf oras_${VERSION}_*.tar.gz -C oras-install/
	sudo mv oras-install/oras /usr/local/bin/
	rm -rf oras_${VERSION}_*.tar.gz oras-install/

	- name: Check out code into the Go module directory
	uses: actions/checkout@v4
	with:
	repository: MaineK00n/vuls-data-update
	ref: nightly

	- name: Set up Go 1.x
	uses: actions/setup-go@v5
	with:
	go-version-file: "go.mod"

	- name: go install
	run: go install ./cmd/vuls-data-update

	- name: Check out vulsio/vuls-data-raw-${{ matrix.target }} repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-raw-${{ matrix.target }}
	tar -xf vuls-data-raw-${{ matrix.target }}.tar.zst
	rm vuls-data-raw-${{ matrix.target }}.tar.zst
	git -C vuls-data-raw-${{ matrix.target }} restore .

	- name: Check out vulsio/vuls-data-extracted-${{ matrix.target }} repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-extracted-${{ matrix.target }}
	tar -xf vuls-data-extracted-${{ matrix.target }}.tar.zst
	rm vuls-data-extracted-${{ matrix.target }}.tar.zst
	git -C vuls-data-extracted-${{ matrix.target }} switch nightly

	- name: Extract
	run: vuls-data-update extract ${{ matrix.target }} --dir vuls-data-extracted-${{ matrix.target }} vuls-data-raw-${{ matrix.target }}

	- name: Set Git config
	run: \|
	git -C vuls-data-extracted-${{ matrix.target }} config user.email "[email protected]"
	git -C vuls-data-extracted-${{ matrix.target }} config user.name "GitHub Action"

	- name: Commit
	run: \|
	if [[ -n $(git -C vuls-data-extracted-${{ matrix.target }} status --porcelain) ]]; then
	git -C vuls-data-extracted-${{ matrix.target }} add .
	git -C vuls-data-extracted-${{ matrix.target }} commit -m "update"
	fi

	- name: Create dotgit tarball
	run: \|
	mv vuls-data-extracted-${{ matrix.target }} vuls-data-extracted-${{ matrix.target }}.tmp
	mkdir vuls-data-extracted-${{ matrix.target }}
	mv vuls-data-extracted-${{ matrix.target }}.tmp/.git vuls-data-extracted-${{ matrix.target }}
	tar --remove-files -acf vuls-data-extracted-${{ matrix.target }}.tar.zst vuls-data-extracted-${{ matrix.target }}

	- name: Login to GitHub Packages Container registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Upload vuls-data-extracted-${{ matrix.target }} dotgit tarball to GHCR
	run: \|
	oras push ghcr.io/vulsio/vuls-data-db:vuls-data-extracted-${{ matrix.target }} vuls-data-extracted-${{ matrix.target }}.tar.zst:application/vnd.vulsio.vuls-data-db.dotgit.layer.v1.tar+zstd

	extract-redhat:
	name: Extract vuls-data-extracted-${{ matrix.target }}
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	target:
	- "redhat-ovalv1"
	- "redhat-ovalv2"
	- "redhat-csaf"
	- "redhat-vex"
	steps:
	- name: Maximize build space
	uses: easimon/maximize-build-space@v10
	with:
	root-reserve-mb: 32768
	remove-dotnet: "true"
	remove-android: "true"
	remove-haskell: "true"
	remove-codeql: "true"
	remove-docker-images: "true"

	- name: Install Oras
	run: \|
	# https://oras.land/docs/installation/#linux
	VERSION="1.2.2"
	curl -LO "https://github.com/oras-project/oras/releases/download/v${VERSION}/oras_${VERSION}_linux_amd64.tar.gz"
	mkdir -p oras-install/
	tar -zxf oras_${VERSION}_*.tar.gz -C oras-install/
	sudo mv oras-install/oras /usr/local/bin/
	rm -rf oras_${VERSION}_*.tar.gz oras-install/

	- name: Check out code into the Go module directory
	uses: actions/checkout@v4
	with:
	repository: MaineK00n/vuls-data-update
	ref: nightly

	- name: Set up Go 1.x
	uses: actions/setup-go@v5
	with:
	go-version-file: "go.mod"

	- name: go install
	run: go install ./cmd/vuls-data-update

	- name: Check out vulsio/vuls-data-raw-${{ matrix.target }} repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-raw-${{ matrix.target }}
	tar -xf vuls-data-raw-${{ matrix.target }}.tar.zst
	rm vuls-data-raw-${{ matrix.target }}.tar.zst
	git -C vuls-data-raw-${{ matrix.target }} restore .

	- name: Check out vulsio/vuls-data-raw-redhat-repository-to-cpe repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-raw-redhat-repository-to-cpe
	tar -xf vuls-data-raw-redhat-repository-to-cpe.tar.zst
	rm vuls-data-raw-redhat-repository-to-cpe.tar.zst
	git -C vuls-data-raw-redhat-repository-to-cpe restore .

	- name: Check out vulsio/vuls-data-extracted-${{ matrix.target }} repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-extracted-${{ matrix.target }}
	tar -xf vuls-data-extracted-${{ matrix.target }}.tar.zst
	rm vuls-data-extracted-${{ matrix.target }}.tar.zst
	git -C vuls-data-extracted-${{ matrix.target }} switch nightly

	- name: Extract
	run: vuls-data-update extract ${{ matrix.target }} --dir vuls-data-extracted-${{ matrix.target }} vuls-data-raw-${{ matrix.target }} vuls-data-raw-redhat-repository-to-cpe

	- name: Set Git config
	run: \|
	git -C vuls-data-extracted-${{ matrix.target }} config user.email "[email protected]"
	git -C vuls-data-extracted-${{ matrix.target }} config user.name "GitHub Action"

	- name: Commit
	run: \|
	if [[ -n $(git -C vuls-data-extracted-${{ matrix.target }} status --porcelain) ]]; then
	git -C vuls-data-extracted-${{ matrix.target }} add .
	git -C vuls-data-extracted-${{ matrix.target }} commit -m "update"
	fi

	- name: Create dotgit tarball
	run: \|
	mv vuls-data-extracted-${{ matrix.target }} vuls-data-extracted-${{ matrix.target }}.tmp
	mkdir vuls-data-extracted-${{ matrix.target }}
	mv vuls-data-extracted-${{ matrix.target }}.tmp/.git vuls-data-extracted-${{ matrix.target }}
	tar --remove-files -acf vuls-data-extracted-${{ matrix.target }}.tar.zst vuls-data-extracted-${{ matrix.target }}

	- name: Login to GitHub Packages Container registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Upload vuls-data-extracted-${{ matrix.target }} dotgit tarball to GHCR
	run: \|
	oras push ghcr.io/vulsio/vuls-data-db:vuls-data-extracted-${{ matrix.target }} vuls-data-extracted-${{ matrix.target }}.tar.zst:application/vnd.vulsio.vuls-data-db.dotgit.layer.v1.tar+zstd

	extract-redhat-ovalv2-rhel:
	name: Extract vuls-data-extracted-redhat-ovalv2-rhel
	runs-on: ubuntu-latest
	steps:
	- name: Maximize build space
	uses: easimon/maximize-build-space@v10
	with:
	root-reserve-mb: 32768
	remove-dotnet: "true"
	remove-android: "true"
	remove-haskell: "true"
	remove-codeql: "true"
	remove-docker-images: "true"

	- name: Install Oras
	run: \|
	# https://oras.land/docs/installation/#linux
	VERSION="1.2.2"
	curl -LO "https://github.com/oras-project/oras/releases/download/v${VERSION}/oras_${VERSION}_linux_amd64.tar.gz"
	mkdir -p oras-install/
	tar -zxf oras_${VERSION}_*.tar.gz -C oras-install/
	sudo mv oras-install/oras /usr/local/bin/
	rm -rf oras_${VERSION}_*.tar.gz oras-install/

	- name: Check out code into the Go module directory
	uses: actions/checkout@v4
	with:
	repository: MaineK00n/vuls-data-update
	ref: nightly

	- name: Set up Go 1.x
	uses: actions/setup-go@v5
	with:
	go-version-file: "go.mod"

	- name: go install
	run: go install ./cmd/vuls-data-update

	- name: Check out vulsio/vuls-data-raw-redhat-ovalv2 repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-raw-redhat-ovalv2
	tar -xf vuls-data-raw-redhat-ovalv2.tar.zst
	rm vuls-data-raw-redhat-ovalv2.tar.zst
	git -C vuls-data-raw-redhat-ovalv2 restore .

	- name: Remove unnecessary streams
	run: \|
	rm -rf vuls-data-raw-redhat-ovalv2/5
	find vuls-data-raw-redhat-ovalv2/6 -mindepth 1 -maxdepth 1 ! -name 'rhel-6-including-unpatched' ! -name 'rhel-6-extras-including-unpatched' ! -name 'rhel-6-supplementary' ! -name 'rhel-6-els' \| xargs rm -rf
	find vuls-data-raw-redhat-ovalv2/7 -mindepth 1 -maxdepth 1 ! -name 'rhel-7-including-unpatched' ! -name 'rhel-7-extras-including-unpatched' ! -name 'rhel-7-supplementary' \| xargs rm -rf
	find vuls-data-raw-redhat-ovalv2/8 -mindepth 1 -maxdepth 1 ! -name 'rhel-8-including-unpatched' \| xargs rm -rf
	find vuls-data-raw-redhat-ovalv2/9 -mindepth 1 -maxdepth 1 ! -name 'rhel-9-including-unpatched' \| xargs rm -rf

	- name: Check out vulsio/vuls-data-raw-redhat-repository-to-cpe repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-raw-redhat-repository-to-cpe
	tar -xf vuls-data-raw-redhat-repository-to-cpe.tar.zst
	rm vuls-data-raw-redhat-repository-to-cpe.tar.zst
	git -C vuls-data-raw-redhat-repository-to-cpe restore .

	- name: Replace empty repository-to-cpe data
	run: \|
	echo "{}" > vuls-data-raw-redhat-repository-to-cpe/repository-to-cpe.json

	- name: Check out vulsio/vuls-data-extracted-redhat-ovalv2-rhel repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-extracted-redhat-ovalv2-rhel
	tar -xf vuls-data-extracted-redhat-ovalv2-rhel.tar.zst
	rm vuls-data-extracted-redhat-ovalv2-rhel.tar.zst
	git -C vuls-data-extracted-redhat-ovalv2-rhel switch nightly

	- name: Extract
	run: vuls-data-update extract redhat-ovalv2 --dir vuls-data-extracted-redhat-ovalv2-rhel vuls-data-raw-redhat-ovalv2 vuls-data-raw-redhat-repository-to-cpe

	- name: Set Git config
	run: \|
	git -C vuls-data-extracted-redhat-ovalv2-rhel config user.email "[email protected]"
	git -C vuls-data-extracted-redhat-ovalv2-rhel config user.name "GitHub Action"

	- name: Commit
	run: \|
	if [[ -n $(git -C vuls-data-extracted-redhat-ovalv2-rhel status --porcelain) ]]; then
	git -C vuls-data-extracted-redhat-ovalv2-rhel add .
	git -C vuls-data-extracted-redhat-ovalv2-rhel commit -m "update"
	fi

	- name: Create dotgit tarball
	run: \|
	mv vuls-data-extracted-redhat-ovalv2-rhel vuls-data-extracted-redhat-ovalv2-rhel.tmp
	mkdir vuls-data-extracted-redhat-ovalv2-rhel
	mv vuls-data-extracted-redhat-ovalv2-rhel.tmp/.git vuls-data-extracted-redhat-ovalv2-rhel
	tar --remove-files -acf vuls-data-extracted-redhat-ovalv2-rhel.tar.zst vuls-data-extracted-redhat-ovalv2-rhel

	- name: Login to GitHub Packages Container registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Upload vuls-data-extracted-redhat-ovalv2-rhel dotgit tarball to GHCR
	run: \|
	oras push ghcr.io/vulsio/vuls-data-db:vuls-data-extracted-redhat-ovalv2-rhel vuls-data-extracted-redhat-ovalv2-rhel.tar.zst:application/vnd.vulsio.vuls-data-db.dotgit.layer.v1.tar+zstd

	extract-redhat-csaf-or-vex-rhel:
	name: Extract vuls-data-extracted-${{ matrix.target }}-rhel
	runs-on: ubuntu-latest
	if: ${{ success() \|\| failure() }}
	needs: [extract-redhat]
	strategy:
	fail-fast: false
	matrix:
	target:
	- "redhat-csaf"
	- "redhat-vex"
	steps:
	- name: Maximize build space
	uses: easimon/maximize-build-space@v10
	with:
	root-reserve-mb: 32768
	remove-dotnet: "true"
	remove-android: "true"
	remove-haskell: "true"
	remove-codeql: "true"
	remove-docker-images: "true"

	- name: Install Oras
	run: \|
	# https://oras.land/docs/installation/#linux
	VERSION="1.2.2"
	curl -LO "https://github.com/oras-project/oras/releases/download/v${VERSION}/oras_${VERSION}_linux_amd64.tar.gz"
	mkdir -p oras-install/
	tar -zxf oras_${VERSION}_*.tar.gz -C oras-install/
	sudo mv oras-install/oras /usr/local/bin/
	rm -rf oras_${VERSION}_*.tar.gz oras-install/

	- name: Check out code into the Go module directory
	uses: actions/checkout@v4
	with:
	repository: vulsio/filter-vuls-data-extracted-redhat
	ref: nightly

	- name: Set up Go 1.x
	uses: actions/setup-go@v5
	with:
	go-version-file: "go.mod"

	- name: Check out vulsio/vuls-data-extracted-${{ matrix.target }} repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-extracted-${{ matrix.target }}
	tar -xf vuls-data-extracted-${{ matrix.target }}.tar.zst
	rm vuls-data-extracted-${{ matrix.target }}.tar.zst
	git -C vuls-data-extracted-${{ matrix.target }} switch nightly
	git -C vuls-data-extracted-${{ matrix.target }} restore .

	- name: Check out vulsio/vuls-data-extracted-${{ matrix.target }}-rhel repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-extracted-${{ matrix.target }}-rhel
	tar -xf vuls-data-extracted-${{ matrix.target }}-rhel.tar.zst
	rm vuls-data-extracted-${{ matrix.target }}-rhel.tar.zst
	git -C vuls-data-extracted-${{ matrix.target }}-rhel switch nightly

	- name: Filter
	run: go run main.go vuls-data-extracted-${{ matrix.target }} affected_repository_list.json vuls-data-extracted-${{ matrix.target }}-rhel

	- name: Set Git config
	run: \|
	git -C vuls-data-extracted-${{ matrix.target }}-rhel config user.email "[email protected]"
	git -C vuls-data-extracted-${{ matrix.target }}-rhel config user.name "GitHub Action"

	- name: Commit
	run: \|
	if [[ -n $(git -C vuls-data-extracted-${{ matrix.target }}-rhel status --porcelain) ]]; then
	git -C vuls-data-extracted-${{ matrix.target }}-rhel add .
	git -C vuls-data-extracted-${{ matrix.target }}-rhel commit -m "update"
	fi

	- name: Create dotgit tarball
	run: \|
	mv vuls-data-extracted-${{ matrix.target }}-rhel vuls-data-extracted-${{ matrix.target }}-rhel.tmp
	mkdir vuls-data-extracted-${{ matrix.target }}-rhel
	mv vuls-data-extracted-${{ matrix.target }}-rhel.tmp/.git vuls-data-extracted-${{ matrix.target }}-rhel
	tar --remove-files -acf vuls-data-extracted-${{ matrix.target }}-rhel.tar.zst vuls-data-extracted-${{ matrix.target }}-rhel

	- name: Login to GitHub Packages Container registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Upload vuls-data-extracted-${{ matrix.target }}-rhel dotgit tarball to GHCR
	run: \|
	oras push ghcr.io/vulsio/vuls-data-db:vuls-data-extracted-${{ matrix.target }}-rhel vuls-data-extracted-${{ matrix.target }}-rhel.tar.zst:application/vnd.vulsio.vuls-data-db.dotgit.layer.v1.tar+zstd

	extract-nvd-api-cve:
	name: Extract vuls-data-extracted-nvd-api-cve
	runs-on: ubuntu-latest
	steps:
	- name: Maximize build space
	uses: easimon/maximize-build-space@v10
	with:
	root-reserve-mb: 32768
	remove-dotnet: "true"
	remove-android: "true"
	remove-haskell: "true"
	remove-codeql: "true"
	remove-docker-images: "true"

	- name: Install Oras
	run: \|
	# https://oras.land/docs/installation/#linux
	VERSION="1.2.2"
	curl -LO "https://github.com/oras-project/oras/releases/download/v${VERSION}/oras_${VERSION}_linux_amd64.tar.gz"
	mkdir -p oras-install/
	tar -zxf oras_${VERSION}_*.tar.gz -C oras-install/
	sudo mv oras-install/oras /usr/local/bin/
	rm -rf oras_${VERSION}_*.tar.gz oras-install/

	- name: Check out code into the Go module directory
	uses: actions/checkout@v4
	with:
	repository: MaineK00n/vuls-data-update
	ref: nightly

	- name: Set up Go 1.x
	uses: actions/setup-go@v5
	with:
	go-version-file: "go.mod"

	- name: go install
	run: go install ./cmd/vuls-data-update

	- name: Check out vulsio/vuls-data-raw-nvd-api-cve repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-raw-nvd-api-cve
	tar -xf vuls-data-raw-nvd-api-cve.tar.zst
	rm vuls-data-raw-nvd-api-cve.tar.zst
	git -C vuls-data-raw-nvd-api-cve restore .

	- name: Check out vulsio/vuls-data-raw-nvd-api-cpematch repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-raw-nvd-api-cpematch
	tar -xf vuls-data-raw-nvd-api-cpematch.tar.zst
	rm vuls-data-raw-nvd-api-cpematch.tar.zst
	git -C vuls-data-raw-nvd-api-cpematch restore .

	- name: Check out vulsio/vuls-data-extracted-nvd-api-cve repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-extracted-nvd-api-cve
	tar -xf vuls-data-extracted-nvd-api-cve.tar.zst
	rm vuls-data-extracted-nvd-api-cve.tar.zst
	git -C vuls-data-extracted-nvd-api-cve switch nightly

	- name: Extract
	run: vuls-data-update extract nvd-api-cve --dir vuls-data-extracted-nvd-api-cve vuls-data-raw-nvd-api-cve vuls-data-raw-nvd-api-cpematch

	- name: Set Git config
	run: \|
	git -C vuls-data-extracted-nvd-api-cve config user.email "[email protected]"
	git -C vuls-data-extracted-nvd-api-cve config user.name "GitHub Action"

	- name: Commit
	run: \|
	if [[ -n $(git -C vuls-data-extracted-nvd-api-cve status --porcelain) ]]; then
	git -C vuls-data-extracted-nvd-api-cve add .
	git -C vuls-data-extracted-nvd-api-cve commit -m "update"
	fi

	- name: Create dotgit tarball
	run: \|
	mv vuls-data-extracted-nvd-api-cve vuls-data-extracted-nvd-api-cve.tmp
	mkdir vuls-data-extracted-nvd-api-cve
	mv vuls-data-extracted-nvd-api-cve.tmp/.git vuls-data-extracted-nvd-api-cve
	tar --remove-files -acf vuls-data-extracted-nvd-api-cve.tar.zst vuls-data-extracted-nvd-api-cve

	- name: Login to GitHub Packages Container registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Upload vuls-data-extracted-nvd-api-cve dotgit tarball to GHCR
	run: \|
	oras push ghcr.io/vulsio/vuls-data-db:vuls-data-extracted-nvd-api-cve vuls-data-extracted-nvd-api-cve.tar.zst:application/vnd.vulsio.vuls-data-db.dotgit.layer.v1.tar+zstd

	extract-eol:
	name: Extract vuls-data-extracted-eol
	runs-on: ubuntu-latest
	steps:
	- name: Maximize build space
	uses: easimon/maximize-build-space@v10
	with:
	root-reserve-mb: 32768
	remove-dotnet: "true"
	remove-android: "true"
	remove-haskell: "true"
	remove-codeql: "true"
	remove-docker-images: "true"

	- name: Install Oras
	run: \|
	# https://oras.land/docs/installation/#linux
	VERSION="1.2.2"
	curl -LO "https://github.com/oras-project/oras/releases/download/v${VERSION}/oras_${VERSION}_linux_amd64.tar.gz"
	mkdir -p oras-install/
	tar -zxf oras_${VERSION}_*.tar.gz -C oras-install/
	sudo mv oras-install/oras /usr/local/bin/
	rm -rf oras_${VERSION}_*.tar.gz oras-install/

	- name: Check out code into the Go module directory
	uses: actions/checkout@v4
	with:
	repository: MaineK00n/vuls-data-update
	ref: nightly

	- name: Set up Go 1.x
	uses: actions/setup-go@v5
	with:
	go-version-file: "go.mod"

	- name: go install
	run: go install ./cmd/vuls-data-update

	- name: Check out vulsio/vuls-data-extracted-eol repository
	run: \|
	oras pull ghcr.io/${{ github.repository }}:vuls-data-extracted-eol
	tar -xf vuls-data-extracted-eol.tar.zst
	rm vuls-data-extracted-eol.tar.zst
	git -C vuls-data-extracted-eol switch nightly

	- name: Extract
	run: vuls-data-update extract eol --dir vuls-data-extracted-eol

	- name: Set Git config
	run: \|
	git -C vuls-data-extracted-eol config user.email "[email protected]"
	git -C vuls-data-extracted-eol config user.name "GitHub Action"

	- name: Commit
	run: \|
	if [[ -n $(git -C vuls-data-extracted-eol status --porcelain) ]]; then
	git -C vuls-data-extracted-eol add .
	git -C vuls-data-extracted-eol commit -m "update"
	fi

	- name: Create dotgit tarball
	run: \|
	mv vuls-data-extracted-eol vuls-data-extracted-eol.tmp
	mkdir vuls-data-extracted-eol
	mv vuls-data-extracted-eol.tmp/.git vuls-data-extracted-eol
	tar --remove-files -acf vuls-data-extracted-eol.tar.zst vuls-data-extracted-eol

	- name: Login to GitHub Packages Container registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Upload vuls-data-extracted-eol dotgit tarball to GHCR
	run: \|
	oras push ghcr.io/vulsio/vuls-data-db:vuls-data-extracted-eol vuls-data-extracted-eol.tar.zst:application/vnd.vulsio.vuls-data-db.dotgit.layer.v1.tar+zstd

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Extract(Nightly) #36

Workflow file

Extract(Nightly) #36

Jobs

Run details

Workflow file for this run