DB #41
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: DB | |
on: | |
schedule: | |
- cron: "0 */6 * * *" | |
workflow_dispatch: | |
jobs: | |
build: | |
name: build vuls.db | |
runs-on: ubuntu-latest | |
steps: | |
- name: Maximize build space | |
uses: easimon/maximize-build-space@v10 | |
with: | |
root-reserve-mb: 32768 | |
remove-dotnet: "true" | |
remove-android: "true" | |
remove-haskell: "true" | |
remove-codeql: "true" | |
remove-docker-images: "true" | |
- name: Check out code into the Go module directory | |
uses: actions/checkout@v4 | |
- name: Set up Go 1.x | |
uses: actions/setup-go@v5 | |
with: | |
go-version: "stable" | |
- name: Install Dependencies | |
run: | | |
sudo apt-get update && sudo apt-get install -y jq zstd | |
go install go.etcd.io/bbolt/cmd/bbolt@latest | |
- name: vuls install | |
run: go install github.com/MaineK00n/vuls2/cmd/vuls@main | |
- name: make db-build | |
run: make db-build BRANCH=main DBPATH=./vuls.db | |
- name: save vuls.db schema_version | |
id: save_scheme_version | |
run: echo "schema_version=$(bbolt get ./vuls.db "metadata" "db" | jq .schema_version)" >> $GITHUB_OUTPUT | |
- name: compact vuls.db | |
run: | | |
bbolt compact -o ./vuls-compact.db ./vuls.db | |
mv ./vuls-compact.db ./vuls.db | |
zstd --ultra -22 -T4 --rm ./vuls.db -o ./vuls.db.zst | |
- name: Install Oras | |
run: | | |
# https://oras.land/docs/installation/#linux | |
VERSION="1.2.0" | |
curl -LO "https://github.com/oras-project/oras/releases/download/v${VERSION}/oras_${VERSION}_linux_amd64.tar.gz" | |
mkdir -p oras-install/ | |
tar -zxf oras_${VERSION}_*.tar.gz -C oras-install/ | |
sudo mv oras-install/oras /usr/local/bin/ | |
rm -rf oras_${VERSION}_*.tar.gz oras-install/ | |
- name: Login to GitHub Packages Container registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload vuls.db to GHCR | |
run: | | |
oras push ghcr.io/vulsio/vuls-nightly-db:${{ steps.save_scheme_version.outputs.schema_version }} ./vuls.db.zst:application/vnd.vulsio.vuls.db.layer.v1+zstd | |
# oras push ghcr.io/vulsio/vuls-nightly-db:latest ./vuls.db.zst:application/vnd.vulsio.vuls.db.layer.v1+zstd |