Skip to content

Make it work with multi line variable #8

Make it work with multi line variable

Make it work with multi line variable #8

name: Check binaries
# on:
# pull_request:
# branches:
# - develop
on:
workflow_dispatch:
inputs:
text:
description: 'Dummy text'
default: 'No text'
push:
branches:
- test-check
# schedule:
# - cron: "* * * * *"s
jobs:
check-binary:
runs-on: ubuntu-latest
outputs:
report_contents: ${{ steps.save-output.outputs.report_contents }}
steps:
- uses: actions/setup-python@v5
with:
python-version: '3.11'
- uses: actions/checkout@v4
- uses: robinraju/[email protected]
with:
latest: true
fileName: 'aws-lambda-rie*'
out-file-path: "bin"
- name: Run check for vulnerabilities
id: check-binaries
run: |
make check-binaries
- if: always() && failure() # Failure means there are vulnerabilities
id: save-output
name: Save output contents
run: |
report_csv="$(ls -tr output.cve-bin-*.csv 2>/dev/null | tail -n1)" # last file generated
echo "Vulnerabilities stored in $report_csv"
report="${report_csv}.txt"
awk -F',' '{n=split($10, path, "/"); print $2,$3,$4,$5,path[n]}' "$report_csv" | column -t > "$report" # make the CSV nicer
echo "report_contents<<EOF" >> "$GITHUB_OUTPUT"
cat "$report" >> "$GITHUB_OUTPUT"
echo "EOF" >> "$GITHUB_OUTPUT"
create-issue:
runs-on: ubuntu-latest
needs: check-binary
if: always() && needs.check-binary.outputs.report_contents != ''
steps:
- name: Build new version and check
id: check-new-version
run: |
make compile-with-docker-all
latest_version=$(strings bin/aws-lambda-rie* | grep '^go1\.' | uniq)
echo "latest_version=$latest_version"
make check_binaries
exit_code=$?
if [ "$exit_code" != "0" ]; then
fixed="No"
else
fixed="Yes"
fi
echo "fixed=$fixed" >> "$GITHUB_OUTPUT"
echo "Fixed=$fixed"
echo "${{ steps.check-new-version.outputs.latest_version }}"
echo "${{ needs.check-binary-outputs.report_contents }}"
# - name: Create Issue
# id: create-issue
# uses: dacbd/create-issue-action@main
# with:
# token: ${{ github.token }}
# title: |
# CVEs found in latest RIE release
# body: |
# ## CVEs found in latest RIE release:
# > **${{ needs.check-binary.outputs.report_contents }}**
# #### Is this fixed by just updating to the latest Go version (${{steps.check-new-version.outputs.latest_version}})?):
# **${{ steps.check-new-version.outputs.fixed }}**