Check BurpSuite latest version if a new one is out trigger update CI job #155
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check BurpSuite latest version if a new one is out trigger update CI job | |
| on: | |
| schedule: | |
| - cron: "0 23 * * *" # Every day at 23h00 UTC run check | |
| jobs: | |
| Check-BurpSuite-NewVersion: | |
| runs-on: ubuntu-latest | |
| environment: CI_PROD | |
| steps: | |
| - name: Force install openssh ssh-agent | |
| run: | | |
| sudo apt upgrade | |
| sudo apt install openssh-server -y | |
| - name: Checkout codebase | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| # TODO: Build automatically inside an ArchLinux Chroot | |
| # Use ssh-agent for private key | |
| - uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| - name: Git configuration | |
| run: | | |
| git config --global init.defaultBranch master | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "Automatic GitHub CI" | |
| - name: Git clone from AUR | |
| run: GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=accept-new" git clone ssh://[email protected]/burpsuite.git | |
| # INSERT step to setup git config from ENV variable containing secrets???? | |
| # TODO: Find if that's a good solution ^ or to avoid in terms of security | |
| # Read a lot of documentation and blogs... | |
| # TODO: Forced to use chroot because we are the root user in the container | |
| - name: Build latest update from upstream | |
| run: | | |
| pkgver_new=$(curl https://portswigger.net/burp/releases | grep community | sed -nE "s/.*professional-community-(.*)\" class=\".*/\1/p" | head -n 1 | tr -d '\n' | tr '-' '.') echo $pkgver_new > tmp-latest-version | |
| (diff aur-burpsuite/latest_version tmp-latest-version 2>/dev/null || exit 0) && exit 1 | |
| # if not the same trigger update CI (on-success) else on-failure do nothing |