Update Burpsuite to the latest early adopter version by scrapping Portswagger release website #175
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update Burpsuite to the latest early adopter version by scrapping Portswagger release website | |
| on: | |
| workflow_run: | |
| workflows: [Check BurpSuite latest version if a new one is out trigger update CI job] | |
| types: | |
| - completed | |
| jobs: | |
| on-success: | |
| runs-on: ubuntu-latest | |
| environment: CI_PROD | |
| container: | |
| image: archlinux:latest | |
| steps: | |
| - name: Pacman key init, update latest, install required dependencies for PKBUILD/ssh-agent | |
| run: pacman-key --init && pacman -Syu --noconfirm git openssh base-devel pacman-contrib | |
| - name: Checkout codebase | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| # TODO: Build automatically inside an ArchLinux Chroot | |
| # Use ssh-agent for private key | |
| - name: After update, restart gpg-server as it may be old | |
| run : gpgconf --kill all | |
| - name: Install dependencies for the pkg | |
| run: | | |
| pacman -S --noconfirm java-runtime | |
| - uses: webfactory/[email protected] | |
| with: | |
| ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} | |
| - name: Create a user for makepkg usage | |
| run: | | |
| chmod a+rwx ./update.sh | |
| chmod a+rwx -R . | |
| useradd makepkg-user | |
| - name: Git configuration | |
| run: | | |
| git config --global init.defaultBranch master | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "Automatic GitHub CI" | |
| - name: Git clone from AUR | |
| run: GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=accept-new" git clone ssh://[email protected]/burpsuite.git | |
| # INSERT step to setup git config from ENV variable containing secrets???? | |
| # TODO: Find if that's a good solution ^ or to avoid in terms of security | |
| # Read a lot of documentation and blogs... | |
| # TODO: Forced to use chroot because we are the root user in the container | |
| - name: Build latest update from upstream | |
| run: | | |
| chmod +x ./update.sh | |
| su makepkg-user -c "bash ./update.sh" | |
| cat latest_version | |
| # Move into AUR git repo | |
| #- name: Git Push | |
| # run: | | |
| # git status | |
| # git push origin master | |
| - name: Copy updated scripts to AUR repo and commit | |
| run: | | |
| echo "pkgver_new: $pkgver_new" | |
| cd burpsuite | |
| cp ../PKGBUILD ./ | |
| cp ../.SRCINFO ./ | |
| cp ../latest_version ./ | |
| # Push to AUR the update | |
| git status | |
| git checkout master | |
| git add PKGBUILD .SRCINFO | |
| git diff-index --quiet HEAD || git commit -m "Update to $(sed -Ei '1,\$s|^(pkgver=).*|\1|' PKGBUILD)" | |
| echo "Latest version from upstream seems to be" | |
| cat latest_version | |
| cp latest_version ../ | |
| cp latest_version ../../ | |
| git status | |
| git pull # never know if we got something to pull from upstream | |
| git push -u origin master | |
| cd .. | |
| cd .. | |
| git config --global --add safe.directory /__w/aur-burpsuite/aur-burpsuite | |
| #- name: Show latest_version | |
| # run: cat latest_version /__w/aur-burpsuite/latest_version /__w/aur-burpsuite/aur-burpsuite/latest_version | |
| - uses: EndBug/add-and-commit@v9 | |
| with: | |
| add: 'PKGBUILD .SRCINFO latest_version' | |
| author_name: "GITHUB CI" | |
| author_email: "[email protected]" | |
| commit: --signoff | |
| committer_name: "Samy Lahfa" | |
| committer_email: "[email protected]" | |
| cwd: '.' | |
| default_author: github_actor | |
| fetch: false | |
| pathspec_error_handling: ignore | |
| push: true |