-
Notifications
You must be signed in to change notification settings - Fork 0
94 lines (80 loc) · 4.31 KB
/
mongodumper.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
name: MongoDB Dumper
on:
schedule:
- cron: "0 0 * * 0"
workflow_dispatch:
repository_dispatch:
concurrency:
group: run-dev
cancel-in-progress: true
jobs:
import_export:
name: Initial Import Export
runs-on: ubuntu-latest
steps:
- name: Git checkout GHSAdumper
uses: actions/checkout@v3
- name: Install mongo tools command
run: |
echo "RELEASE_VERSION=$(date +"%Y%m%d")" >> "$GITHUB_ENV"
sudo apt-get update
sudo apt-get install -y wget gnupg docker-compose
wget -qO - https://pgp.mongodb.com/server-7.0.asc | sudo gpg -o /usr/share/keyrings/mongodb-server-7.0.gpg --dearmor
echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/7.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-7.0.list
sudo apt-get update
sudo apt-get install -y mongodb-org
- name: Download the advisories zip file
run: |
wget -q https://github.com/github/advisory-database/archive/refs/heads/main.zip
unzip -q main.zip
rm main.zip
- name: start docker services
run: |
sleep 15
docker ps
docker-compose -f maxscale-compose.yml up -d
sudo mkdir -p /data/db
sudo mongod --fork --syslog
sleep 5
- name: Import the advisories to mongodb
run: find advisory-database-main/advisories -type f -name "*.json" -exec mongoimport --quiet -d GHSA -c advisories {} \;
- name: dump the GHSA.advisories
run: mongodump --db=GHSA --collection=advisories
- name: Export the reviewed GHSA.advisories
run: mongoexport --collection=advisories --db=GHSA --query='{"database_specific.github_reviewed":true}' --out=GHSA-reviewed-$(date +"%Y%m%d").json
- name: Export the reviewed GHSA.advisories as Array
run: mongoexport --jsonArray --collection=advisories --query='{"database_specific.github_reviewed":true}' --db=GHSA --out=GHSA-reviewed-ARR-$(date +"%Y%m%d").json
- name: Export the full GHSA.advisories
run: mongoexport --collection=advisories --db=GHSA --out=GHSA-full-$(date +"%Y%m%d").json
- name: Export the full GHSA.advisories as Array
run: mongoexport --jsonArray --collection=advisories --db=GHSA --out=GHSA-full-ARR-$(date +"%Y%m%d").json
# - name: Import full GHSA.advisories into maxscale
# run: mongoimport --quiet --host localhost:17017 -d test -c advisories GHSA-full-$(date +"%Y%m%d").json
# - name: Dump the database
# run: |
# MYSQL_HOST=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' ghsadumper_master_1)
# mysqldump -unosql -pnosql -h ${MYSQL_HOST} GHSA > GHSA-full-$(date +"%Y%m%d").sql
# mysql -unosql -pnosql -h ${MYSQL_HOST} GHSA < modify-advisories.sql
# mysqldump -unosql -pnosql -h ${MYSQL_HOST} GHSA > GHSA-full-columns-$(date +"%Y%m%d").sql
# mysqldump -unosql -pnosql -h ${MYSQL_HOST} test > GHSA-reviewed-$(date +"%Y%m%d").sql
# mysql -unosql -pnosql -h ${MYSQL_HOST} test < modify-advisories.sql
# mysqldump -unosql -pnosql -h ${MYSQL_HOST} test > GHSA-reviewed-columns-$(date +"%Y%m%d").sql
- name: zip files
run: |
zip -r -9 GHSA-reviewed-mongodump-$(date +"%Y%m%d").zip dump
zip -9 GHSA-reviewed-$(date +"%Y%m%d")-mongoexport.zip GHSA-reviewed-$(date +"%Y%m%d").json
zip -9 GHSA-reviewed-ARR-$(date +"%Y%m%d")-mongoexport.zip GHSA-reviewed-ARR-$(date +"%Y%m%d").json
zip -9 GHSA-full-$(date +"%Y%m%d")-mongoexport.zip GHSA-full-$(date +"%Y%m%d").json
zip -9 GHSA-full-ARR-$(date +"%Y%m%d")-mongoexport.zip GHSA-full-ARR-$(date +"%Y%m%d").json
# zip -9 GHSA-reviewed-$(date +"%Y%m%d")-mysqldump.zip GHSA-reviewed-$(date +"%Y%m%d").sql
# zip -9 GHSA-reviewed-columns-$(date +"%Y%m%d")-mysqldump.zip GHSA-reviewed-columns-$(date +"%Y%m%d").sql
- name: Release Latest MongoDump
uses: softprops/action-gh-release@v1
with:
generate_release_notes: false
name: GHSAdumper-${{ env.RELEASE_VERSION }}
files: |
*.zip
GHSA-full*.json
GHSA-reviewed*.json
tag_name: GHSAdump-${{ env.RELEASE_VERSION }}