@@ -3,10 +3,9 @@ name: Update Vulnerability Database
33on :
44 workflow_dispatch :
55 schedule :
6- - cron : ' 17 5 * * * ' # use a somewhat random time to avoid producing load spikes on the GH actions infrastructure
6+ - cron : ' 46 20 * * 2 ' # use a somewhat random time to avoid producing load spikes on the GH actions infrastructure
77
88env :
9- CVE_CACHE_REF : refs/heads/main
109 CVE_CACHE_KEY : cve-db
1110 CVE_CACHE_DIR : ~/.m2/repository/org/owasp/dependency-check-data
1211
1716 contents : write
1817 steps :
1918 - uses : actions/checkout@v4
20- with :
21- ref : ${{ env.CVE_CACHE_REF }}
22- - name : Restore Existing Cache
23- uses : actions/cache/restore@v4
24- with :
25- path : ${{ env.CVE_CACHE_DIR }}
26- key : ${{ env.CVE_CACHE_KEY }}
27-
28- - name : Run Maven Plugin
29- run : |
30- mvn org.owasp:dependency-check-maven:10.0.4:update-only -DnvdMaxRetryCount=10 -DnvdApiDelay=15000 -DconnectionTimeout=60000
31- env :
32- NVD_API_KEY : ${{ secrets.NVD_API_KEY }}
33-
34- - name : Delete Cache
35- run : |
36- CACHE_IDS=$(gh cache list --key "${{ env.CVE_CACHE_KEY }}" --ref "${{ env.CVE_CACHE_REF }}" --json id | jq -r '.[] | .id')
37- for CACHE_ID in $CACHE_IDS; do
38- echo "Deleting cache with ID: $CACHE_ID"
39- gh cache delete "${CACHE_ID}"
40- done
41- env :
42- GH_TOKEN : ${{ secrets.CLOUD_SDK_AT_SAP_ALL_ACCESS_PAT }}
43-
44- - name : Cache CVE Database
45- uses : actions/cache/save@v4
46- with :
47- path : ${{ env.CVE_CACHE_DIR }}
48- key : ${{ env.CVE_CACHE_KEY }}
19+ - name : Dummy
20+ run : echo "Not implemented yet"
0 commit comments