Added GitHub Actions workflow for Docker image build and updated setup scripts for installation methods

DebaA17 · DebaA17 · commit df0448f7496f · 2026-03-08T22:23:54.000+05:30
diff --git a/.github/workflows/ghcr.yml b/.github/workflows/ghcr.yml
@@ -0,0 +1,60 @@
+name: Build and Publish Docker Image
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - 'v*'
+  pull_request:
+    branches:
+      - main
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=ref,event=branch
+            type=ref,event=tag
+            type=sha
+
+      - name: Build and optionally push Docker image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Dockerfile
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
diff --git a/README.md b/README.md
@@ -28,9 +28,23 @@ git clone https://github.com/DebaA17/CVE-scanner-cli.git
 cd CVE-scanner-cli
 bash setup.sh
 ```
-This will install all dependencies in a virtual environment and create a `cvecli` command in your `~/.local/bin` directory.
+The setup script offers two install methods:
+
+- Docker (recommended): pulls the prebuilt GHCR image and adds a `cvecli` alias to your default shell.
+- Local machine: creates the virtual environment, installs dependencies, and links `cvecli` into `~/.local/bin`.
+
+You can also choose the install method directly:
+
+```bash
+bash setup.sh --docker
+```
+
+```bash
+bash setup.sh --local
+```
+
+If your current terminal was already open before setup, reload it with:
 
-The setup script also adds `~/.local/bin` to your shell startup file if it is missing. If your current terminal was already open before setup, reload it with:
 ```bash
 source ~/.bashrc
 ```
@@ -42,13 +56,13 @@ source ~/.zshrc
 ```
 
 ## Uninstall
-To remove the global `cvecli` command and the PATH entry added by setup, run:
+To remove the global `cvecli` command, Docker alias, and any PATH entry added by setup, run:
 
 ```bash
 bash uninstall.sh
 ```
 
-This removes the `~/.local/bin/cvecli` launcher and cleans the PATH line from your shell startup files. It does not delete the repository folder or `myenv`.
+This removes the `~/.local/bin/cvecli` launcher, removes the Docker alias from your shell startup files, and cleans the PATH line if it was added for the local install. It does not delete the repository folder or `myenv`.
 
 ## Docker Setup
 Build and run the CLI with Docker in one line:
@@ -57,6 +71,14 @@ Build and run the CLI with Docker in one line:
 docker build -t cvecli . && docker run --rm -it cvecli
 ```
 
+Use the prebuilt image from GitHub Container Registry:
+
+```bash
+docker run --rm -it ghcr.io/debaa17/cve-scanner-cli:latest
+```
+
+The GitHub Actions workflow publishes `latest` on pushes to `main` and publishes version tags when you create releases like `v1.0.0`.
+
 Run a direct CVE lookup without entering interactive mode:
 
 ```bash
diff --git a/setup.sh b/setup.sh
@@ -2,60 +2,160 @@
 # Setup script for CVE Scanner CLI (Linux only)
 set -e
 
-# Check for python3
-if ! command -v python3 >/dev/null 2>&1; then
-    echo "Python3 is required but not found. Please install Python3."
-    exit 1
-fi
+DOCKER_IMAGE="ghcr.io/debaa17/cve-scanner-cli:latest"
+DOCKER_ALIAS="alias cvecli='docker run --rm -it ${DOCKER_IMAGE}'"
+PATH_EXPORT='export PATH="$HOME/.local/bin:$PATH"'
+INSTALL_METHOD=""
 
-# Create virtual environment if not exists
-if [ ! -d "myenv" ]; then
-    python3 -m venv myenv
-fi
-source myenv/bin/activate
+resolve_rc_file() {
+    local shell_name
 
-# Upgrade pip and install requirements
-pip install --upgrade pip
-pip install -r requirements.txt
+    shell_name="$(basename "${SHELL:-}")"
 
-# Make CLI script executable
-chmod +x cve_search_cli.py
+    case "$shell_name" in
+        bash)
+            if [ -f "$HOME/.bashrc" ]; then
+                printf '%s\n' "$HOME/.bashrc"
+            else
+                printf '%s\n' "$HOME/.profile"
+            fi
+            ;;
+        zsh)
+            printf '%s\n' "$HOME/.zshrc"
+            ;;
+        *)
+            printf '%s\n' "$HOME/.profile"
+            ;;
+    esac
+}
 
-# Optionally create a symlink in ~/.local/bin
-mkdir -p "$HOME/.local/bin"
-ln -sf "$PWD/cve_search_cli.py" "$HOME/.local/bin/cvecli"
+ensure_line_in_file() {
+    local file_path="$1"
+    local line="$2"
 
-PATH_EXPORT='export PATH="$HOME/.local/bin:$PATH"'
-SHELL_NAME="$(basename "${SHELL:-}")"
-RC_FILE=""
+    touch "$file_path"
+    if ! grep -Fqx "$line" "$file_path"; then
+        printf '\n%s\n' "$line" >> "$file_path"
+    fi
+}
+
+remove_line_from_file() {
+    local file_path="$1"
+    local line="$2"
+    local temp_file
+
+    if [ ! -f "$file_path" ]; then
+        return
+    fi
+
+    if ! grep -Fqx "$line" "$file_path"; then
+        return
+    fi
+
+    temp_file="$(mktemp)"
+    grep -Fvx "$line" "$file_path" > "$temp_file" || true
+    mv "$temp_file" "$file_path"
+}
+
+print_reload_hint() {
+    local rc_file="$1"
+
+    printf "\033[0;33mOpen a new terminal or run: source %s\033[0m\n" "$rc_file"
+}
+
+install_docker() {
+    local rc_file
+
+    if ! command -v docker >/dev/null 2>&1; then
+        printf "Docker is required for the recommended install method but was not found.\n"
+        exit 1
+    fi
+
+    rc_file="$(resolve_rc_file)"
+    docker pull "$DOCKER_IMAGE"
+    ensure_line_in_file "$rc_file" "$DOCKER_ALIAS"
+
+    printf "\033[0;32mDocker install complete. Added cvecli alias to %s\033[0m\n" "$rc_file"
+    printf "\033[0;32mExample: cvecli --id CVE-2025-55184\033[0m\n"
+    print_reload_hint "$rc_file"
+}
+
+install_local() {
+    local rc_file
+
+    if ! command -v python3 >/dev/null 2>&1; then
+        printf "Python3 is required but not found. Please install Python3.\n"
+        exit 1
+    fi
 
-case "$SHELL_NAME" in
-    bash)
-        if [ -f "$HOME/.bashrc" ]; then
-            RC_FILE="$HOME/.bashrc"
+    rc_file="$(resolve_rc_file)"
+
+    if [ ! -d "myenv" ]; then
+        python3 -m venv myenv
+    fi
+    source myenv/bin/activate
+
+    pip install --upgrade pip
+    pip install -r requirements.txt
+
+    chmod +x cve_search_cli.py
+    mkdir -p "$HOME/.local/bin"
+    ln -sf "$PWD/cve_search_cli.py" "$HOME/.local/bin/cvecli"
+
+    ensure_line_in_file "$rc_file" "$PATH_EXPORT"
+    remove_line_from_file "$rc_file" "$DOCKER_ALIAS"
+
+    printf "\033[0;32mLocal install complete. Use 'cvecli' from anywhere to run the tool.\033[0m\n"
+    printf "\033[0;32mExample: cvecli --id CVE-2025-55184\033[0m\n"
+    print_reload_hint "$rc_file"
+}
+
+choose_install_method() {
+    printf "Choose installation method:\n"
+    printf "1) Docker (recommended)\n"
+    printf "2) Local machine\n"
+    printf "Enter choice [1/2]: "
+    read -r choice
+
+    case "$choice" in
+        1|"")
+            INSTALL_METHOD="docker"
+            ;;
+        2)
+            INSTALL_METHOD="local"
+            ;;
+        *)
+            printf "Invalid choice. Use 1 for Docker or 2 for local machine.\n"
+            exit 1
+            ;;
+    esac
+}
+
+case "${1:-}" in
+    --docker)
+        INSTALL_METHOD="docker"
+        ;;
+    --local)
+        INSTALL_METHOD="local"
+        ;;
+    "")
+        if [ -t 0 ]; then
+            choose_install_method
         else
-            RC_FILE="$HOME/.profile"
+            INSTALL_METHOD="docker"
         fi
         ;;
-    zsh)
-        RC_FILE="$HOME/.zshrc"
-        ;;
     *)
-        if [ -f "$HOME/.profile" ]; then
-            RC_FILE="$HOME/.profile"
-        fi
+        printf "Usage: bash setup.sh [--docker|--local]\n"
+        exit 1
         ;;
 esac
 
-if [ -n "$RC_FILE" ]; then
-    touch "$RC_FILE"
-    if ! grep -Fqx "$PATH_EXPORT" "$RC_FILE"; then
-        printf '\n%s\n' "$PATH_EXPORT" >> "$RC_FILE"
-        printf "\033[0;32mAdded ~/.local/bin to PATH in %s\033[0m\n" "$RC_FILE"
-        printf "\033[0;33mOpen a new terminal or run: source %s\033[0m\n" "$RC_FILE"
-    fi
-fi
-
-# Print green success message
-printf "\033[0;32mSetup complete! Use 'cvecli' from anywhere to run the tool.\033[0m\n"
-printf "\033[0;32mExample: cvecli --id CVE-2025-55184\033[0m\n"
+case "$INSTALL_METHOD" in
+    docker)
+        install_docker
+        ;;
+    local)
+        install_local
+        ;;
+esac
diff --git a/uninstall.sh b/uninstall.sh
@@ -3,25 +3,26 @@ set -e
 
 CLI_LINK="$HOME/.local/bin/cvecli"
 PATH_EXPORT='export PATH="$HOME/.local/bin:$PATH"'
+DOCKER_ALIAS="alias cvecli='docker run --rm -it ghcr.io/debaa17/cve-scanner-cli:latest'"
 REMOVED_PATH_LINE=0
+REMOVED_ALIAS_LINE=0
 
-remove_path_line() {
+remove_line_from_file() {
     local rc_file="$1"
+    local line="$2"
     local temp_file
 
     if [ ! -f "$rc_file" ]; then
         return
     fi
 
-    if ! grep -Fqx "$PATH_EXPORT" "$rc_file"; then
+    if ! grep -Fqx "$line" "$rc_file"; then
         return
     fi
 
     temp_file="$(mktemp)"
-    grep -Fvx "$PATH_EXPORT" "$rc_file" > "$temp_file" || true
+    grep -Fvx "$line" "$rc_file" > "$temp_file" || true
     mv "$temp_file" "$rc_file"
-    REMOVED_PATH_LINE=1
-    printf "\033[0;32mRemoved PATH entry from %s\033[0m\n" "$rc_file"
 }
 
 if [ -L "$CLI_LINK" ] || [ -f "$CLI_LINK" ]; then
@@ -31,12 +32,22 @@ else
     printf "\033[0;33mNo cvecli launcher found at %s\033[0m\n" "$CLI_LINK"
 fi
 
-remove_path_line "$HOME/.bashrc"
-remove_path_line "$HOME/.zshrc"
-remove_path_line "$HOME/.profile"
+for rc_file in "$HOME/.bashrc" "$HOME/.zshrc" "$HOME/.profile"; do
+    if [ -f "$rc_file" ] && grep -Fqx "$PATH_EXPORT" "$rc_file"; then
+        remove_line_from_file "$rc_file" "$PATH_EXPORT"
+        REMOVED_PATH_LINE=1
+        printf "\033[0;32mRemoved PATH entry from %s\033[0m\n" "$rc_file"
+    fi
+
+    if [ -f "$rc_file" ] && grep -Fqx "$DOCKER_ALIAS" "$rc_file"; then
+        remove_line_from_file "$rc_file" "$DOCKER_ALIAS"
+        REMOVED_ALIAS_LINE=1
+        printf "\033[0;32mRemoved Docker alias from %s\033[0m\n" "$rc_file"
+    fi
+done
 
 printf "\033[0;32mUninstall complete.\033[0m\n"
 
-if [ "$REMOVED_PATH_LINE" -eq 1 ]; then
-    printf "\033[0;33mOpen a new terminal or reload your shell config to apply the PATH change.\033[0m\n"
+if [ "$REMOVED_PATH_LINE" -eq 1 ] || [ "$REMOVED_ALIAS_LINE" -eq 1 ]; then
+    printf "\033[0;33mOpen a new terminal or reload your shell config to apply the shell changes.\033[0m\n"
 fi
