Skip to content

Commit 09704a1

Browse files
Merge branch 'master' into axis2
2 parents c1b570a + 73b66d0 commit 09704a1

1,053 files changed

Lines changed: 52872 additions & 46080 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
---
2+
name: Patch reward program
3+
about: Submit a suggestion for the patch reward program
4+
title: 'PRP: {Software name} {Vuln identifier} {Vuln type}'
5+
labels: PRP:Request
6+
assignees: ''
7+
8+
---
9+
10+
- **Identifier of the vulnerability**: {e.g. `None`, `CVE-1234-12345`,
11+
`GHSA-xxx`, ...}
12+
- **Affected software**: {Name of the software}
13+
- **Type of vulnerability**: {Fingerprint/RCE/SSRF/CSRF/XXE/...}
14+
- **Requires authentication**: {Yes/No}
15+
- **Language you would use for writing the plugin**: {Templated plugins, Java,
16+
Python} {If not templated plugins, please provide a justification on why you
17+
think it requires Java or Python}
18+
- **Resources**:
19+
* {Any links}
20+
* {That can be useful to understand the vulnerability}
Lines changed: 25 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1,33 +1,35 @@
11
name: community-plugins-build
22

33
on:
4-
push:
5-
paths:
6-
- 'community/**'
74
pull_request:
85
paths:
96
- 'community/**'
7+
workflow_dispatch:
8+
9+
env:
10+
REGISTRY: ghcr.io
11+
IMAGE_NAME: google/tsunami-plugins-community
12+
PLUGINS_CATEGORY: community
13+
PLUGINS_FOLDER: community
1014

1115
jobs:
12-
build:
13-
strategy:
14-
matrix:
15-
os: [ ubuntu-latest, macos-latest ]
16-
java: [ 11 ]
17-
runs-on: ${{ matrix.os }}
18-
name: 'Build Community plugins on ${{ matrix.os }} using Java ${{ matrix.java }}'
16+
build-image:
17+
runs-on: ubuntu-latest
18+
19+
permissions:
20+
contents: read
21+
1922
steps:
20-
- name: 'Check out repository'
21-
uses: actions/checkout@v2
22-
- name: 'Set up JDK ${{ matrix.java }}'
23-
uses: actions/setup-java@v1
24-
with:
25-
java-version: ${{ matrix.java }}
26-
- name: 'Cache Gradle resources'
27-
uses: actions/cache@v2
23+
- name: Checkout repository
24+
uses: actions/checkout@v4
25+
26+
- name: Build Docker image
27+
id: build
28+
uses: docker/build-push-action@v6
2829
with:
29-
path: ~/.gradle/caches
30-
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
31-
restore-keys: ${{ runner.os }}-gradle
32-
- name: 'Build Community plugins'
33-
run: ./community/build_all.sh
30+
context: .
31+
push: false
32+
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
33+
labels: ${{ steps.meta.outputs.labels }}
34+
build-args: |
35+
"TSUNAMI_PLUGIN_FOLDER=${{ env.PLUGINS_FOLDER }}"
Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
name: community-plugins-push
2+
3+
on:
4+
push:
5+
branches:
6+
- master
7+
paths:
8+
- 'community/**'
9+
workflow_dispatch:
10+
11+
env:
12+
REGISTRY: ghcr.io
13+
IMAGE_NAME: google/tsunami-plugins-community
14+
PLUGINS_CATEGORY: community
15+
PLUGINS_FOLDER: community
16+
17+
jobs:
18+
build-and-push-image:
19+
runs-on: ubuntu-latest
20+
21+
permissions:
22+
contents: read
23+
packages: write
24+
attestations: write
25+
id-token: write
26+
27+
steps:
28+
- name: Checkout repository
29+
uses: actions/checkout@v4
30+
31+
- name: Log in to the Container registry
32+
uses: docker/login-action@v3
33+
with:
34+
registry: ${{ env.REGISTRY }}
35+
username: ${{ github.actor }}
36+
password: ${{ secrets.GITHUB_TOKEN }}
37+
38+
- name: Extract metadata for Docker
39+
id: meta
40+
uses: docker/metadata-action@v5
41+
with:
42+
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
43+
44+
- name: Build and push Docker image
45+
id: push
46+
uses: docker/build-push-action@v6
47+
with:
48+
context: .
49+
push: true
50+
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
51+
labels: ${{ steps.meta.outputs.labels }}
52+
build-args: |
53+
"TSUNAMI_PLUGIN_FOLDER=${{ env.PLUGINS_FOLDER }}"
54+
55+
- name: Generate artifact attestation
56+
uses: actions/attest-build-provenance@v2
57+
with:
58+
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
59+
subject-digest: ${{ steps.push.outputs.digest }}
60+
push-to-registry: true
Lines changed: 25 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1,33 +1,35 @@
11
name: doyensec-plugins-build
22

33
on:
4-
push:
5-
paths:
6-
- 'doyensec/**'
74
pull_request:
85
paths:
96
- 'doyensec/**'
7+
workflow_dispatch:
8+
9+
env:
10+
REGISTRY: ghcr.io
11+
IMAGE_NAME: google/tsunami-plugins-doyensec
12+
PLUGINS_CATEGORY: doyensec
13+
PLUGINS_FOLDER: doyensec
1014

1115
jobs:
12-
build:
13-
strategy:
14-
matrix:
15-
os: [ ubuntu-latest, macos-latest ]
16-
java: [ 11 ]
17-
runs-on: ${{ matrix.os }}
18-
name: 'Build doyensec plugins on ${{ matrix.os }} using Java ${{ matrix.java }}'
16+
build-image:
17+
runs-on: ubuntu-latest
18+
19+
permissions:
20+
contents: read
21+
1922
steps:
20-
- name: 'Check out repository'
21-
uses: actions/checkout@v2
22-
- name: 'Set up JDK ${{ matrix.java }}'
23-
uses: actions/setup-java@v1
24-
with:
25-
java-version: ${{ matrix.java }}
26-
- name: 'Cache Gradle resources'
27-
uses: actions/cache@v2
23+
- name: Checkout repository
24+
uses: actions/checkout@v4
25+
26+
- name: Build Docker image
27+
id: build
28+
uses: docker/build-push-action@v6
2829
with:
29-
path: ~/.gradle/caches
30-
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
31-
restore-keys: ${{ runner.os }}-gradle
32-
- name: 'Build Doyensec plugins'
33-
run: ./doyensec/build_all.sh
30+
context: .
31+
push: false
32+
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
33+
labels: ${{ steps.meta.outputs.labels }}
34+
build-args: |
35+
"TSUNAMI_PLUGIN_FOLDER=${{ env.PLUGINS_FOLDER }}"
Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
name: doyensec-plugins-push
2+
3+
on:
4+
push:
5+
branches:
6+
- master
7+
paths:
8+
- 'doyensec/**'
9+
workflow_dispatch:
10+
11+
env:
12+
REGISTRY: ghcr.io
13+
IMAGE_NAME: google/tsunami-plugins-doyensec
14+
PLUGINS_CATEGORY: doyensec
15+
PLUGINS_FOLDER: doyensec
16+
17+
jobs:
18+
build-and-push-image:
19+
runs-on: ubuntu-latest
20+
21+
permissions:
22+
contents: read
23+
packages: write
24+
attestations: write
25+
id-token: write
26+
27+
steps:
28+
- name: Checkout repository
29+
uses: actions/checkout@v4
30+
31+
- name: Log in to the Container registry
32+
uses: docker/login-action@v3
33+
with:
34+
registry: ${{ env.REGISTRY }}
35+
username: ${{ github.actor }}
36+
password: ${{ secrets.GITHUB_TOKEN }}
37+
38+
- name: Extract metadata for Docker
39+
id: meta
40+
uses: docker/metadata-action@v5
41+
with:
42+
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
43+
44+
- name: Build and push Docker image
45+
id: push
46+
uses: docker/build-push-action@v6
47+
with:
48+
context: .
49+
push: true
50+
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
51+
labels: ${{ steps.meta.outputs.labels }}
52+
build-args: |
53+
"TSUNAMI_PLUGIN_FOLDER=${{ env.PLUGINS_FOLDER }}"
54+
55+
- name: Generate artifact attestation
56+
uses: actions/attest-build-provenance@v2
57+
with:
58+
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
59+
subject-digest: ${{ steps.push.outputs.digest }}
60+
push-to-registry: true

.github/workflows/examples-build.yml

Lines changed: 0 additions & 33 deletions
This file was deleted.
Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
name: facebook-plugins-build
2+
3+
on:
4+
pull_request:
5+
paths:
6+
- 'facebook/**'
7+
workflow_dispatch:
8+
9+
env:
10+
REGISTRY: ghcr.io
11+
IMAGE_NAME: google/tsunami-plugins-facebook
12+
PLUGINS_CATEGORY: facebook
13+
PLUGINS_FOLDER: facebook
14+
15+
jobs:
16+
build-image:
17+
runs-on: ubuntu-latest
18+
19+
permissions:
20+
contents: read
21+
22+
steps:
23+
- name: Checkout repository
24+
uses: actions/checkout@v4
25+
26+
- name: Build Docker image
27+
id: build
28+
uses: docker/build-push-action@v6
29+
with:
30+
context: .
31+
push: false
32+
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
33+
labels: ${{ steps.meta.outputs.labels }}
34+
build-args: |
35+
"TSUNAMI_PLUGIN_FOLDER=${{ env.PLUGINS_FOLDER }}"
Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
name: facebook-plugins-push
2+
3+
on:
4+
push:
5+
branches:
6+
- master
7+
paths:
8+
- 'facebook/**'
9+
workflow_dispatch:
10+
11+
env:
12+
REGISTRY: ghcr.io
13+
IMAGE_NAME: google/tsunami-plugins-facebook
14+
PLUGINS_CATEGORY: facebook
15+
PLUGINS_FOLDER: facebook
16+
17+
jobs:
18+
build-and-push-image:
19+
runs-on: ubuntu-latest
20+
21+
permissions:
22+
contents: read
23+
packages: write
24+
attestations: write
25+
id-token: write
26+
27+
steps:
28+
- name: Checkout repository
29+
uses: actions/checkout@v4
30+
31+
- name: Log in to the Container registry
32+
uses: docker/login-action@v3
33+
with:
34+
registry: ${{ env.REGISTRY }}
35+
username: ${{ github.actor }}
36+
password: ${{ secrets.GITHUB_TOKEN }}
37+
38+
- name: Extract metadata for Docker
39+
id: meta
40+
uses: docker/metadata-action@v5
41+
with:
42+
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
43+
44+
- name: Build and push Docker image
45+
id: push
46+
uses: docker/build-push-action@v6
47+
with:
48+
context: .
49+
push: true
50+
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
51+
labels: ${{ steps.meta.outputs.labels }}
52+
build-args: |
53+
"TSUNAMI_PLUGIN_FOLDER=${{ env.PLUGINS_FOLDER }}"
54+
55+
- name: Generate artifact attestation
56+
uses: actions/attest-build-provenance@v2
57+
with:
58+
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
59+
subject-digest: ${{ steps.push.outputs.digest }}
60+
push-to-registry: true

0 commit comments

Comments
 (0)