GitHub-Monitor #2851
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: GitHub-Monitor | |
| # 国际标准时间2点(北京时间10点) | |
| on: | |
| schedule: | |
| - cron: '*/15 * * * *' | |
| workflow_dispatch: # 支持手动触发 | |
| inputs: | |
| night_sleep_switch: | |
| description: '是否开启夜间休眠(北京时间0-7点跳过推送)' | |
| required: true | |
| default: 'OFF' | |
| type: choice | |
| options: | |
| - ON | |
| - OFF | |
| daily_report_switch: | |
| description: '是否生成日报' | |
| required: true | |
| default: 'ON' | |
| type: choice | |
| options: | |
| - ON | |
| - OFF | |
| push_switch: | |
| description: '是否进行推送' | |
| required: true | |
| default: 'ON' | |
| type: choice | |
| options: | |
| - ON | |
| - OFF | |
| push: | |
| branches: [ main ] # 代码推送时触发 | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.x' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r ./requirements.txt | |
| - name: Run monitor script | |
| env: | |
| keywords: 'CVE-2025 SQL注入 RCE CNVD 未授权 命令执行 安全工具 ATT&CK poc exp 安卓安全 信息安全 python安全 java安全 web安全 云安全 区块链安全 工控安全 应急响应 安全检测 后渗透 Linux安全 远控免杀 资产测绘 渗透测试 漏洞扫描 内网渗透 代码审计 XSS漏洞 漏洞挖掘 Kubernetes攻防 指纹识别 红队工具 蜜罐 钓鱼 威胁情报 CMS漏洞 信息泄漏 信息收集 安全研究 逆向分析' | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| DINGDING_SECRETKEY: ${{ secrets.DINGDING_SECRETKEY }} | |
| DINGDING_WEBHOOK: ${{ secrets.DINGDING_WEBHOOK }} | |
| # Discard推送环境变量支持 | |
| DISCARD_WEBHOOK: ${{ secrets.DISCARD_WEBHOOK }} | |
| DISCARD_SWITCH: ${{ github.event.inputs.push_switch || secrets.DISCARD_SWITCH || 'ON' }} | |
| DISCARD_SEND_DAILY_REPORT: ${{ secrets.DISCARD_SEND_DAILY_REPORT || 'ON' }} | |
| DISCARD_SEND_NORMAL_MSG: ${{ secrets.DISCARD_SEND_NORMAL_MSG || 'OFF' }} | |
| # Feishu推送环境变量支持 | |
| FEISHU_WEBHOOK: ${{ secrets.FEISHU_WEBHOOK }} | |
| # TGBot推送环境变量支持 | |
| TG_BOT_TOKEN: ${{ secrets.TG_BOT_TOKEN }} | |
| TG_GROUP_ID: ${{ secrets.TG_GROUP_ID }} | |
| # 百度翻译环境变量支持 | |
| BAIDU_APP_ID: ${{ secrets.BAIDU_APP_ID }} | |
| BAIDU_SECRET_KEY: ${{ secrets.BAIDU_SECRET_KEY }} | |
| # Workflow Dispatch 输入转换为环境变量 | |
| NIGHT_SLEEP_SWITCH: ${{ github.event.inputs.night_sleep_switch || secrets.NIGHT_SLEEP_SWITCH || 'ON' }} | |
| DAILY_REPORT_SWITCH: ${{ github.event.inputs.daily_report_switch || secrets.DAILY_REPORT_SWITCH || 'ON' }} | |
| PUSH_SWITCH: ${{ github.event.inputs.push_switch || secrets.PUSH_SWITCH || 'ON' }} | |
| run: python ./github_cve_monitor.py | |
| - name: Commit | |
| run: | | |
| git diff | |
| git config --global user.email "actions@github.com" | |
| git config --global user.name "GitHub Actions" | |
| git add archive | |
| git add index.html | |
| git commit -m "每日安全漏洞更新(`date +'%Y-%m-%d'`)" || echo "没有需要提交的更改" | |
| - name: Push changes | |
| uses: ad-m/github-push-action@master | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| del_runs: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Delete workflow runs | |
| uses: Mattraks/delete-workflow-runs@v2 | |
| with: | |
| token: ${{ github.token }} | |
| repository: ${{ github.repository }} | |
| retain_days: 7 | |
| keep_minimum_runs: 7 |