Skip to content

Merge pull request #16 from ansible/ttakamiy/publish-to-pypi #15

Merge pull request #16 from ansible/ttakamiy/publish-to-pypi

Merge pull request #16 from ansible/ttakamiy/publish-to-pypi #15

Workflow file for this run

name: Scan Malware
on:
push:
branches:
- main
# have the ability to trigger this workflow manually
workflow_dispatch:
jobs:
scan_malware:
name: Scan Malware
runs-on: ubuntu-20.04
permissions:
contents: write
steps:
- uses: actions/checkout@v3
- name: Build wheel file
run: |
pip install build
python -m build
- name: Free space on build machine
run: |
rm -rf /opt/hostedtoolcache/Java*
rm -rf /opt/hostedtoolcache/Ruby*
rm -rf /opt/hostedtoolcache/Go*
rm -rf /opt/hostedtoolcache/node*
sudo rm -rf /usr/local/lib/android
sudo rm -rf /usr/share/dotnet
- name: Remove the pre-cached Docker images
run: docker image prune --all --force
- name: Build Image
id: build-image
uses: redhat-actions/buildah-build@v2
with:
image: content-parser
containerfiles: |
./content-parser.Containerfile
- name: Scan Malware
run: |
id=$(podman create $CLAMAV_DB_IMAGE)
podman cp $id:$CLAMAV_DB_DIR clamav-db
podman rm -v $id
podman build -f ./content-parser-clamav.Containerfile -t content-parser-clamav .
echo '```' > clamav.md
podman run -t content-parser-clamav | tee -a clamav.md
echo '```' >> clamav.md
env:
CLAMAV_DB_IMAGE: quay.io/redhat-appstudio/clamav-db:latest
CLAMAV_DB_DIR: /var/lib/clamav
- name: Get Comment Body
id: get-comment-body
# https://github.com/marketplace/actions/commit-comment#setting-the-comment-body-from-a-file
run: |
body="$(cat clamav.md)"
delimiter="$(openssl rand -hex 8)"
echo "body<<$delimiter" >> $GITHUB_OUTPUT
echo "$body" >> $GITHUB_OUTPUT
echo "$delimiter" >> $GITHUB_OUTPUT
- name: Add Malware Scanning Commit Comment
uses: peter-evans/commit-comment@v2
with:
body: ${{ steps.get-comment-body.outputs.body }}