Skip to content

Commit

Permalink
Merge branch 'main' of https://github.com/cisagov/Malcolm into main_d…
Browse files Browse the repository at this point in the history 
…ocs_cisagov
  • Loading branch information
@mmguero
mmguero committed Oct 24, 2024
2 parents cd7341b + cb0d34e commit 71a4195
Show file tree
Hide file tree
Showing 292 changed files with 8,793 additions and 7,197 deletions.
7 changes: 3 additions & 4 deletions .github/workflows/api-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'api/**'
- 'Dockerfiles/api.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/suricata*'
- '!shared/bin/zeek*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -113,7 +110,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/arkime-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'arkime/**'
- 'Dockerfiles/arkime.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/suricata*'
- '!shared/bin/zeek*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -115,7 +112,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/dashboards-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'dashboards/**'
- 'Dockerfiles/dashboards.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/suricata*'
- '!shared/bin/zeek*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -113,7 +110,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/dashboards-helper-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'dashboards/**'
- 'Dockerfiles/dashboards-helper.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/suricata*'
- '!shared/bin/zeek*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -113,7 +110,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
4 changes: 3 additions & 1 deletion .github/workflows/dirinit-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/file-monitor-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,10 @@ on:
- 'file-monitor/**'
- 'Dockerfiles/file-monitor.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/suricata*'
- '!shared/bin/zeek*.sh'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -110,7 +107,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/file-upload-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'file-upload/**'
- 'Dockerfiles/file-upload.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/suricata*'
- '!shared/bin/zeek*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -113,7 +110,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/filebeat-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'filebeat/**'
- 'Dockerfiles/filebeat.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/suricata*'
- '!shared/bin/zeek*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -113,7 +110,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/freq-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'freq-server/**'
- 'Dockerfiles/freq.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/suricata*'
- '!shared/bin/zeek*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -113,7 +110,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
4 changes: 3 additions & 1 deletion .github/workflows/hedgehog-iso-build-docker-wrap-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,7 +141,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'fs'
scan-ref: './hedgehog-iso'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/htadmin-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'htadmin/**'
- 'Dockerfiles/htadmin.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/suricata*'
- '!shared/bin/zeek*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -113,7 +110,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/logstash-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'logstash/**'
- 'Dockerfiles/logstash.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/suricata*'
- '!shared/bin/zeek*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -113,7 +110,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
5 changes: 3 additions & 2 deletions .github/workflows/malcolm-iso-build-docker-wrap-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ on:
- 'malcolm-iso/**'
- 'shared/bin/*'
- '!shared/bin/capa-build.sh'
- '!shared/bin/configure-capture.py'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/zeek*'
Expand Down Expand Up @@ -148,7 +147,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'fs'
scan-ref: './malcolm-iso'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/netbox-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'netbox/**'
- 'Dockerfiles/netbox.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/zeek*'
- '!shared/bin/suricata*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -113,7 +110,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/nginx-build-and-push-ghcr.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,13 @@ on:
- 'nginx/**'
- 'Dockerfiles/nginx.Dockerfile'
- 'shared/bin/*'
- '!shared/bin/agg-init.sh'
- '!shared/bin/capa-build.sh'
- '!shared/bin/common-init.sh'
- '!shared/bin/sensor-init.sh'
- '!shared/bin/extracted_files_http_server.py'
- '!shared/bin/web-ui-asset-download.sh'
- '!shared/bin/os-disk-config.py'
- '!shared/bin/preseed_late_user_config.sh'
- '!shared/bin/configure-interfaces.py'
- '!shared/bin/configure-capture.py'
- '!shared/bin/zeek*'
- '!shared/bin/suricata*'
- '.trigger_workflow_build'
Expand Down Expand Up @@ -120,7 +117,9 @@ jobs:
name: Run Trivy vulnerability scanner
if: ${{ matrix.platform == 'linux/amd64' }}
id: trivy-scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.28.0
env:
TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
with:
scan-type: 'image'
scanners: 'vuln'
Expand Down
Loading

0 comments on commit 71a4195

Please sign in to comment.