Bug fixes and Nuclei update (#16)

* Minor updates (#15) * Minor updates * Update action.yml * Update action.yml * Update action.yml * more fixes * example updates * Reverted Custom UA support + examples
projectdiscovery · Jul 14, 2021 · a54be74 · a54be74
1 parent 7bf5459
commit a54be74
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 13 deletions.
diff --git a/README.md b/README.md
@@ -41,6 +41,37 @@ Example Usage
           urls: urls.txt
 ```
 
+**GitHub Action running Nuclei with CLI flags**
+
+```yaml
+      - name: Nuclei - DAST Scan
+        uses: projectdiscovery/nuclei-action@main
+        with:
+          urls: urls.txt
+          flags: "-severity critical,high,medium,low -stats"
+```
+
+**GitHub Action running Nuclei with Custom UA**
+
+```yaml
+      - name: Nuclei - DAST Scan
+        uses: projectdiscovery/nuclei-action@main
+        with:
+          urls: urls.txt
+          user-agent: "User-Agent: Nuclei"
+```
+
+**GitHub Action running Nuclei with Config files**
+
+```yaml
+      - name: Nuclei - DAST Scan
+        uses: projectdiscovery/nuclei-action@main
+        with:
+          urls: urls.txt
+          config: config.yaml
+          report-config: issues.yaml
+```
+
 **GitHub Example Action running Nuclei with GitHub Issue reporting**
 
 ```yaml
@@ -117,6 +148,7 @@ Available Inputs
 | `include-rr`      | Include request/response in results                 | false    |
 | `config`          | Set custom nuclei config file to use                | false    |
 | `user-agent`      | Set custom user-agent header                        | false    |
+| `report-config`   | Issue reporting configuration file                  | false    |
 | `github-report`   | Set `true` to generate Github issue with the report | false    |
 | `github-token`    | Set the Github Token                                | false    |
 | `sarif-export`    | File to export result (default - sarif.nuclei)      | false    |

diff --git a/action.yml b/action.yml
@@ -31,12 +31,16 @@ inputs:
     required: false
     default: false
 
+  user-agent:
+    description: "Set a Custom User-Agent header"
+    required: false
+
   config:
     description: "Nuclei configuration file"
     required: false
 
-  user-agent:
-    description: "Set a Custom User-Agent header"
+  report-config:
+    description: "Issue reporting configuration file"
     required: false
 
   github-report:
@@ -56,27 +60,29 @@ inputs:
     description: "Export nuclei results in Markdown format"
     required: false
 
-  nuclei-flags:
+  flags:
     description: "Extra nuclei CLI flags to use"
     required: false
 
 runs:
   using: "composite"
   steps:
     - run: |
-        [ ! -x /home/runner/go/bin/nuclei ] && GO111MODULE=on go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@v2.3.8
+        [ ! -x /home/runner/go/bin/nuclei ] && GO111MODULE=on go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@v2.4.0
         echo "/home/runner/go/bin/" >> $GITHUB_PATH
       shell: bash
+
     - run: |
         [ ! -z ${{ inputs.target }} ] && echo "target=-target ${{ inputs.target}}" >> $GITHUB_ENV
         [ ! -z ${{ inputs.urls }} ] && echo "urls=-list ${{ inputs.urls}}" >> $GITHUB_ENV
-        [ ! -z ${{ inputs.templates }} ] && echo "templates=-t ${{ inputs.templates }}" >> $GITHUB_ENV || echo "templates=-t ./nuclei-templates" >> $GITHUB_ENV
+        [ ! -z ${{ inputs.templates }} ] && echo "templates=-t ${{ inputs.templates }}" >> $GITHUB_ENV
         [ ! -z ${{ inputs.output }} ] && echo "output=-o ${{ inputs.output}}" >> $GITHUB_ENV || echo "output=-o nuclei.log" >> $GITHUB_ENV
         [ ! -z ${{ inputs.sarif-export }} ] && echo "sarif-export=-se ${{ inputs.sarif-export}}" >> $GITHUB_ENV || echo "sarif-export=-se nuclei.sarif" >> $GITHUB_ENV
         [ ! -z ${{ inputs.markdown-export }} ] && echo "markdown-export=-me ${{ inputs.markdown-export}}" >> $GITHUB_ENV
-        [ ! -z ${{ inputs.config }} ] && cp ${{ inputs.config }} /.config/nuclei/config.yaml
-        [ ! -z "${{ inputs.user-agent }}" ] && echo 'useragent=-H "${{ inputs.user-agent }}"' >> $GITHUB_ENV
-        [ ! -z "${{ inputs.nuclei-flags }}" ] && echo 'flags="${{ inputs.nuclei-flags }}"' >> $GITHUB_ENV
+        [ ! -z ${{ inputs.report-config }} ] && echo "reportconfig=-rc ${{ inputs.report-config}}" >> $GITHUB_ENV
+        [ ! -z ${{ inputs.config }} ] && echo "config=-config ${{ inputs.config}}" >> $GITHUB_ENV
+        [ ! -z "${{ inputs.user-agent }}" ] && echo "useragent=-H ${{ inputs.user-agent }}" >> $GITHUB_ENV
+        [ ! -z "${{ inputs.flags }}" ] && echo "flags=${{ inputs.flags }}" >> $GITHUB_ENV
         ${{ inputs.json }} && echo "json=-json" >> $GITHUB_ENV
         ${{ inputs.include-rr }} && echo "includerr=-irr" >> $GITHUB_ENV
         ${{ inputs.github-report }} \
@@ -89,22 +95,22 @@ runs:
         && echo -e "  issue-label: \"Nuclei\"" >> ~/nuclei-github-config.yaml \
         && echo "githubconfig=-rc ~/nuclei-github-config.yaml" >> $GITHUB_ENV
         
-        nuclei -silent \
-          -update-templates \
-          -update-directory ./nuclei-templates
+        nuclei -silent
       shell: bash
     - run: |
-        
+
         nuclei \
           ${{ env.target }} \
           ${{ env.urls }} \
           ${{ env.templates }} \
-          ${{ env.useragent }} \
           ${{ env.output }} \
           ${{ env.sarif-export }} \
           ${{ env.markdown-export }} \
           ${{ env.json }} \
           ${{ env.flags }} \
+          ${{ env.config }} \
+          ${{ env.reportconfig }} \
           ${{ env.githubconfig }} \
+          ${{ env.useragent }} \
           ${{ env.includerr }}
       shell: bash