From 850204552541e2e3034327a77483e9c9fcf3a4a4 Mon Sep 17 00:00:00 2001
From: Harshvardhan Karn <harshvardhan@deepfence.io>
Date: Mon, 8 Apr 2024 12:05:06 +0530
Subject: [PATCH] Create malware.yml

---
 .github/workflows/malware.yml | 43 +++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 .github/workflows/malware.yml

diff --git a/.github/workflows/malware.yml b/.github/workflows/malware.yml
new file mode 100644
index 0000000..6764333
--- /dev/null
+++ b/.github/workflows/malware.yml
@@ -0,0 +1,43 @@
+name: malware-scanner
+
+on:
+  push:
+    branches:
+    - "*"
+  pull_request:
+    branches:
+    - "*"
+
+jobs:
+  malware-scanner:
+    runs-on: ubuntu-latest
+    env:
+      GROUP: demo
+      COMMIT: ${{ github.sha }}
+      REPO: infra-mon
+      DEEPFENCE_CONSOLE_URL: ${{secrets.DEEPFENCE_URL}}
+      DEEPFENCE_KEY: ${{secrets.DEEPFENCE_KEY}}
+    steps:
+    - uses: actions/checkout@v4
+
+    # Run Deepfence Malware Scanner to check for malwares in image
+    - name: Run Deepfence Malware Scanner
+      env:
+        DEEPFENCE_CONSOLE_URL: ${{ env.DEEPFENCE_CONSOLE_URL }}
+        DEEPFENCE_KEY: ${{ env.DEEPFENCE_KEY }}
+        FULL_IMAGE_NAME: ${{ env.GROUP }}/${{ env.REPO }}:${{ github.sha }}
+        NGINX: "nginx:latest" 
+        FAIL_MALWARE_COUNT: 100 # Fail build if number of malwares found is >= this number. Set -1 to pass regardless of malwares.
+        FAIL_HIGH_MALWARE_COUNT: 10 # Fail build if number of high malwares found is >= this number. Set -1 to pass regardless of high malwares.
+        FAIL_MEDIUM_MALWARE_COUNT: 20 # Fail build if number of medium malwares found is >= this number. Set -1 to pass regardless of medium malwares.
+        FAIL_LOW_MALWARE_COUNT: 50 # Fail build if number of low malwares found is >= this number. Set -1 to pass regardless of low malwares.
+      run: |
+        docker pull deepfenceio/deepfence_malware_scanner_ce:2.1.1
+        docker run -i --rm --net=host --privileged=true \
+          --cpus=0.3 \
+          -v /var/run/docker.sock:/var/run/docker.sock:rw deepfenceio/deepfence_malware_scanner_ce:2.1.1 \
+          -image-name "$NGINX" \
+          -fail-on-count=$FAIL_MALWARE_COUNT \
+          -fail-on-high-count=$FAIL_HIGH_MALWARE_COUNT \
+          -fail-on-medium-count=$FAIL_MEDIUM_MALWARE_COUNT -\
+          fail-on-low-count=$FAIL_LOW_MALWARE_COUNT