WAF-IPDB icon indicating copy to clipboard operation
WAF-IPDB copied to clipboard

Published 20 hours ago verified publisher icon BeeHiveCyberSecurity

Build fails

Open DIVISIONSolar opened this issue 2 years ago • 8 comments

Workflow config: name: Report on: push: schedule: - cron: '15 * * * *' watch: types: [started] workflow_dispatch: jobs: build: if: github.repository == 'DIVISIONSolar/WAF-IPDB' runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@main - name: Set up python uses: actions/setup-python@v1 with: python-version: 3.8 - name: Install requirements run: pip install -r requirements.txt - name: Report run: python main.py ${{ secrets.CLOUDFLARE_ZONE_ID }} ${{ secrets.CLOUDFLARE_EMAIL }} ${{ secrets.CLOUDFLARE_API_KEY }} ${{ secrets.ABUSEIPDB_API_KEY }}

##[debug]Evaluating condition for step: 'Report' ##[debug]Evaluating: success() ##[debug]Evaluating success: ##[debug]=> true ##[debug]Result: true ##[debug]Starting: Report ##[debug]Loading inputs ##[debug]Evaluating: format('python main.py {0} {1} {[2](https://github.com/DIVISIONSolar/WAF-IPDB/actions/runs/5338245148/jobs/9675357089#step:5:2)} {[3](https://github.com/DIVISIONSolar/WAF-IPDB/actions/runs/5338245148/jobs/9675357089#step:5:3)}', secrets.CLOUDFLARE_ZONE_ID, secrets.CLOUDFLARE_EMAIL, secrets.CLOUDFLARE_API_KEY, secrets.ABUSEIPDB_API_KEY) ##[debug]Evaluating format: ##[debug]..Evaluating String: ##[debug]..=> 'python main.py {0} {1} {2} {3}' ##[debug]..Evaluating Index: ##[debug]....Evaluating secrets: ##[debug]....=> Object ##[debug]....Evaluating String: ##[debug]....=> 'CLOUDFLARE_ZONE_ID' ##[debug]..=> '***' ##[debug]..Evaluating Index: ##[debug]....Evaluating secrets: ##[debug]....=> Object ##[debug]....Evaluating String: ##[debug]....=> 'CLOUDFLARE_EMAIL' ##[debug]..=> '***' ##[debug]..Evaluating Index: ##[debug]....Evaluating secrets: ##[debug]....=> Object ##[debug]....Evaluating String: ##[debug]....=> 'CLOUDFLARE_API_KEY' ##[debug]..=> '***' ##[debug]..Evaluating Index: ##[debug]....Evaluating secrets: ##[debug]....=> Object ##[debug]....Evaluating String: ##[debug]....=> 'ABUSEIPDB_API_KEY' ##[debug]..=> '***' ##[debug]=> 'python main.py *** *** *** ***' ##[debug]Result: 'python main.py *** *** *** ***' ##[debug]Loading env Run python main.py *** *** *** *** ##[debug]/usr/bin/bash -e /home/runner/work/_temp/2b103762-17ce-[4](https://github.com/DIVISIONSolar/WAF-IPDB/actions/runs/5338245148/jobs/9675357089#step:5:4)3[5](https://github.com/DIVISIONSolar/WAF-IPDB/actions/runs/5338245148/jobs/9675357089#step:5:5)c-a470-[6](https://github.com/DIVISIONSolar/WAF-IPDB/actions/runs/5338245148/jobs/9675357089#step:5:6)25[7](https://github.com/DIVISIONSolar/WAF-IPDB/actions/runs/5338245148/jobs/9675357089#step:5:7)7e070[8](https://github.com/DIVISIONSolar/WAF-IPDB/actions/runs/5338245148/jobs/9675357089#step:5:8)2f.sh ==================== Start ==================== 2023-06-21 1[9](https://github.com/DIVISIONSolar/WAF-IPDB/actions/runs/5338245148/jobs/9675357089#step:5:9):40:40 2023-06-21 [11](https://github.com/DIVISIONSolar/WAF-IPDB/actions/runs/5338245148/jobs/9675357089#step:5:11):40:40 ttl: 59 <class 'dict'> Traceback (most recent call last): File "main.py", line [16](https://github.com/DIVISIONSolar/WAF-IPDB/actions/runs/5338245148/jobs/9675357089#step:5:16)4, in <module> ip_bad_list=a["data"]["viewer"]["zones"][0]["firewallEventsAdaptive"] KeyError: 'data' Error: Process completed with exit code 1. ##[debug]Finishing: Report

Any ideas on why this happens?

DIVISIONSolar avatar Jun 21 '23 19:06 DIVISIONSolar

This will happen when there's no events for it to pull/compare/report. Once you get a few report hits, these should stop happening. If they don't, try re-pulling and configuring.

BeeHiveCyberSecurity avatar Jul 09 '23 02:07 BeeHiveCyberSecurity

seems like is working now but it doesnt report any bad ips to abuseipdb?

DIVISIONSolar avatar Jul 14 '23 18:07 DIVISIONSolar

So I've let it run for 2 months while checking every 2 weeks to see if anything has changed and this app hasn't made any reports, requests or shown any signs of life in terms of scanning my waf, any ideas?

DIVISIONSolar avatar Aug 20 '23 00:08 DIVISIONSolar

It seems you have your repo private; we can take a look over it, but you'd have to make it public. Ideally, this is safe, because instead of hard-coding your secrets you set them as environment variables. I just checked our worker and it has reports from as soon as today, so, it's functional. More than likely a derp moment, if you take it public tag and we'll give it a look.

BeeHiveCyberSecurity avatar Aug 22 '23 07:08 BeeHiveCyberSecurity

I've made it public now: https://github.com/DIVISIONSolar/CFWAF-IPDB/

DIVISIONSolar avatar Aug 23 '23 06:08 DIVISIONSolar

This repo has been updated today, please ensure you're using the latest version and give it a clean build attempt.

BeeHiveCyberSecurity avatar Nov 05 '23 18:11 BeeHiveCyberSecurity

What's been changed? I've gotten it to work

DIVISIONSolar avatar Nov 05 '23 18:11 DIVISIONSolar

#3 Misc. Improvements and version bumps for deps

BeeHiveCyberSecurity avatar Nov 05 '23 18:11 BeeHiveCyberSecurity