build-attack-destroy-aws #755

Workflow file for this run

.github/workflows/build_attack_destroy_aws.yml at a5dd385

	name: build-attack-destroy-aws
	on:
	workflow_dispatch: # Manually trigger the workflow
	schedule:
	- cron: '30 8 * * *'

	jobs:
	build-attack-destroy-aws:

	runs-on: ubuntu-latest
	steps:

	- name: Checkout repo
	uses: actions/checkout@v4

	- name: Install System Packages
	run: \|
	sudo apt update -qq
	sudo apt install -y openssh-client

	- uses: actions/setup-python@v5
	with:
	python-version: '3.9' #Available versions here - https://github.com/actions/python-versions/releases easy to change/make a matrix/use pypy
	architecture: 'x64' # optional x64 or x86. Defaults to x64 if not specified

	- uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-central-1

	- name: Install SSH key
	uses: shimataro/ssh-key-action@v2
	with:
	key: ${{ secrets.AR_SSH_PRIVATE_KEY }}
	name: ar-github-actions
	known_hosts: unnecessary
	if_key_exists: fail

	- uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: "1.5.7"

	- name: Install Dependencies using Poetry
	run: \|
	pip3 install poetry
	poetry install

	- name: Copy Attack Range config
	run: \|
	cp -f configs/github_actions_config_aws.yml attack_range.yml

	- name: Build Attack Range
	run: \|
	poetry run python attack_range.py build

	- name: Simulate Attack
	run: \|
	poetry run python attack_range.py simulate --target ar-win-ar-github-actions-ar-0 --technique T1003.002

	- name: Destroy Attack Range
	run: \|
	poetry run python attack_range.py destroy

	- name: Cleanup terraform on failures
	if: failure()
	run: \|
	poetry run python attack_range.py destroy

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build-attack-destroy-aws #755

Workflow file

build-attack-destroy-aws #755

Jobs

Run details

Workflow file for this run