ci: use composite actions

Signed-off-by: Dwi Siswanto <git@dw1.io>

.github/scripts/weak-matcher-checks.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+
+set -uo pipefail
+
+OUTPUT="/tmp/nuclei-result-${GITHUB_SHA}.out"
+CHANGED_FILES="$(sed 's/ / -t /g' <<< "${CHANGED_FILES}")"
+WEAK=false
+COMMENT=""
+
+eval "nuclei -duc -silent -ud ${GITHUB_WORKSPACE} -u ${HONEYPOT_URL} -o ${OUTPUT} -t ${CHANGED_FILES}"
+
+if [[ "$(wc -l < $OUTPUT)" -gt 0 ]]; then
+	COMMENT+="**:warning: Weak matcher detected**\n\n"
+	COMMENT+="It looks like Nuclei has found some results on the honeypot target.\n\n"
+	COMMENT+="To improve the accuracy of these results and avoid any false positives, "
+	COMMENT+="please adjust the matchers as needed. "
+	COMMENT+="This will help in providing more reliable and precise results.\n\n"
+	COMMENT+="| **Template ID** |\n"
+	COMMENT+="|--|\n"
+	COMMENT+=$(grep -Po "^\\K[[\w_-]+\]" $OUTPUT | sed 's/\[/| /g; s/\]/ |/g' | sed ':a;N;$!ba;s/\n/\\n/g')
+	COMMENT+="\n\n"
+	COMMENT+="> Ref ${GITHUB_SHA}"
+
+	WEAK=true
+fi
+
+echo "weak=${WEAK}" >> $GITHUB_OUTPUT
+
+{
+	echo "comment<<EOF"
+	echo -e "${COMMENT}"
+	echo "EOF"
+} >> $GITHUB_OUTPUT

.github/scripts/yaml2json/go.mod

@@ -0,0 +1,5 @@
+module yaml2json
+
+go 1.22.0
+
+require gopkg.in/yaml.v3 v3.0.1 // indirect

.github/scripts/yaml2json/go.sum

@@ -0,0 +1,3 @@
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=