feat(posts): add exploit-vulnerability-wordpress-plugin-kali-linux-2 (#…

…278)

Co-authored-by: my-renovate[bot] <105243867+my-renovate[bot]@users.noreply.github.com>

.github/renovate-pr.json5

@@ -22,7 +22,6 @@
   ],
   // ignore chirpy dependencies
   // https://renovatebot.com/docs/configuration-options/#ignoredeps
-  ignoreDeps: ["http_parser.rb", "html-proofer"],
   labels: [
     "renovate-pr",
     "renovate-pr/{{replace '.*/' '' depName}}",
@@ -32,13 +31,14 @@
     {
       automerge: true,
       ignoreTests: true,
-      packagePatterns: ["*"],
+      matchPackagePatterns: ["*"],
     },
   ],
   prBodyTemplate: "{{{table}}}{{{notes}}}{{{changelogs}}}",
   rebaseWhen: "behind-base-branch",
-  regexManagers: [
+  customManagers: [
     {
+      customType: "regex",
       extractVersionTemplate: "{{#if extractVersion}}{{{extractVersion}}}{{else}}^v?(?<version>.+)${{/if}}",
       fileMatch: ["\\.ya?ml$", "\\.md$", "^Dockerfile$", "^entrypoint\\.sh$"],
       matchStrings: [
@@ -47,12 +47,23 @@
       versioningTemplate: "{{#if versioning}}{{{versioning}}}{{else}}semver{{/if}}",
     },
     {
+      customType: "regex",
       datasourceTemplate: "custom.grafana-dashboards",
       fileMatch: ["\\.md$"],
       matchStrings: [
-        '#\\s+renovate:\\s+depName="(?<depName>.*)"\\n\\s+gnetId:\\s+(?<packageName>.*?)\\n\\s+revision:\\s+(?<currentValue>.*)',
+        '# renovate: depName="(?<depName>.*)"\\n\\s+gnetId:\\s+(?<packageName>.*?)\\n\\s+revision:\\s+(?<currentValue>.*)',
       ],
       versioningTemplate: "regex:^(?<major>\\d+)$",
     },
+    {
+      currentValueTemplate: "{{#if currentValue}}{{{currentValue}}}{{else}}main{{/if}}",
+      customType: "regex",
+      datasourceTemplate: "git-refs",
+      packageNameTemplate: "https://github.com/{{depName}}",
+      fileMatch: ["\\.md$"],
+      matchStrings: [
+        "# renovate:( currentValue=(?<currentValue>.+?))?\\n.*https:\\/\\/raw.githubusercontent.com\\/(?<depName>[^\\/]+\\/[^\\/]+)\\/(?<currentDigest>[^\\/]+)\\/",
+      ],
+    },
   ],
 }

.github/renovate.json5

@@ -21,7 +21,6 @@
   ],
   // ignore chirpy dependencies
   // https://renovatebot.com/docs/configuration-options/#ignoredeps
-  ignoreDeps: ["http_parser.rb", "html-proofer"],
   ignorePaths: ["_posts/**"],
   labels: [
     "renovate",
@@ -69,10 +68,20 @@
       datasourceTemplate: "custom.grafana-dashboards",
       fileMatch: ["\\.md$"],
       matchStrings: [
-        '#\\s+renovate:\\s+depName="(?<depName>.*)"\\n\\s+gnetId:\\s+(?<packageName>.*?)\\n\\s+revision:\\s+(?<currentValue>.*)',
+        '# renovate: depName="(?<depName>.*)"\\n\\s+gnetId:\\s+(?<packageName>.*?)\\n\\s+revision:\\s+(?<currentValue>.*)',
       ],
       versioningTemplate: "regex:^(?<major>\\d+)$",
     },
+    {
+      currentValueTemplate: "{{#if currentValue}}{{{currentValue}}}{{else}}main{{/if}}",
+      customType: "regex",
+      datasourceTemplate: "git-refs",
+      packageNameTemplate: "https://github.com/{{depName}}",
+      fileMatch: ["\\.md$"],
+      matchStrings: [
+        "# renovate:( currentValue=(?<currentValue>.+?))?\\n.*https:\\/\\/raw.githubusercontent.com\\/(?<depName>[^\\/]+\\/[^\\/]+)\\/(?<currentDigest>[^\\/]+)\\/",
+      ],
+    },
   ],
   separateMinorPatch: true,
 }

.github/workflows/post_tests.yml

@@ -25,9 +25,10 @@ on:
           - my-favourite-krew-plugins-kubectl cheapest-amazon-eks
           - cilium-amazon-eks
           - secure-cheap-amazon-eks
-          - exploit-vulnerability-wordpress-plugin-kali-linux
+          - exploit-vulnerability-wordpress-plugin-kali-linux-1
           - secure-cheap-amazon-eks-with-pod-identities
           - velero-and-cert-manager secure-cheap-amazon-eks-with-pod-identities
+          - exploit-vulnerability-wordpress-plugin-kali-linux-2
       action:
         type: choice
         description: Select action
@@ -92,6 +93,13 @@ jobs:
             eksctl version
           fi
 
+          if grep -q 'copilot ' "${POST_FILES_ARRAY[@]}" && ! command -v copilot &> /dev/null ; then
+            echo "*** Installing copilot"
+            gh release download --repo aws/copilot-cli --pattern copilot-linux
+            sudo mv copilot-linux /usr/local/bin/copilot
+            chmod a+x /usr/local/bin/copilot
+          fi
+
           if grep -q 'cilium ' "${POST_FILES_ARRAY[@]}" && ! command -v cilium &> /dev/null ; then
             echo "*** Installing cilium"
             gh release download --repo cilium/cilium-cli --pattern cilium-linux-amd64.tar.gz --output - | sudo tar xz -C /usr/local/bin/

.github/workflows/renovate-pr.yml

@@ -34,6 +34,8 @@ env:
   RENOVATE_DRY_RUN: "${{ inputs.dryRun }}"
   # Revovate Config File
   RENOVATE_CONFIG_FILE: ".github/renovate-pr.json5"
+  # Ignore default renovate config file in git repository
+  RENOVATE_REQUIRE_CONFIG: "ignored"
   # Set the base branch
   RENOVATE_BASE_BRANCHES: ${{ github.ref_name }}
   # Renovate Automerge
@@ -61,10 +63,12 @@ jobs:
       - name: Get changed files
         id: changed-files
         uses: tj-actions/changed-files@03334d095e2739fa9ac4034ec16f66d5d01e9eba # v44.5.1
+        with:
+          json: true
 
       - name: List all changed files
         run: |
-          set -euxo pipefail
+          echo "*** Changed files:"
           echo "RENOVATE_INCLUDE_PATHS=${{ steps.changed-files.outputs.all_changed_files }}" | tee -a "${GITHUB_ENV}"
 
       - name: 💡 Self-hosted Renovate

.gitleaks.toml

@@ -7,7 +7,7 @@ paths = [
   '''^_posts/2023/2023-04-01-secrets-store-csi-driver-reloader.md$''',
   '''^assets/js/data/search.json$''',
   '''^posts/trivy-operator-grafana/index.html$''',
-  '''^_posts/2024/2024-04-27-exploit-vulnerability-wordpress-plugin-kali-linux.md$''',
+  '''^_posts/2024/2024-04-27-exploit-vulnerability-wordpress-plugin-kali-linux-1.md$''',
 ]
 regexes = [
   "de727a48df31c3a650df9f8523df57374b5d2e65", # Let's Encrypt Staging "Serial Number"

_posts/2024/2024-04-27-exploit-vulnerability-wordpress-plugin-kali-linux.md → _posts/2024/2024-04-27-exploit-vulnerability-wordpress-plugin-kali-linux-1.md

@@ -42,11 +42,11 @@ Requirements:
 Set the AWS environment variables:
 
 ```bash
-export AWS_ACCESS_KEY_ID="xxxxxxxxxxxxxxxxxx"
-export AWS_SECRET_ACCESS_KEY="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+# export AWS_ACCESS_KEY_ID="xxxxxxxxxxxxxxxxxx"
+# export AWS_SECRET_ACCESS_KEY="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 export AWS_REGION="eu-central-1"
-export AWS_EC2_KEY_PAIR_NAME="ruzickap-test"
-export TMP_DIR="${TMP_DIR:-${PWD}}"
+AWS_EC2_KEY_PAIR_NAME="ruzickap-test"
+TMP_DIR="${TMP_DIR:-${PWD}}"
 ```
 
 Download the CloudFormation templates for Kali Linux and VPC:
@@ -412,10 +412,10 @@ define( 'DB_COLLATE', '' );
 
 I really like the Metasploit's colors so I've add the logs as images here:
 
-![Metasploit - wordpress_scanner](/assets/img/posts/2024/2024-04-27-exploit-vulnerability-wordpress-plugin-kali-linux/kali-linux-metasploit-wordpress_scanner.avif){:width="600"}
+![Metasploit - wordpress_scanner](/assets/img/posts/2024/2024-04-27-exploit-vulnerability-wordpress-plugin-kali-linux-1/kali-linux-metasploit-wordpress_scanner.avif){:width="600"}
 _Metasploit - wordpress_scanner_
 
-![Metasploit - wp_backup_migration_php_filter](/assets/img/posts/2024/2024-04-27-exploit-vulnerability-wordpress-plugin-kali-linux/kali-linux-metasploit-exploit-wp_backup_migration_php_filter.avif){:width="600"}
+![Metasploit - wp_backup_migration_php_filter](/assets/img/posts/2024/2024-04-27-exploit-vulnerability-wordpress-plugin-kali-linux-1/kali-linux-metasploit-exploit-wp_backup_migration_php_filter.avif){:width="600"}
 _Metasploit - wp_backup_migration_php_filter_
 
 ![Metasploit](https://raw.githubusercontent.com/Qroia/Qroia/af0f0d001bebaebbd340a9e688aaa54a98fa2eb5/configs/gnu-linux/themes/TokyoNight/tokyonight__dark_icons/apps/64/kali-metasploit.svg){:width="100"}