on:
  push:
    paths:
      - 'threagile.yaml' # useful to filter this job to execute only when the threat model changes

jobs:

  threagile_job:
    runs-on: ubuntu-latest
    name: Threat Model Analysis
    steps:
      
      # Checkout the repo
      - name: Checkout Workspace
        uses: actions/checkout@v2
     
      # Run Threagile
      - name: Run Threagile
        id: threagile
        uses: threagile/run-threagile-action@v1
        with:
          model-file: 'threagile.yaml'
     
      # Archive resulting files as artifacts
      - name: Archive Results
        uses: actions/upload-artifact@v2
        with:
          name: threagile-report
          path: threagile/output
     
      # Optional step to link from repo's README.md if you want. This can also be committed to a separate branch if desired.
      - name: Commit & Push Report and DFD Diagram
        run: |
          git config --local user.email "[email protected]" # customize as desired
          git config --local user.name "Threagile" # customize as desired
          git add threagile/output/report.pdf
          git add threagile/output/data-flow-diagram.png
          git commit -m "Update threat model report and data-flow diagram by Threagile" # customize as desired
          git push

## Threat Model Analysis
The open-source toolkit for agile threat modeling, Threagile, was used to model and analyze potential threats.

### Data-Flow Diagram (DFD)
The following DFD was generated by Threagile during threat model analysis:

![Data-Flow Diagram (DFD)](/threagile/output/data-flow-diagram.png?raw=true "Data-Flow Diagram (DFD)")

### Threat Model Report
The following report was generated by Threagile during threat model analysis:
[Threat Model Report](/threagile/output/report.pdf?raw=true)