diff options
Diffstat (limited to '.github/workflows/update-cacert-bundle.yml')
| -rw-r--r-- | .github/workflows/update-cacert-bundle.yml | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/.github/workflows/update-cacert-bundle.yml b/.github/workflows/update-cacert-bundle.yml new file mode 100644 index 00000000000..19d0018ed7f --- /dev/null +++ b/.github/workflows/update-cacert-bundle.yml @@ -0,0 +1,47 @@ +# This workflow is provided via the organization template repository +# +# https://github.com/nextcloud/.github +# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization + +name: Update CA certificate bundle + +on: + workflow_dispatch: + schedule: + - cron: "5 4 * * *" + +jobs: + update-ca-certificate-bundle: + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + branches: ["master", "stable24", "stable23", "stable22"] + + name: update-ca-certificate-bundle-${{ matrix.branches }} + + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ matrix.branches }} + submodules: true + + - name: Download CA certificate bundle from curl + run: curl --etag-compare build/ca-bundle-etag.txt --etag-save build/ca-bundle-etag.txt --output resources/config/ca-bundle.crt https://curl.se/ca/cacert.pem + + - name: Create Pull Request + uses: peter-evans/create-pull-request@v3 + with: + token: ${{ secrets.COMMAND_BOT_PAT }} + commit-message: Update CA certificate bundle + committer: GitHub <noreply@github.com> + author: nextcloud-command <nextcloud-command@users.noreply.github.com> + signoff: true + branch: automated/noid/${{ matrix.branches }}-update-ca-cert-bundle + title: "[${{ matrix.branches }}] Update ca-cert bundle" + body: | + Auto-generated update of CA certificate bundle from [https://curl.se/docs/caextract.html](https://curl.se/docs/caextract.html) + labels: | + dependencies + 3. to review |