Update CA certificate bundle #778
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors | |
| # SPDX-License-Identifier: MIT | |
| name: Update CA certificate bundle | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: "5 2 * * *" | |
| jobs: | |
| update-ca-certificate-bundle: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| branches: ['master', 'stable30', 'stable29', 'stable28', 'stable27', 'stable26', 'stable25', 'stable24', 'stable23', 'stable22'] | |
| name: update-ca-certificate-bundle-${{ matrix.branches }} | |
| steps: | |
| - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 | |
| with: | |
| ref: ${{ matrix.branches }} | |
| submodules: true | |
| - name: Download CA certificate bundle from curl | |
| run: curl --etag-compare build/ca-bundle-etag.txt --etag-save build/ca-bundle-etag.txt --output resources/config/ca-bundle.crt https://curl.se/ca/cacert.pem | |
| - name: Create Pull Request | |
| uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f | |
| with: | |
| token: ${{ secrets.COMMAND_BOT_PAT }} | |
| commit-message: 'fix(security): Update CA certificate bundle' | |
| committer: GitHub <noreply@github.com> | |
| author: nextcloud-command <nextcloud-command@users.noreply.github.com> | |
| signoff: true | |
| branch: 'automated/noid/${{ matrix.branches }}-update-ca-cert-bundle' | |
| title: '[${{ matrix.branches }}] fix(security): Update CA certificate bundle' | |
| body: | | |
| Auto-generated update of CA certificate bundle from [https://curl.se/docs/caextract.html](https://curl.se/docs/caextract.html) | |
| labels: | | |
| dependencies | |
| 3. to review | |
| reviewers: ChristophWurst, miaulalala, nickvergessen |