Skip to content

Fetch Latest CA File #600

Fetch Latest CA File

Fetch Latest CA File #600

name: Fetch Latest CA File
on:
schedule:
# This will run daily at 00:00 UTC.
- cron: '0 0 * * *'
workflow_dispatch:
permissions:
contents: write
jobs:
fetch-ca-file:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Fetch the latest CA file
run: |
curl -O https://curl.se/ca/cacert.pem
echo "Fetched the latest CA file."
- name: Check if the CA file has changed
id: cafile
run: |
CHANGED=$(git diff --name-only | grep cacert.pem || true)
if [[ ! -z "$CHANGED" ]]; then
echo "CHANGED=true" >> $GITHUB_ENV
else
echo "CHANGED=false" >> $GITHUB_ENV
fi
- name: Commit changes
if: env.CHANGED == 'true'
run: |
git config --local user.email "[email protected]"
git config --local user.name "Simon Hamp"
git add cacert.pem
git commit -m "Update CA file"
git push
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
release:
needs: fetch-ca-file
if: needs.fetch-ca-file.outputs.changed == 'true'
runs-on: ubuntu-latest
steps:
- name: Get the latest release
id: latestrelease
run: |
LATEST_VERSION=$(curl --silent "https://api.github.com/repos/${{ github.repository }}/releases/latest" \
| jq -r .tag_name)
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Bump the patch version
id: bump
run: |
NEW_VERSION=$(echo "${{ steps.latestrelease.outputs.version }}" | awk -F. '{$NF = $NF + 1;} 1' | sed 's/ /./g')
echo "VERSION=${NEW_VERSION}" >> $GITHUB_ENV
- name: Create a new release
id: create_release
uses: actions/create-release@v1
with:
tag_name: v${{ env.VERSION }}
release_name: v${{ env.VERSION }}
draft: true
prerelease: false
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}