nextcloud/.github/workflows/update-cacert-bundle.yml
dependabot[bot] 3586d1ef40
chore(deps): Bump the github-actions group with 4 updates
Bumps the github-actions group with 4 updates: [andstor/file-existence-action](https://github.com/andstor/file-existence-action), [cypress-io/github-action](https://github.com/cypress-io/github-action), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `andstor/file-existence-action` from 2.0.0 to 3.0.0
- [Release notes](https://github.com/andstor/file-existence-action/releases)
- [Commits](20b4d2e596...076e007279)

Updates `cypress-io/github-action` from 6.6.0 to 6.6.1
- [Release notes](https://github.com/cypress-io/github-action/releases)
- [Changelog](https://github.com/cypress-io/github-action/blob/master/CHANGELOG.md)
- [Commits](ebe8b24c44...1b70233146)

Updates `codecov/codecov-action` from 3 to 4
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Commits](https://github.com/codecov/codecov-action/compare/v3...v4)

Updates `peter-evans/create-pull-request` from 5.0.2 to 6.0.1
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](153407881e...a4f52f8033)

---
updated-dependencies:
- dependency-name: andstor/file-existence-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: cypress-io/github-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-29 23:41:49 +00:00

43 lines
1.6 KiB
YAML

name: Update CA certificate bundle
on:
workflow_dispatch:
schedule:
- cron: "5 2 * * *"
jobs:
update-ca-certificate-bundle:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
branches: ["master", "stable28", "stable27", "stable26", "stable25", "stable24", "stable23", "stable22"]
name: update-ca-certificate-bundle-${{ matrix.branches }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
with:
ref: ${{ matrix.branches }}
submodules: true
- name: Download CA certificate bundle from curl
run: curl --etag-compare build/ca-bundle-etag.txt --etag-save build/ca-bundle-etag.txt --output resources/config/ca-bundle.crt https://curl.se/ca/cacert.pem
- name: Create Pull Request
uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "fix(security): Update CA certificate bundle"
committer: GitHub <noreply@github.com>
author: nextcloud-command <nextcloud-command@users.noreply.github.com>
signoff: true
branch: automated/noid/${{ matrix.branches }}-update-ca-cert-bundle
title: "[${{ matrix.branches }}] fix(security): Update CA certificate bundle"
body: |
Auto-generated update of CA certificate bundle from [https://curl.se/docs/caextract.html](https://curl.se/docs/caextract.html)
labels: |
dependencies
3. to review
reviewers: ChristophWurst, miaulalala, nickvergessen