-
Notifications
You must be signed in to change notification settings - Fork 0
49 lines (42 loc) · 1.68 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
name: Build
on:
schedule:
- cron: '0 0 * * *'
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@main
with:
submodules: true
- name: Build BearSSL
run: |
declare -r source_directory="$(realpath './submodules/bearssl')"
make --jobs="$(nproc)" --directory="${source_directory}" all
echo "BEARSSL_EXECUTABLE=${source_directory}/build/brssl" >> "${GITHUB_ENV}"
- name: Generate CA bundle
run: |
perl ./submodules/curl/scripts/mk-ca-bundle.pl
echo "CA_BUNDLE_PATH=$(realpath './ca-bundle.crt')" >> "${GITHUB_ENV}"
echo "CERT_DATA_PATH=$(realpath './certdata.txt')" >> "${GITHUB_ENV}"
- name: Generate BearSSL header
run: |
${{ env.BEARSSL_EXECUTABLE }} ta ${{ env.CA_BUNDLE_PATH }} > './cert.h'
echo "BEARSSL_HEADER_PATH=$(realpath './cert.h')" >> "${GITHUB_ENV}"
- name: Setup files
run: |
[ -d './pem' ] || mkdir './pem'
[ -d './brssl' ] || mkdir './brssl'
[ -d './certdata' ] || mkdir './certdata'
mv ${{ env.CA_BUNDLE_PATH }} './pem/cert.pem'
sha256sum './pem/cert.pem' | awk '{print $1}' > './pem/cert.pem.sha256'
mv ${{ env.BEARSSL_HEADER_PATH }} './brssl/cert.h'
sha256sum './brssl/cert.h' | awk '{print $1}' > './brssl/cert.h.sha256'
mv ${{ env.CERT_DATA_PATH }} './certdata/certdata.txt'
sha256sum './certdata/certdata.txt' | awk '{print $1}' > './certdata/certdata.txt.sha256'
- uses: EndBug/add-and-commit@main
with:
add: '*'
default_author: github_actions
message: 'Update CA bundle'