Automate CA certificate bundle update by nickvergessen · Pull Request #34107 · nextcloud/server

nickvergessen · 2022-09-16T07:15:33Z

Signed-off-by: Joas Schilling coding@schilljs.com

Signed-off-by: Joas Schilling <coding@schilljs.com>

kesselb · 2022-09-16T08:49:30Z

Thank you 👍

If the update is automated the old check can probably go:

https://github.com/nextcloud/server/blob/master/build/ca-bundle-checker.sh
https://github.com/nextcloud/server/blob/master/autotest-checkers.sh

nickvergessen · 2022-09-16T09:04:57Z

Interesting that we have this check and it never failed....

nickvergessen · 2022-09-16T09:12:05Z

server/build/ca-bundle-checker.sh

Lines 3 to 6 in 3a75e14

    
           if [[ -n ${DRONE_SOURCE_BRANCH} && ! ${DRONE_SOURCE_BRANCH} =~ version(\/noid)?\/([0-9.]+) ]]; then 
        
               echo "Skip CA bundle check" 
        
               exit 0 
        
           fi

uuuuuuuuuuuuuuff

Signed-off-by: Joas Schilling <coding@schilljs.com>

kesselb · 2022-09-16T10:40:26Z

Interesting that we have this check and it never failed....

It failed sometimes ;) However the check for a certain branch name was always unstable. The schedule based workflow is much better.

.github/workflows/update-cacert-bundle.yml

Signed-off-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>

CarlSchwan · 2022-09-16T10:53:44Z

.github/workflows/update-cacert-bundle.yml

@@ -0,0 +1,42 @@
+name: Update CA certificate bundle


Maybe add your copyright here. I'll be fine if we could adopt spdx notation to make it shorter

# SPDX-FileCopyrightText: 2022 Your name <email> # SPDX-License-Identifier: AGPL-3.0-or-later

I don't think it's "high" enough to have copyright

Automate CA certificate bundle update

9eade34

Signed-off-by: Joas Schilling <coding@schilljs.com>

nickvergessen added 3. to review Waiting for reviews security labels Sep 16, 2022

nickvergessen added this to the Nextcloud 25 milestone Sep 16, 2022

nickvergessen requested review from ChristophWurst, julien-nc, miaulalala and skjnldsv September 16, 2022 07:15

ChristophWurst approved these changes Sep 16, 2022

View reviewed changes

nickvergessen mentioned this pull request Sep 16, 2022

Update CA cert bundle #34091

Merged

Remove legacy ca-cert checker

8612a9b

Signed-off-by: Joas Schilling <coding@schilljs.com>

CarlSchwan approved these changes Sep 16, 2022

View reviewed changes

nickvergessen added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Sep 16, 2022

skjnldsv reviewed Sep 16, 2022

View reviewed changes

.github/workflows/update-cacert-bundle.yml Outdated Show resolved Hide resolved

skjnldsv approved these changes Sep 16, 2022

View reviewed changes

Update update-cacert-bundle.yml

f51da25

Signed-off-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>

CarlSchwan reviewed Sep 16, 2022

View reviewed changes

nickvergessen merged commit 061d621 into master Sep 18, 2022

nickvergessen deleted the automate-cacert-update branch September 18, 2022 08:24

blizzz mentioned this pull request Sep 19, 2022

25.0.0 beta 7 #34095

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Automate CA certificate bundle update#34107

Automate CA certificate bundle update#34107
nickvergessen merged 3 commits intomasterfrom
automate-cacert-update

nickvergessen commented Sep 16, 2022

Uh oh!

kesselb commented Sep 16, 2022

Uh oh!

nickvergessen commented Sep 16, 2022

Uh oh!

nickvergessen commented Sep 16, 2022

Uh oh!

kesselb commented Sep 16, 2022

Uh oh!

Uh oh!

CarlSchwan Sep 16, 2022

Uh oh!

nickvergessen Sep 16, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

Uh oh!

Conversation

nickvergessen commented Sep 16, 2022

Uh oh!

kesselb commented Sep 16, 2022

Uh oh!

nickvergessen commented Sep 16, 2022

Uh oh!

nickvergessen commented Sep 16, 2022

Uh oh!

kesselb commented Sep 16, 2022

Uh oh!

Uh oh!

CarlSchwan Sep 16, 2022

Choose a reason for hiding this comment

Uh oh!

nickvergessen Sep 16, 2022

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants