[fix] headerinfo workflow #1339
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Asynchronous enrollment and certificate re-usage | |
| on: | |
| push: | |
| pull_request: | |
| branches: [ devel ] | |
| schedule: | |
| # * is a special character in YAML so you have to quote this string | |
| - cron: '0 2 * * 6' | |
| jobs: | |
| async_enrollment_cert_reusage: | |
| name: async_enrollment_cert_reusage | |
| runs-on: ubuntu-latest | |
| strategy: | |
| # max-parallel: 1 | |
| fail-fast: false | |
| matrix: | |
| websrv: ['apache2', 'nginx'] | |
| dbhandler: ['wsgi', 'django'] | |
| steps: | |
| - name: "checkout GIT" | |
| uses: actions/checkout@v4 | |
| - name: "create folders" | |
| run: | | |
| mkdir lego | |
| mkdir acme-sh | |
| mkdir certbot | |
| - name: "Prepare Postgres environment" | |
| run: | | |
| docker network create acme | |
| sudo mkdir -p examples/Docker/data/pgsql/ | |
| sudo cp .github/a2c.psql examples/Docker/data/pgsql/a2c.psql | |
| sudo cp .github/pgpass examples/Docker/data/pgsql/pgpass | |
| sudo chmod 600 examples/Docker/data/pgsql/pgpass | |
| - name: "Install postgres" | |
| working-directory: examples/Docker/ | |
| run: | | |
| docker run --name postgresdbsrv --network acme -e POSTGRES_PASSWORD=foobar -d postgres | |
| - name: "Sleep for 10s" | |
| uses: juliangruber/[email protected] | |
| with: | |
| time: 10s | |
| - name: "Configure postgres" | |
| working-directory: examples/Docker/ | |
| run: | | |
| docker run -v "$(pwd)/data/pgsql/a2c.psql":/tmp/a2c.psql -v "$(pwd)/data/pgsql/pgpass:/root/.pgpass" --rm --network acme postgres psql -U postgres -h postgresdbsrv -f /tmp/a2c.psql | |
| - name: "Build docker-compose (${{ matrix.websrv }}_${{ matrix.dbhandler }})" | |
| working-directory: examples/Docker/ | |
| run: | | |
| sudo apt-get install -y docker-compose | |
| sudo mkdir -p data | |
| sed -i "s/wsgi/$DB_HANDLER/g" .env | |
| sed -i "s/apache2/$WEB_SRV/g" .env | |
| cat .env | |
| docker-compose up -d | |
| docker-compose logs | |
| env: | |
| WEB_SRV: ${{ matrix.websrv }} | |
| DB_HANDLER: ${{ matrix.dbhandler }} | |
| - name: "Setup openssl ca_handler" | |
| run: | | |
| sudo cp .github/acme2certifier.pem examples/Docker/data/acme2certifier.pem | |
| sudo cp .github/acme2certifier_cert.pem examples/Docker/data/acme2certifier_cert.pem | |
| sudo cp .github/acme2certifier_key.pem examples/Docker/data/acme2certifier_key.pem | |
| sudo cp .github/django_settings_psql.py examples/Docker/data/settings.py | |
| sudo cp examples/ca_handler/openssl_ca_handler.py examples/Docker/data/ca_handler.py | |
| sudo chmod 777 examples/Docker/data/ca_handler.py | |
| sudo sed -i "s/import uuid/import uuid\\nimport time/g" examples/Docker/data/ca_handler.py | |
| sudo sed -i "s/ cert_raw = None/ cert_raw = None\\n time.sleep(30)/g" examples/Docker/data/ca_handler.py | |
| sudo mkdir -p examples/Docker/data/acme_ca/certs | |
| sudo cp test/ca/sub-ca-key.pem test/ca/sub-ca-crl.pem test/ca/sub-ca-cert.pem test/ca/root-ca-cert.pem examples/Docker/data/acme_ca/ | |
| sudo cp .github/openssl_ca_handler.py_acme_srv_default_handler.cfg examples/Docker/data/acme_srv.cfg | |
| sudo chmod 777 examples/Docker/data/acme_srv.cfg | |
| sudo sed -i "s/revocation_reason_check_disable: False/revocation_reason_check_disable: False\\ncert_reusage_timeframe: 300/g" examples/Docker/data/acme_srv.cfg | |
| cd examples/Docker/ | |
| docker-compose restart | |
| docker-compose logs | |
| - name: "Sleep for 10s" | |
| uses: juliangruber/[email protected] | |
| with: | |
| time: 10s | |
| - name: "Test http://acme-srv/directory is accessible" | |
| run: docker run -i --rm --network acme curlimages/curl -f http://acme-srv/directory | |
| - name: "Test if https://acme-srv/directory is accessible" | |
| run: docker run -i --rm --network acme curlimages/curl --insecure -f https://acme-srv/directory | |
| - name: "Enroll acme.sh" | |
| run: | | |
| docker run --rm -i -v "$(pwd)/acme-sh":/acme.sh --network acme --name=acme-sh neilpang/acme.sh:latest --issue --server http://acme-srv --keylength 2048 --accountemail '[email protected]' -d acme-sh.acme --standalone --debug 3 --output-insecure --force | |
| openssl verify -CAfile examples/Docker/data/acme_ca/root-ca-cert.pem -untrusted examples/Docker/data/acme_ca/sub-ca-cert.pem acme-sh/acme-sh.acme/acme-sh.acme.cer | |
| - name: "Check timeout" | |
| working-directory: examples/Docker/ | |
| run: | | |
| docker-compose logs | grep "Certificate.enroll_and_store() ended with: None:timeout" | |
| sudo truncate -s 0 $(docker inspect --format='{{.LogPath}}' acme2certifier_acme-srv_1) | |
| - name: "Enroll acme.sh" | |
| run: | | |
| docker run --rm -i -v "$(pwd)/acme-sh":/acme.sh --network acme --name=acme-sh neilpang/acme.sh:latest --issue --server http://acme-srv --keylength 2048 --accountemail '[email protected]' -d acme-sh.acme --standalone --debug 3 --output-insecure --force | |
| - name: "Check certificate reusage" | |
| working-directory: examples/Docker/ | |
| run: | | |
| docker-compose logs | grep "Certificate._enroll(): reuse existing certificate" | |
| - name: "Enroll Lego" | |
| run: | | |
| docker run -i -v $PWD/lego:/.lego/ --rm --name lego --network acme goacme/lego -s http://acme-srv -a --email "[email protected]" -d lego.acme --cert.timeout 180 --http run | |
| - name: "Check timeout" | |
| working-directory: examples/Docker/ | |
| run: | | |
| docker-compose logs | grep "Certificate.enroll_and_store() ended with: None:timeout" | |
| sudo truncate -s 0 $(docker inspect --format='{{.LogPath}}' acme2certifier_acme-srv_1) | |
| - name: "Register certbot" | |
| run: | | |
| docker run -i --rm --name certbot --network acme -v $PWD/certbot:/etc/letsencrypt/ certbot/certbot register --agree-tos -m '[email protected]' --server http://acme-srv --no-eff-email | |
| - name: "Enroll certbot" | |
| run: | | |
| docker run -i --rm --name certbot --network acme -v $PWD/certbot:/etc/letsencrypt/ certbot/certbot certonly --server http://acme-srv --standalone --preferred-challenges http -d certbot.acme --cert-name certbot | |
| - name: "Check timeout" | |
| working-directory: examples/Docker/ | |
| run: | | |
| docker-compose logs | grep "Certificate.enroll_and_store() ended with: None:timeout" | |
| sudo truncate -s 0 $(docker inspect --format='{{.LogPath}}' acme2certifier_acme-srv_1) | |
| - name: "[ * ] collecting test data" | |
| if: ${{ failure() }} | |
| run: | | |
| mkdir -p ${{ github.workspace }}/artifact/upload | |
| sudo cp -rp examples/Docker/data/ ${{ github.workspace }}/artifact/data/ | |
| sudo cp -rp acme-sh/ ${{ github.workspace }}/artifact/acme-sh/ | |
| cd examples/Docker | |
| docker-compose logs > ${{ github.workspace }}/artifact/docker-compose.log | |
| sudo tar -C ${{ github.workspace }}/artifact/ -cvzf ${{ github.workspace }}/artifact/upload/artifact.tar.gz docker-compose.log data acme-sh | |
| - name: "[ * ] uploading artifacts" | |
| uses: actions/upload-artifact@v4 | |
| if: ${{ failure() }} | |
| with: | |
| name: async_enrollment_cert_reusage-${{ matrix.websrv }}-${{ matrix.dbhandler }}.tar.gz | |
| path: ${{ github.workspace }}/artifact/upload/ | |
| rpm_wsgi_async_enrollment_cert_reusage: | |
| name: "rpm_wsgi_async_enrollment_cert_reusage" | |
| runs-on: ubuntu-latest | |
| strategy: | |
| # max-parallel: 1 | |
| fail-fast: false | |
| matrix: | |
| rhversion: [8, 9] | |
| steps: | |
| - name: "checkout GIT" | |
| uses: actions/checkout@v4 | |
| - name: Retrieve Version from version.py | |
| run: | | |
| echo TAG_NAME=$(cat acme_srv/version.py | grep -i __version__ | head -n 1 | sed 's/__version__ = //g' | sed s/\'//g) >> $GITHUB_ENV | |
| - run: echo "Latest tag is ${{ env.TAG_NAME }}" | |
| - name: update version number in spec file | |
| run: | | |
| # sudo sed -i "s/Source0:.*/Source0: %{name}-%{version}.tar.gz/g" examples/install_scripts/rpm/acme2certifier.spec | |
| sudo sed -i "s/__version__/${{ env.TAG_NAME }}/g" examples/install_scripts/rpm/acme2certifier.spec | |
| cat examples/install_scripts/rpm/acme2certifier.spec | |
| - name: build RPM package | |
| id: rpm | |
| uses: grindsa/rpmbuild@alma9 | |
| with: | |
| spec_file: "examples/install_scripts/rpm/acme2certifier.spec" | |
| - run: echo "path is ${{ steps.rpm.outputs.rpm_dir_path }}" | |
| - name: "Setup environment for alma installation" | |
| run: | | |
| docker network create acme | |
| sudo mkdir -p data | |
| sudo chmod -R 777 data | |
| sudo cp ${{ steps.rpm.outputs.rpm_dir_path }}noarch/acme2certifier-${{ env.TAG_NAME }}-1.0.noarch.rpm data | |
| sudo cp examples/Docker/almalinux-systemd/rpm_tester.sh data | |
| - name: "Retrieve rpms from SBOM repo" | |
| run: | | |
| git clone https://$GH_SBOM_USER:[email protected]/$GH_SBOM_USER/sbom /tmp/sbom | |
| cp /tmp/sbom/rpm-repo/RPMs/rhel${{ matrix.rhversion }}/*.rpm data | |
| env: | |
| GH_SBOM_USER: ${{ secrets.GH_SBOM_USER }} | |
| GH_SBOM_TOKEN: ${{ secrets.GH_SBOM_TOKEN }} | |
| - name: "Setup openssl ca_handler" | |
| run: | | |
| mkdir -p data/acme_ca | |
| sudo cp examples/ca_handler/openssl_ca_handler.py data/acme_ca/ca_handler.py | |
| sudo chmod 777 data/acme_ca/ca_handler.py | |
| sudo sed -i "s/import uuid/import uuid\\nimport time/g" data/acme_ca/ca_handler.py | |
| sudo sed -i "s/ cert_raw = None/ cert_raw = None\\n time.sleep(22)\\n self.logger.debug('CAhandler.enroll(): timeout done')/g" data/acme_ca/ca_handler.py | |
| sudo mkdir -p data/acme_ca/certs | |
| sudo cp test/ca/sub-ca-key.pem test/ca/sub-ca-crl.pem test/ca/sub-ca-cert.pem test/ca/root-ca-cert.pem data/acme_ca/ | |
| sudo cp .github/openssl_ca_handler.py_acme_srv_choosen_handler.cfg data/acme_srv.cfg | |
| sudo chmod 777 data/acme_srv.cfg | |
| sudo sed -i "s/revocation_reason_check_disable: False/revocation_reason_check_disable: False\\ncert_reusage_timeframe: 1800\\nenrollment_timeout: 15/g" data/acme_srv.cfg | |
| # sudo sed -i "s/retry_after_timeout: 15/retry_after_timeout: 30\\nenrollment_timeout: 15/g" data/acme_srv.cfg | |
| sudo sed -i "s/handler_file: examples\/ca_handler\/openssl_ca_handler.py/handler_file: \/opt\/acme2certifier\/volume\/acme_ca\/ca_handler.py/g" data/acme_srv.cfg | |
| - name: "Prepare Almalinux instance" | |
| run: | | |
| sudo cp examples/Docker/almalinux-systemd/Dockerfile data | |
| sudo sed -i "s/FROM almalinux:9/FROM almalinux:${{ matrix.rhversion }}/g" data/Dockerfile | |
| cat data/Dockerfile | docker build -t almalinux-systemd -f - . --no-cache | |
| docker run -d -id --privileged --network acme --name=acme-srv -v "$(pwd)/data":/tmp/acme2certifier almalinux-systemd | |
| - name: "Execute install scipt" | |
| run: | | |
| docker exec acme-srv sh /tmp/acme2certifier/rpm_tester.sh | |
| - name: "Enroll acme.sh" | |
| run: | | |
| docker run --rm -i -v "$(pwd)/acme-sh":/acme.sh --network acme --name=acme-sh neilpang/acme.sh:latest --issue --server http://acme-srv --keylength 2048 --accountemail '[email protected]' -d acme-sh.acme --standalone --debug 3 --output-insecure --force | |
| - name: "Check timeout" | |
| run: | | |
| docker exec acme-srv grep "Certificate.enroll_and_store() ended with: None:timeout" /var/log/messages | |
| - name: "Enroll acme.sh" | |
| run: | | |
| docker run --rm -i -v "$(pwd)/acme-sh":/acme.sh --network acme --name=acme-sh neilpang/acme.sh:latest --issue --server http://acme-srv --keylength 2048 --accountemail '[email protected]' -d acme-sh.acme --standalone --debug 3 --output-insecure --force | |
| - name: "Check certificate reusage" | |
| run: | | |
| docker exec acme-srv grep "Certificate._enroll(): reuse existing certificate" /var/log/messages | |
| - name: "[ * ] collecting test logs" | |
| if: ${{ failure() }} | |
| run: | | |
| mkdir -p ${{ github.workspace }}/artifact/upload | |
| docker exec acme-srv tar cvfz /tmp/acme2certifier/a2c.tgz /opt/acme2certifier | |
| sudo cp -rp data/ ${{ github.workspace }}/artifact/data/ | |
| sudo rm ${{ github.workspace }}/artifact/data/*.rpm | |
| docker exec acme-srv cat /etc/nginx/nginx.conf.orig > ${{ github.workspace }}/artifact/data/nginx.conf.orig | |
| docker exec acme-srv cat /etc/nginx/nginx.conf > ${{ github.workspace }}/artifact/data/nginx.conf | |
| docker exec acme-srv cat /var/log/messages > ${{ github.workspace }}/artifact/acme-srv.log | |
| sudo tar -C ${{ github.workspace }}/artifact/ -cvzf ${{ github.workspace }}/artifact/upload/artifact.tar.gz data acme-srv.log | |
| - name: "[ * ] uploading artificates" | |
| uses: actions/upload-artifact@v4 | |
| if: ${{ failure() }} | |
| with: | |
| name: rpm_wsgi_async_enrollment_cert_reusage-rh${{ matrix.rhversion }}.tar.gz | |
| path: ${{ github.workspace }}/artifact/upload/ | |
| rpm_django_async_enrollment_cert_reusage: | |
| name: "rpm_django_async_enrollment_cert_reusage" | |
| runs-on: ubuntu-latest | |
| strategy: | |
| # max-parallel: 1 | |
| fail-fast: false | |
| matrix: | |
| rhversion: [8, 9] | |
| steps: | |
| - name: "checkout GIT" | |
| uses: actions/checkout@v4 | |
| - name: "Get runner ip" | |
| run: | | |
| echo RUNNER_IP=$(ip addr show eth0 | grep -i "inet " | cut -d ' ' -f 6 | cut -d '/' -f 1) >> $GITHUB_ENV | |
| echo RUNNER_PATH=$(pwd | sed 's_/_\\/_g') >> $GITHUB_ENV | |
| - run: echo "runner IP is ${{ env.RUNNER_IP }}" | |
| - name: "Prepare Postgres environment" | |
| run: | | |
| docker network create acme | |
| sudo mkdir -p examples/Docker/data/pgsql/ | |
| sudo cp .github/a2c.psql examples/Docker/data/pgsql/a2c.psql | |
| sudo cp .github/pgpass examples/Docker/data/pgsql/pgpass | |
| sudo chmod 600 examples/Docker/data/pgsql/pgpass | |
| - name: "Install postgres" | |
| working-directory: examples/Docker/ | |
| run: | | |
| docker run --name postgresdbsrv --network acme -e POSTGRES_PASSWORD=foobar -d postgres | |
| - name: "Sleep for 10s" | |
| uses: juliangruber/[email protected] | |
| with: | |
| time: 10s | |
| - name: "Configure postgres" | |
| working-directory: examples/Docker/ | |
| run: | | |
| docker run -v "$(pwd)/data/pgsql/a2c.psql":/tmp/a2c.psql -v "$(pwd)/data/pgsql/pgpass:/root/.pgpass" --rm --network acme postgres psql -U postgres -h postgresdbsrv -f /tmp/a2c.psql | |
| - name: "Sleep for 10s" | |
| uses: juliangruber/[email protected] | |
| with: | |
| time: 10s | |
| - name: Retrieve Version from version.py | |
| run: | | |
| echo TAG_NAME=$(cat acme_srv/version.py | grep -i __version__ | head -n 1 | sed 's/__version__ = //g' | sed s/\'//g) >> $GITHUB_ENV | |
| - run: echo "Latest tag is ${{ env.TAG_NAME }}" | |
| - name: Update version number in spec file and path in nginx ssl config | |
| run: | | |
| sudo sed -i "s/__version__/${{ env.TAG_NAME }}/g" examples/install_scripts/rpm/acme2certifier.spec | |
| sudo sed -i "s/\/var\/www\/acme2certifier\/volume/\/etc\/nginx/g" examples/nginx/nginx_acme_srv_ssl.conf | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "rpm update" | |
| git add examples/nginx | |
| git commit -a -m "rpm update" | |
| - name: Build RPM package | |
| id: rpm | |
| uses: grindsa/rpmbuild@alma9 | |
| with: | |
| spec_file: "examples/install_scripts/rpm/acme2certifier.spec" | |
| - run: echo "path is ${{ steps.rpm.outputs.rpm_dir_path }}" | |
| - name: "Setup environment for alma installation" | |
| run: | | |
| sudo mkdir -p data/volume | |
| sudo mkdir -p data/acme2certifier | |
| sudo mkdir -p data/nginx | |
| sudo chmod -R 777 data | |
| sudo cp ${{ steps.rpm.outputs.rpm_dir_path }}noarch/acme2certifier-${{ env.TAG_NAME }}-1.0.noarch.rpm data | |
| sudo cp examples/Docker/almalinux-systemd/django_tester.sh data | |
| sudo cp .github/acme2certifier_cert.pem data/nginx/acme2certifier_cert.pem | |
| sudo cp .github/acme2certifier_key.pem data/nginx/acme2certifier_key.pem | |
| sudo cp .github/django_settings_psql.py data/acme2certifier/settings.py | |
| sudo sed -i "s/USE_I18N = True/USE_I18N = False/g" data/acme2certifier/settings.py | |
| - name: "Retrieve rpms from SBOM repo" | |
| run: | | |
| git clone https://$GH_SBOM_USER:[email protected]/$GH_SBOM_USER/sbom /tmp/sbom | |
| cp /tmp/sbom/rpm-repo/RPMs/rhel${{ matrix.rhversion }}/*.rpm data | |
| env: | |
| GH_SBOM_USER: ${{ secrets.GH_SBOM_USER }} | |
| GH_SBOM_TOKEN: ${{ secrets.GH_SBOM_TOKEN }} | |
| - name: "Setup openssl ca_handler" | |
| run: | | |
| mkdir -p data/volume/acme_ca/certs | |
| sudo cp examples/ca_handler/openssl_ca_handler.py data/volume/acme_ca/ca_handler.py | |
| sudo chmod 777 data/volume/acme_ca/ca_handler.py | |
| sudo sed -i "s/import uuid/import uuid\\nimport time/g" data/volume/acme_ca/ca_handler.py | |
| # sudo sed -i "s/ cert_raw = None/ cert_raw = None\\n time.sleep(15)/g" data/volume/acme_ca/ca_handler.py | |
| sudo sed -i "s/ cert_raw = None/ cert_raw = None\\n self.logger.debug('CAhandler.enroll(): timeout start')\\n time.sleep(30)\\n self.logger.debug('CAhandler.enroll(): timeout done')/g" data/volume/acme_ca/ca_handler.py | |
| sudo cp test/ca/sub-ca-key.pem test/ca/sub-ca-crl.pem test/ca/sub-ca-cert.pem test/ca/root-ca-cert.pem data/volume/acme_ca/ | |
| sudo cp .github/openssl_ca_handler.py_acme_srv_choosen_handler.cfg data/volume/acme_srv.cfg | |
| sudo chmod 777 data/volume/acme_srv.cfg | |
| sudo sed -i "s/revocation_reason_check_disable: False/revocation_reason_check_disable: False\\ncert_reusage_timeframe: 1800\\nenrollment_timeout: 15/g" data/volume/acme_srv.cfg | |
| # sudo sed -i "s/retry_after_timeout: 15/retry_after_timeout: 30\\nenrollment_timeout: 15/g" data/volume/acme_srv.cfg | |
| sudo sed -i "s/handler_file: examples\/ca_handler\/openssl_ca_handler.py/handler_file: \/opt\/acme2certifier\/volume\/acme_ca\/ca_handler.py/g" data/volume/acme_srv.cfg | |
| - name: "Prepare Almalinux instance" | |
| run: | | |
| sudo cp examples/Docker/almalinux-systemd/Dockerfile data | |
| sudo sed -i "s/FROM almalinux:9/FROM almalinux:${{ matrix.rhversion }}/g" data/Dockerfile | |
| cat data/Dockerfile | docker build -t almalinux-systemd -f - . --no-cache | |
| docker run -d -id --privileged --network acme -p 22280:80 --name=acme-srv -v "$(pwd)/data":/tmp/acme2certifier almalinux-systemd | |
| - name: "Execute install scipt" | |
| run: | | |
| docker exec acme-srv sh /tmp/acme2certifier/django_tester.sh | |
| - name: "Test http://acme-srv/directory is accessible" | |
| run: docker run -i --rm --network acme curlimages/curl -f http://acme-srv/directory | |
| - name: "Test if https://acme-srv/directory is accessible" | |
| run: docker run -i --rm --network acme curlimages/curl --insecure -f https://acme-srv/directory | |
| - name: "Enroll acme.sh" | |
| run: | | |
| docker run --rm -i -v "$(pwd)/acme-sh":/acme.sh --network acme --name=acme-sh neilpang/acme.sh:latest --issue --server http://acme-srv --keylength 2048 --accountemail '[email protected]' -d acme-sh.acme --standalone --debug 3 --output-insecure --force | |
| - name: "Sleep for 5s" | |
| uses: juliangruber/[email protected] | |
| with: | |
| time: 5s | |
| - name: "Check timeout" | |
| run: | | |
| docker exec acme-srv grep "Certificate.enroll_and_store() ended with: None:timeout" /var/log/messages | |
| - name: "Enroll acme.sh" | |
| run: | | |
| docker run --rm -i -v "$(pwd)/acme-sh":/acme.sh --network acme --name=acme-sh neilpang/acme.sh:latest --issue --server http://acme-srv --keylength 2048 --accountemail '[email protected]' -d acme-sh.acme --standalone --debug 3 --output-insecure --force | |
| - name: "Sleep for 5s" | |
| uses: juliangruber/[email protected] | |
| with: | |
| time: 5s | |
| - name: "Check certificate reusage" | |
| run: | | |
| docker exec acme-srv grep "Certificate._enroll(): reuse existing certificate" /var/log/messages | |
| - name: "[ * ] collecting test logs" | |
| if: ${{ failure() }} | |
| run: | | |
| mkdir -p ${{ github.workspace }}/artifact/upload | |
| docker exec acme-srv tar cvfz /tmp/acme2certifier/a2c.tgz /opt/acme2certifier | |
| docker exec acme-srv tar cvfz /tmp/acme2certifier/nginx.tgz /etc/nginx | |
| sudo cp -rp data/ ${{ github.workspace }}/artifact/data/ | |
| sudo rm ${{ github.workspace }}/artifact/data/*.rpm | |
| docker exec postgresdbsrv pg_dump -U postgres acme2certifier > data/acme2certifier.sql | |
| docker exec acme-srv cat /etc/nginx/nginx.conf.orig > ${{ github.workspace }}/artifact/data/nginx.conf.orig | |
| docker exec acme-srv cat /etc/nginx/nginx.conf > ${{ github.workspace }}/artifact/data/nginx.conf | |
| docker exec acme-srv rpm -qa > ${{ github.workspace }}/artifact/data/packages.txt | |
| docker exec acme-srv cat /var/log/messages > ${{ github.workspace }}/artifact/acme-srv.log | |
| sudo tar -C ${{ github.workspace }}/artifact/ -cvzf ${{ github.workspace }}/artifact/upload/artifact.tar.gz data acme-srv.log | |
| - name: "[ * ] uploading artificates" | |
| uses: actions/upload-artifact@v4 | |
| if: ${{ failure() }} | |
| with: | |
| name: rpm_django_async_enrollment_cert_reusage-rh${{ matrix.rhversion }}.tar.gz | |
| path: ${{ github.workspace }}/artifact/upload/ |