-
Notifications
You must be signed in to change notification settings - Fork 0
31 lines (31 loc) · 963 Bytes
/
rotate.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
name: Rotate root certs
on:
workflow_dispatch:
schedule:
- cron: "0 0 10 1 *"
jobs:
main:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: actions/cache@v3
with:
path: |
~/.cargo/registry
~/.cargo/git
software/certifier/target
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- uses: actions-rs/toolchain@v1
with:
toolchain: stable
- run: |
set -xeu
export GOOGLE_APPLICATION_CREDENTIALS="$(pwd)/google_creds.json"
cat > $GOOGLE_APPLICATION_CREDENTIALS << 'PRINCELY_EXCITED'
${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
PRINCELY_EXCITED
cargo run --manifest-path software/certifier/Cargo.toml --bin certifier-rotate
env:
CERTIPASTA_ROTATE_CONFIG: ${{ vars.CERTIPASTA_ROTATE_CONFIG }}