Merge pull request 'automatically validate all timestamps in CI' (#5) from validate-timestamps-in-ci into main
All checks were successful
Validate Trusted Timestamps Actions Demo / Validate (push) Successful in 13m35s
All checks were successful
Validate Trusted Timestamps Actions Demo / Validate (push) Successful in 13m35s
Reviewed-on: #5 Reviewed-by: phil <phil@jankaritech.eu>
This commit is contained in:
32
.gitea/workflows/validate.yaml
Normal file
32
.gitea/workflows/validate.yaml
Normal file
@@ -0,0 +1,32 @@
|
||||
name: Validate Trusted Timestamps Actions Demo
|
||||
run-name: ${{ gitea.actor }} is validating the trusted timestamps of all commits 🚀
|
||||
on: [push]
|
||||
|
||||
variables:
|
||||
EXPECTED_TRUSTANCHORS_HASH: "70a1c7e2fc62a0b62e44063f0e730b20b0f209d15c84b310ad06ce616c352829"
|
||||
|
||||
jobs:
|
||||
Validate:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 2
|
||||
steps:
|
||||
- name: Install extra software
|
||||
run: |
|
||||
apt-get update
|
||||
apt-get install -y xxd
|
||||
- name: Check out repository code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Setup timestamping authorities
|
||||
run: |
|
||||
git config --local timestamping.tsa0.url https://freetsa.org/tsr
|
||||
bash -c 'yes | ./hooks/trust.sh https://freetsa.org/tsr'
|
||||
git config --local timestamping.tsa1.url https://tsa.cesnet.cz:3162/tsa
|
||||
bash -c 'yes | ./hooks/trust.sh https://tsa.cesnet.cz:3162/tsa'
|
||||
- name: Check hashes of all trustanchors
|
||||
run: |
|
||||
./hooks/validate_trustanchors_hash.sh .git/hoqoks/trustanchors ${{ EXPECTED_TRUSTANCHORS_HASH }}
|
||||
- name: Validate timestamps of all commits
|
||||
run: |
|
||||
./hooks/validate.sh --minversion 0
|
||||
Reference in New Issue
Block a user