Skip to content

Check Mondoo's code signing certifcate is not expired #134

Check Mondoo's code signing certifcate is not expired

Check Mondoo's code signing certifcate is not expired #134

name: "Check Mondoo's code signing certifcate is not expired"
on:
workflow_dispatch:
schedule:
- cron: "0 0 * * *"
jobs:
check_certificate:
name: Check Mondoo's code signing certificate has expired
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Install Mondoo cnspec
shell: bash
run: |
echo Installing Mondoo cnspec...
bash -c "$(curl -sSL https://install.mondoo.com/sh/cnspec)"
- name: Check expiration of public-code-signing.cer
shell: bash
run: |
cnspec scan local --detect-cicd --score-threshold 100 --policy-bundle test/cnspec/check-certificate.mql.yaml -o full