Skip to content

SSL/TLS scans

SSL/TLS scans #1004

Workflow file for this run

name: SSL/TLS scans
on:
schedule:
- cron: '34 2 * * *'
workflow_dispatch:
permissions:
contents: read
jobs:
tls:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
tls-version:
- "1.2"
- "1.3"
url:
- michalspacek.cz
steps:
- name: Check TLS ${{ matrix.tls-version }} is available
run: |
curl \
--verbose \
--silent \
--output /dev/null \
--user-agent "GitHub Actions TLS check" \
--tls-max ${{ matrix.tls-version }} \
--tlsv${{ matrix.tls-version }} \
https://${{ matrix.url }}/
testssl:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
url:
- michalspacek.cz
steps:
- name: testssl.sh scan
uses: mbogh/test-ssl-action@6bad4e83e29bca36d5570a00736a0b9d63e52643 # v3.0.2
with:
host: ${{ matrix.url }}
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
if: always()
with:
name: testssl.sh reports
path: 'output/*'
certmonitor:
runs-on: ubuntu-latest
strategy:
matrix:
php-version:
- "8.3"
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2
with:
coverage: none
php-version: ${{ matrix.php-version }}
- run: php site/bin/certmonitor.php --colors --no-ipv6
env:
CERTMONITOR_USER: ${{ secrets.CERTMONITOR_USER }}
CERTMONITOR_KEY: ${{ secrets.CERTMONITOR_KEY }}
heartbeat:
runs-on: ubuntu-latest
if: always()
needs:
- tls
- testssl
- certmonitor
steps:
- run: curl --no-progress-meter ${{ secrets.SSLTLSSCANS_HEARTBEAT_URL }}