Skip to content

SSL/TLS scans

SSL/TLS scans #1070

Workflow file for this run

name: SSL/TLS scans
on:
schedule:
- cron: '34 2 * * *'
workflow_dispatch:
permissions:
contents: read
jobs:
tls:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
tls-version:
- "1.2"
- "1.3"
url:
- michalspacek.cz
steps:
- name: Check TLS ${{ matrix.tls-version }} is available
run: |
curl \
--verbose \
--silent \
--output /dev/null \
--user-agent "GitHub Actions TLS check" \
--tls-max ${{ matrix.tls-version }} \
--tlsv${{ matrix.tls-version }} \
https://${{ matrix.url }}/
testssl:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
url:
- michalspacek.cz
steps:
- name: testssl.sh scan
uses: mbogh/test-ssl-action@6bad4e83e29bca36d5570a00736a0b9d63e52643 # v3.0.2
with:
host: ${{ matrix.url }}
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
if: always()
with:
name: testssl.sh reports
path: 'output/*'
certmonitor:
runs-on: ubuntu-latest
strategy:
matrix:
php-version:
- "8.3"
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2
with:
coverage: none
php-version: ${{ matrix.php-version }}
- run: php app/bin/certmonitor.php --colors --no-ipv6
env:
CERTMONITOR_USER: ${{ secrets.CERTMONITOR_USER }}
CERTMONITOR_KEY: ${{ secrets.CERTMONITOR_KEY }}
heartbeat:
runs-on: ubuntu-latest
if: always()
needs:
- tls
- testssl
- certmonitor
steps:
- run: curl --no-progress-meter ${{ secrets.SSLTLSSCANS_HEARTBEAT_URL }}