Skip to content

SSL/TLS scans

SSL/TLS scans #637

Workflow file for this run

name: SSL/TLS scans
on:
schedule:
- cron: '34 2 * * *'
workflow_dispatch:
jobs:
tls:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
tls-version:
- "1.2"
- "1.3"
url:
- michalspacek.cz
steps:
- name: Check TLS ${{ matrix.tls-version }} is available
run: |
curl \
--verbose \
--silent \
--output /dev/null \
--user-agent "GitHub Actions TLS check" \
--tls-max ${{ matrix.tls-version }} \
--tlsv${{ matrix.tls-version }} \
https://${{ matrix.url }}/
testssl:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
url:
- michalspacek.cz
steps:
- name: testssl.sh scan
uses: mbogh/test-ssl-action@v3
with:
host: ${{ matrix.url }}
- uses: actions/upload-artifact@v3
if: always()
with:
name: testssl.sh reports
path: 'output/*'
certmonitor:
runs-on: ubuntu-latest
strategy:
matrix:
php-version:
- "8.2"
- "8.3"
steps:
- uses: actions/checkout@v3
- uses: shivammathur/setup-php@v2
with:
coverage: none
php-version: ${{ matrix.php-version }}
- run: php site/bin/certmonitor.php --colors --no-ipv6
env:
CERTMONITOR_USER: ${{ secrets.CERTMONITOR_USER }}
CERTMONITOR_KEY: ${{ secrets.CERTMONITOR_KEY }}
heartbeat:
runs-on: ubuntu-latest
if: always()
needs:
- tls
- testssl
- certmonitor
steps:
- run: curl --no-progress-meter ${{ secrets.SSLTLSSCANS_HEARTBEAT_URL }}