msw/draft-weidner-catalog-rr-ext
SHA256
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V1.01.192.2025.06.06
🛡️ Retrieve DNSSEC status of coresecret.dev. / 🛡️ Retrieve DNSSEC status of coresecret.dev. (push) Successful in 33s
Details
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m9s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-06-06 18:16:53 +02:00
parent e199bde419
commit 1e6b128a57
14 changed files with 508 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/render-dnssec-status.yaml
+22 -4
View File
@@ -9,9 +9,9 @@
# SPDX-PackageName: draft-weidner-catalog-rr-ext
# SPDX-Security-Contact: security@coresecret.eu
### Version Master V1.01.128.2025.06.04
### Version Master V1.01.192.2025.06.06
name: Retrieve DNSSEC status of coresecret.dev.
name: 🛡️ Retrieve DNSSEC status of coresecret.dev.
permissions:
contents: write
@@ -25,7 +25,7 @@ on:
jobs:
build-dnssec-diagram:
name: Retrieve DNSSEC status of coresecret.dev.
name: 🛡️ Retrieve DNSSEC status of coresecret.dev.
runs-on: ubuntu-latest
steps:
@@ -127,6 +127,15 @@ jobs:
dnsviz probe -s 8.8.8.8 -R SOA,A,AAAA,CAA,CDS,CDNSKEY,LOC,HTTPS,MX,NS,TXT coresecret.dev >| coresecret.dev.json
dnsviz graph -T png < coresecret.dev.json >| docs/SECURITY/coresecret.dev.png
- name: 🚧 Stash local changes (including untracked).
shell: bash
env:
GIT_SSH_COMMAND: "ssh -p 42842"
run: |
set -euo pipefail
### Temporarily store any local modifications or untracked files.
git stash push --include-untracked -m "ci-temp" || echo "✔️ Nothing to stash."
- name: 🔄 Sync with remote before commit using merge strategy.
shell: bash
env:
@@ -145,6 +154,15 @@ jobs:
git status
git log --oneline -n 5
- name: 🛠️ Restore stashed changes.
shell: bash
env:
GIT_SSH_COMMAND: "ssh -p 42842"
run: |
set -euo pipefail
### Apply previously stashed changes.
git stash pop || echo "✔️ Nothing to pop."
- name: 📦 Stage generated files.
shell: bash
env:
@@ -174,7 +192,7 @@ jobs:
WORKFLOW_ID="${GITHUB_WORKFLOW:-render-md-to-html.yaml}"
CI_HEADER="X-CI-Metadata: ${GIT_REF}@${GIT_SHA} at ${TIMESTAMP_UTC} on ${HOSTNAME}"
COMMIT_MSG="DEPLOY BOT: Auto-Generate DNSSEC Status [skip ci]
COMMIT_MSG="DEPLOY BOT: 🛡️ Auto-Generate DNSSEC Status [skip ci]
${CI_HEADER}