Check Certificates (check_and_renew_certificates) #55

Workflow file for this run

.github/workflows/check_certs.yml at f870e18

	name: Check Certificates
	run-name: Check Certificates (${{ github.ref_name }})

	on:
	workflow_dispatch:

	env:
	EXPIRATION_WARNING_DAYS: 7

	jobs:
	check_certs:
	runs-on: ubuntu-latest
	env:
	FASTLANE_ISSUER_ID: ${{ secrets.FASTLANE_ISSUER_ID }}
	FASTLANE_KEY_ID: ${{ secrets.FASTLANE_KEY_ID }}
	FASTLANE_KEY: ${{ secrets.FASTLANE_KEY }}
	outputs:
	new_certificate_needed: ${{ steps.set_output.outputs.new_certificate_needed }}

	steps:
	- name: Checkout repository
	uses: actions/checkout@v3

	- name: Set up Ruby
	uses: ruby/setup-ruby@v1
	with:
	ruby-version: '3.1'

	- name: Install dependencies
	run: bundle install

	- name: Check Certificates and create or renew if needed
	env:
	FASTLANE_USER: ${{ secrets.APPLE_ID }}
	FASTLANE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
	run: bundle exec fastlane check_and_renew_certificates
	id: check_certs

	- name: Set output based on Fastlane result
	id: set_output
	run: \|
	CERT_STATUS_FILE="/home/runner/work/#{GITHUB_REPOSITORY}/#{GITHUB_REPOSITORY}/fastlane/new_certificate_needed.txt"
	if [ -f "$CERT_STATUS_FILE" ]; then
	CERT_STATUS=$(cat "$CERT_STATUS_FILE" \| tr -d '\n' \| tr -d '\r') # Read file content and strip newlines
	echo "new_certificate_needed: $CERT_STATUS"
	echo "new_certificate_needed=$CERT_STATUS" >> $GITHUB_OUTPUT
	else
	echo "Certificate status file not found. Defaulting to false."
	echo "new_certificate_needed=false" >> $GITHUB_OUTPUT
	fi

	# Nuke Certs if needed
	nuke_certs:
	needs: check_certs
	runs-on: macos-14
	if: ${{ needs.check_certs.outputs.new_certificate_needed == 'true' }}
	steps:
	- name: Debug check_certs output
	run: echo "new_certificate_needed=${{ needs.check_certs.outputs.new_certificate_needed }}"

	- name: Checkout repository
	uses: actions/checkout@v3

	- name: Set up Ruby
	uses: ruby/setup-ruby@v1
	with:
	ruby-version: '3.1'

	- name: Install dependencies
	run: bundle install

	- name: Run Fastlane nuke_certs
	run: bundle exec fastlane nuke_certs
	env:
	TEAMID: ${{ secrets.TEAMID }}
	GH_PAT: ${{ secrets.GH_PAT }}
	MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
	FASTLANE_USER: ${{ secrets.FASTLANE_USER }}
	FASTLANE_KEY_ID: ${{ secrets.FASTLANE_KEY_ID }}
	FASTLANE_ISSUER_ID: ${{ secrets.FASTLANE_ISSUER_ID }}
	FASTLANE_KEY: ${{ secrets.FASTLANE_KEY }}
	FASTLANE_SKIP_ALL_LANE_SUMMARIES: "true"

	# Trigger create_certs.yml if nuke_certs ran
	trigger_create_certs:
	needs: [check_certs, nuke_certs]
	uses: ./.github/workflows/create_certs.yml
	secrets: inherit

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Check Certificates (check_and_renew_certificates) #55

Workflow file

Check Certificates (check_and_renew_certificates) #55

Jobs

Run details

Workflow file for this run