Check Upstream OpenSSL #58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check Upstream OpenSSL | |
| on: | |
| schedule: | |
| - cron: '0 0 * * *' # Runs daily at midnight UTC | |
| workflow_dispatch: | |
| permissions: | |
| actions: write | |
| contents: read | |
| jobs: | |
| check-and-trigger: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v6 | |
| - name: Fetch Active OpenSSL Versions | |
| id: fetch_versions | |
| run: | | |
| echo "Fetching active OpenSSL versions from endoflife.date API..." | |
| CURRENT_DATE=$(date +%Y-%m-%d) | |
| # Fetch all active 'latest' versions (where EOL date is greater than today, or EOL is false) | |
| # We also filter to only include 3.x versions | |
| ACTIVE_VERSIONS=$(curl -s https://endoflife.date/api/openssl.json | jq -r --arg now "$CURRENT_DATE" 'map(select((.eol == false or .eol > $now) and (.cycle | startswith("3.")))) | .[].latest') | |
| if [ -z "$ACTIVE_VERSIONS" ]; then | |
| echo "::info::No new OpenSSL Releases identified." | |
| exit 0 | |
| fi | |
| # Convert multi-line string to a space-separated string for easier looping | |
| ACTIVE_VERSIONS_FLAT=$(echo "$ACTIVE_VERSIONS" | tr '\n' ' ') | |
| echo "Active OpenSSL versions: $ACTIVE_VERSIONS_FLAT" | |
| echo "versions=$ACTIVE_VERSIONS_FLAT" >> $GITHUB_OUTPUT | |
| - name: Check Local Releases and Trigger Builds | |
| env: | |
| GH_TOKEN: ${{ secrets.RBPW_PAT }} | |
| run: | | |
| VERSIONS="${{ steps.fetch_versions.outputs.versions }}" | |
| for VERSION in $VERSIONS; do | |
| echo "----------------------------------------" | |
| echo "Checking version: $VERSION" | |
| # Check if we already have a release for this exact version | |
| if gh release view "v$VERSION" > /dev/null 2>&1; then | |
| echo "✅ Release v$VERSION already exists. Skipping." | |
| else | |
| echo "🚀 New release v$VERSION missing! Triggering build..." | |
| gh workflow run build-openssl.yml -f version="$VERSION" -f build_type="release" | |
| echo "Build triggered for $VERSION." | |
| fi | |
| done |