Add test for updated CA bundle

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-25 13:49:03 +01:00 · 2019-02-25 13:49:03 +01:00 · 2bbef58153
parent 36c750ae1e
commit 2bbef58153
2 changed files with 24 additions and 0 deletions
--- a/autotest-checkers.sh
+++ b/autotest-checkers.sh
@ -8,6 +8,8 @@ php ./build/translation-checker.php
 RESULT=$(($RESULT+$?))
 php ./build/htaccess-checker.php
 RESULT=$(($RESULT+$?))
+bash ./build/ca-bundle-checker.sh
+RESULT=$(($RESULT+$?))


 for app in $(find "apps/" -mindepth 1 -maxdepth 1 -type d -exec basename {} \;); do
--- a/build/ca-bundle-checker.sh
+++ b/build/ca-bundle-checker.sh
@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+
+echo
+if [[ -n ${DRONE_BRANCH} &&  ! ${DRONE_BRANCH} =~ version\/noid\/.+ ]]; then
+    echo "Skip CA bundle check"
+    exit 0
+fi
+
+echo "Fetching latest ca-bundle.crt ..."
+curl -o resources/config/ca-bundle.crt https://curl.haxx.se/ca/cacert.pem
+
+echo
+outdated=$(git diff --name-only | grep "resources/config/ca-bundle.crt")
+if [ "${outdated}" = "resources/config/ca-bundle.crt" ]; then
+    echo "CA bundle is not up to date."
+    echo "Please run: bash build/ca-bundle-checker.sh"
+    echo "And commit the result"
+    exit 1
+fi
+
+echo "CA bundle is up to date."
+exit 0