Skip to content
/ watchr-action Public

Automated Domain and TLS Certificate monitoring

License

MIT license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

flavioheleno/watchr-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits
.github/workflows
.github/workflows
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
entrypoint.sh
entrypoint.sh
 
 

Repository files navigation

watchr-action

Monitor your domain and certificates from GitHub Actions with watchr.

Inputs

Domain Check (check: domain)

Name Type Required Description
check string yes Must be set to domain
domain string yes The domain name to be checked (must be a domain name without subdomain labels)
expiration_threshold integer no Number of days left to domain expiration that will trigger an error (default: 5 days)
registrar_name string no Match the domain Registrar Name
status_codes string[] no List of Extensible Provisioning Protocol (EPP) status codes that should be active (CSV format) (default: clientTransferProhibited)

Certificate Check (check: certificate)

Name Type Required Description
check string yes Must be set to certificate
domain string yes The domain name to be checked (must be a Fully Qualified Domain Name)
expiration_threshold integer no Number of days left to certificate expiration that will trigger an error (default: 5 days)
issuer_name string no Match the certificate Issuer Name
fingerprint string no Match the certificate SHA-256 Fingerprint
serial_number string no Match the certificate Serial Number

HTTP Response Check (check: http-resp)

Name Type Required Description
check string yes Must be set to http-resp
http_target_url string yes The target URL to be checked (must be a valid URL)
http_method string no The HTTP Request Method to be used
http_status_codes integer[] no List of HTTP Status Codes that should be returned (default: 200,201,202,203,204,205,206)

Outputs

Name Type Description
status integer The exit code returned by watchr check
stdout string The stdout output generated by watchr check

Examples

Certificate Monitoring

The workflow below will monitor the certificate for:

  • at least 5 days from expiring;
  • matches the domain as SN or SAN.

In case any of the checks fail, it will open an issue with the check output contents.

name: Monitoring
on:
  workflow_dispatch:
  schedule:
    - cron: '0 0 * * *'

jobs:
  check-certificate:
    name: Check "example.com" certificate chain
    runs-on: ubuntu-latest
    permissions:
      issues: write

    steps:
      - id: certificate
        name: Validate certificate chain
        uses: flavioheleno/watchr-action@main
        with:
          check: certificate
          domain: example.com

      - name: Create issue for certificate check results
        if: failure()
        uses: imjohnbo/issue-bot@6924a99d928dc228f407d34eb3d0149eda73f2a7
        with:
          title: "Certificate check failure"
          body: ${{ steps.domain.outputs.stdout }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Domain Monitoring

The workflow below will monitor the domain for:

  • at least 5 days from expiring;
  • is locked for transfer (clientTransferProhibited).

In case any of the checks fail, it will open an issue with the check output contents.

name: Monitoring
on:
  workflow_dispatch:
  schedule:
    - cron: '0 0 * * *'

jobs:
  check-domain:
    name: Check "example.com" domain
    runs-on: ubuntu-latest
    permissions:
      issues: write

    steps:
      - id: domain
        name: Validate domain information
        uses: flavioheleno/watchr-action@main
        with:
          check: domain
          domain: example.com
          status_codes: clientTransferProhibited

      - name: Create issue for domain check results
        if: failure()
        uses: imjohnbo/issue-bot@6924a99d928dc228f407d34eb3d0149eda73f2a7
        with:
          title: "Domain check failure"
          body: ${{ steps.domain.outputs.stdout }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

HTTP Response Monitoring

The workflow below will monitor the url for:

  • response status code equals to 200.

In case the check fails, it will open an issue with the check output contents.

name: Monitoring
on:
  workflow_dispatch:
  schedule:
    - cron: '0 0 * * *'

jobs:
  check-http-resp:
    name: Check "https://example.com/health" URL
    runs-on: ubuntu-latest
    permissions:
      issues: write

    steps:
      - id: http-resp
        name: Validate HTTP Response information
        uses: flavioheleno/watchr-action@main
        with:
          check: http-resp
          http_target_url: https://example.com/health
          http_status_codes: 200

      - name: Create issue for HTTP Response check results
        if: failure()
        uses: imjohnbo/issue-bot@6924a99d928dc228f407d34eb3d0149eda73f2a7
        with:
          title: "HTTP Response check failure"
          body: ${{ steps.http-resp.outputs.stdout }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

License

This project is licensed under the MIT License.

About

Automated Domain and TLS Certificate monitoring

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 22

v0.6.6 Latest
Mar 16, 2024
+ 21 releases

Packages

 
 
 

Languages