Skip to content

Commit

Permalink
ci: delete SSL certs upon PR close
Browse files Browse the repository at this point in the history
  • Loading branch information
@brynblack
brynblack committed Jul 4, 2024
1 parent 2924c69 commit 4680db1
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/clean.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,12 @@ jobs:
env:
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
ZONE_ID: ${{ secrets.ZONE_ID }}
AUTH_KEY: ${{ secrets.AUTH_KEY }}
AUTH_EMAIL: ${{ secrets.AUTH_EMAIL }}
run: |
echo 'Perform service deployment for feature'
nix develop .#ci --command bash -c $'
wrangler delete --name "polykey-docs-dev-$GITHUB_HEAD_REF" --force
DOMAIN="$GITHUB_HEAD_REF.dev.polykey.com/docs" ./scripts/ssl.sh
'
15 changes: 15 additions & 0 deletions scripts/ssl.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
#/bin/sh

response=$(curl -X GET "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/ssl/certificate_packs" \
-H "Content-Type: application/json" \
-H "X-Auth-Key: $AUTH_KEY" \
-H "X-Auth-Email: $AUTH_EMAIL")

cert_ids=$(echo "$response" | jq -r --arg domain "$DOMAIN" '.result[] | select(.hosts[] | contains($domain)) | .id')

echo "$cert_ids" | while read -r cert_id; do
curl -X DELETE --url "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/ssl/certificate_packs/$cert_id" \
-H "Content-Type: application/json" \
-H "X-Auth-Key: $AUTH_KEY" \
-H "X-Auth-Email: $AUTH_EMAIL"
done

0 comments on commit 4680db1

Please sign in to comment.