CI: update actions, check DNSSEC capability

2024-05-19 23:49:45 +02:00 · 2024-05-19 23:49:45 +02:00 · 551bc7c073
commit 551bc7c073
parent 5c72c439f0
5 changed files with 30 additions and 6 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -11,7 +11,7 @@ jobs:
  run:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
      - name: check with dnscrypt-proxy
        run: |
--- a/.github/workflows/prcheck.sh
+++ b/.github/workflows/prcheck.sh
@ -1,6 +1,6 @@
 #! /bin/sh
-DNSLOOKUP_VERSION=1.5.1
+DNSLOOKUP_VERSION=1.10.1
 case "$(uname -ms)" in
 Darwin\ x86_64) DNSLOOKUP_ARCH=darwin-amd64 ;;
@ -74,7 +74,7 @@ if [ ! -s "$NEW_ENTRIES" ]; then
    exit 0
 fi
-curl -qL https://github.com/jedisct1/dnscrypt-proxy/releases/download/2.1.3/dnscrypt-proxy-linux_x86_64-2.1.3.tar.gz | tar xzvf -
+curl -qL https://github.com/jedisct1/dnscrypt-proxy/releases/download/2.1.5/dnscrypt-proxy-linux_x86_64-2.1.5.tar.gz | tar xzvf -
 cd linux-x86_64 || exit 1
 exit_code=0
@ -83,6 +83,8 @@ CONFIG="test-dnscrypt-proxy.toml"
 PIDFILE="dnscrypt-proxy.pid"
 LOGFILE="dnscrypt-proxy.log"
 while read -r stamp; do
    echo
    echo ========================
    echo
    echo "* Checking resolver with stamp:"
    echo "$stamp"
@ -97,7 +99,24 @@ while read -r stamp; do
        echo '[static."test"]'
        echo "stamp = '${stamp}'"
    } >"$CONFIG"
    if ! ./dnscrypt-proxy -config "$CONFIG" -show-certs; then
        exit_code=1
    fi
    echo
    echo ---
    echo
    dnssec=false
    if ./dnscrypt-proxy -config "$CONFIG" -list -json | grep -F '"dnssec": true' >/dev/null; then
        dnssec=true
        echo "DNSSEC support is expected"
    else
        echo "DNSSEC support is not expected"
    fi
    ./dnscrypt-proxy -config "$CONFIG" -pidfile "$PIDFILE" -logfile "$LOGFILE" -loglevel 1 &
    sleep 5
    skip_log=false
    if grep -q 'DNSCrypt relay' "$LOGFILE"; then
@ -110,6 +129,11 @@ while read -r stamp; do
        echo "** UNABLE TO GET A RESPONSE FROM THE RESOLVER **"
        echo "Bogus stamp: ${stamp}"
        exit_code=1
    elif $dnssec; then
        if ./dnscrypt-proxy -config "$CONFIG" -resolve -check example.com | grep -F "resolver doesn't support DNSSEC" >/dev/null; then
            echo "** DNSSEC SUPPORT IS EXPECTED BUT NOT DETECTED **"
            exit_code=1
        fi
    fi
    kill $(cat "$PIDFILE")
    if [ "$skip_log" = false ]; then
--- a/.github/workflows/prcheck.yml
+++ b/.github/workflows/prcheck.yml
@ -11,7 +11,7 @@ jobs:
  prcheck:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
      - name: new entries
        run: .github/workflows/prcheck.sh
--- a/.github/workflows/resolverscheck.sh
+++ b/.github/workflows/resolverscheck.sh
@ -1,6 +1,6 @@
 #! /bin/sh
-DNSLOOKUP_VERSION=1.5.1
+DNSLOOKUP_VERSION=1.10.1
 case "$(uname -ms)" in
 Darwin\ x86_64) DNSLOOKUP_ARCH=darwin-amd64 ;;
--- a/.github/workflows/resolverscheck.yml
+++ b/.github/workflows/resolverscheck.yml
@ -11,7 +11,7 @@ jobs:
  resolverscheck:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
      - name: resolvers check
        run: .github/workflows/resolverscheck.sh