-
-
Notifications
You must be signed in to change notification settings - Fork 7
46 lines (39 loc) · 1.37 KB
/
Copy pathcanary-reminder.yml
File metadata and controls
46 lines (39 loc) · 1.37 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
name: Warrant Canary Reminder
on:
schedule:
- cron: '0 0 1 * *' # First day of every month at midnight UTC
workflow_dispatch: # Allow manual trigger
jobs:
remind:
runs-on: ubuntu-latest
steps:
- name: Create Issue
uses: actions/github-script@v7
with:
script: |
const today = new Date().toISOString().split('T')[0];
const nextMonth = new Date(Date.now() + 30*24*60*60*1000).toISOString().split('T')[0];
await github.rest.issues.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: `🔐 Update Warrant Canary - ${today}`,
body: `## Monthly Warrant Canary Update
**Action Required:** Update and sign the warrant canary.
### Steps:
1. Run: \`./scripts/sign-canary.sh\`
2. Review \`public/canary.txt\`
3. Commit: \`git add public/canary.txt public/pgp-key.asc\`
4. Push: \`git commit -m "Update warrant canary ${today}" && git push\`
5. Deploy: \`npm run deploy\`
6. Close this issue
### Checklist:
- [ ] No warrants received
- [ ] No subpoenas received
- [ ] No NSLs received
- [ ] No government requests
- [ ] No forced time manipulation
- [ ] Infrastructure under control
- [ ] No backdoors or compromises
**Next update:** ${nextMonth}`,
labels: ['security', 'canary', 'monthly']
});