Skip to content

CTLog STH Prober #60966

CTLog STH Prober

CTLog STH Prober #60966

Workflow file for this run

name: CTLog STH Prober
on:
workflow_dispatch:
inputs:
triggerPagerDutyTest:
description: 'Trigger PagerDuty test message'
required: false
type: boolean
schedule:
# run every 15 minutes, as often as Github Actions allows
- cron: '*/15 * * * *'
jobs:
ctlog-sth:
name: CTLog STH probe
runs-on: ubuntu-latest
timeout-minutes: 2
outputs:
summary: ${{ steps.ctlog_sth_probe.outputs.summary }}
probe_status: ${{ steps.ctlog_sth_probe.outputs.probe_status }}
env: ${{ steps.ctlog_sth_probe.outputs.env }}
shard: ${{ steps.ctlog_sth_probe.outputs.shard }}
strategy:
fail-fast: false # Keep running if one leg fails.
matrix:
env:
- production
- staging
shard:
- test
- 2022
- 2022-2
exclude:
- env: production
shard: 2022-2
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'prober/ctlog/go.mod'
cache-dependency-path: 'prober/ctlog/go.sum'
- name: Probe CT log STH - ${{ matrix.env }} - ${{ matrix.shard }}
id: ctlog_sth_probe
run: |
echo "env=${{ matrix.env }}" >> $GITHUB_OUTPUT
echo "shard=${{ matrix.shard }}" >> $GITHUB_OUTPUT
if [ "${{ inputs.triggerPagerDutyTest }}" == "true" ]; then
echo "summary=Test Notification" >> $GITHUB_OUTPUT;
else
echo "summary=CTLog STH Prober Failed" >> $GITHUB_OUTPUT;
fi
if ! go run ./prober/ctlog/ctlog-sth.go --env ${{ matrix.env }} --shard ${{ matrix.shard }} ; then
echo "probe_status=failed" >> $GITHUB_OUTPUT
exit 1
fi
pager:
if: github.event.inputs.triggerPagerDutyTest=='true' || (failure() && needs.ctlog-sth.outputs.probe_status == 'failed')
needs: [ctlog-sth]
uses: ./.github/workflows/reusable-pager.yml
secrets:
PAGERDUTY_INTEGRATION_KEY: ${{ secrets.PAGERDUTY_INTEGRATION_KEY }}
with:
summary: ${{ needs.ctlog-sth.outputs.summary }}
component: "ctfe"
group: ${{ needs.ctlog-sth.outputs.env }}
details: >
{
"Environment": "${{ needs.ctlog-sth.outputs.env }}",
"Failure URL": "https://github.com/sigstore/sigstore-probers/actions/runs/${{ github.run_id }}",
"Commit": "${{ github.sha }}",
"CT log ${{ needs.ctlog-sth.outputs.env }} - ${{ needs.ctlog-sth.outputs.shard }} shard": "${{ needs.ctlog-sth.outputs.probe_status }}"
}
links: >
[
{
"href": "https://github.com/sigstore/public-good-instance/blob/main/playbooks/alerting/alerts/ct-log-uptime-failure.md",
"text": "CTFE Prober Failure Playbook"
}
]