analyze_dmarc #187
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: analyze_dmarc | |
| on: | |
| # Run it weekly because this workflow is time-consuming and we'd run out of credits. | |
| # Run on push is disabled for the same reason. | |
| schedule: | |
| - cron: "0 1 * * SUN" | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| jobs: | |
| build: | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/setup-python@v2 | |
| with: | |
| python-version: "3.9" | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install checkdmarc==4.4.1 | |
| # Use the standalone checkdmarc tool, index results by domain for faster lookup. | |
| # Using the API would be more flexible, but this is easier to implement for now. | |
| - name: Check DMARC information about public sites | |
| run: | | |
| SITES=$(find {_data/general.json,_data/{comunidades,provincias}/*.json} | xargs cat | jq -r .webs[].url) | |
| for site in $SITES; | |
| do | |
| CANONICAL_SITE=$(echo $site | sed 's/^www.//g') | |
| ESCAPED_SITE=$(echo $site | sed 's/\./!/g') | |
| OUTPUT_FILE="_data/results/dmarc/$ESCAPED_SITE.json" | |
| echo "Checking $site to $OUTPUT_FILE" | |
| checkdmarc --skip-tls --nameserver=1.0.0.1 --timeout 3 ${CANONICAL_SITE} > $OUTPUT_FILE | |
| done | |
| # The resulting commit will not trigger another GitHub Actions Workflow run. | |
| # This is due to limitations set by GitHub. | |
| - uses: stefanzweifel/git-auto-commit-action@v4 | |
| with: | |
| commit_message: Update DMARC information about public sites |