name: "TLS protocol scan"
on:
  push:
    branches:
      - main
  pull_request:
    # The branches below must be a subset of the branches above
    branches: [main]

permissions: read-all

jobs:
  tls-check:
    runs-on: ubuntu-latest
    name: TLS check
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v4
        with:
          cache: false
          go-version: 1.20.x
      - name: Install dependencies
        run: |
          cd $GITHUB_WORKSPACE
          mkdir -p test/data
          cd test/data
          ../scripts/gen_certs.sh
      - name: Check for TLS settings
        run: |
          cd $GITHUB_WORKSPACE
          make binary
          bin/zot-linux-amd64 serve examples/config-tls.json & echo $! > zot.PID
          sleep 5
          # Check if zot server is running
          cat /proc/$(cat zot.PID)/status | grep State || exit 1

          # zot server is running: proceed to testing
          ./test/scripts/tls_scan.sh