From 3329f81a977c97da1f2915bfd628baea128c8f64 Mon Sep 17 00:00:00 2001
From: MatheusAlves96 <matheusalves965@gmail.com>
Date: Tue, 21 Apr 2026 02:07:41 -0300
Subject: [PATCH] fix: use openssl checkend for TLS validity - alpine has no
 GNU date

---
 .forgejo/workflows/deploy.yml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/.forgejo/workflows/deploy.yml b/.forgejo/workflows/deploy.yml
index ce5b1d0..4bc21e0 100644
--- a/.forgejo/workflows/deploy.yml
+++ b/.forgejo/workflows/deploy.yml
@@ -181,9 +181,13 @@ jobs:
             -servername ${{ vars.DOMAIN }} 2>/dev/null \
             | openssl x509 -noout -enddate 2>/dev/null | cut -d= -f2)
           echo "Expira: $EXPIRY"
-          DAYS=$(( ($(date -d "$EXPIRY" +%s) - $(date +%s)) / 86400 ))
-          echo "Dias restantes: $DAYS"
-          [ "$DAYS" -gt 7 ] || (echo "❌ Cert expira em $DAYS dias" && exit 1)
+          # Alpine usa busybox date — converte via openssl diretamente
+          DAYS=$(echo | openssl s_client -connect ${{ vars.SSH_HOST }}:443 \
+            -servername ${{ vars.DOMAIN }} 2>/dev/null \
+            | openssl x509 -noout -checkend 604800 2>/dev/null; echo $?)
+          # checkend retorna 0 se válido por mais de N segundos (604800 = 7 dias)
+          [ "$DAYS" = "0" ] || (echo "❌ Cert expira em menos de 7 dias!" && exit 1)
+          echo "✅ Certificado válido por mais de 7 dias (expira: $EXPIRY)"
 
       - name: GET /api/v1/properties
         run: |