anchor-pki 0.7.0 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/Gemfile.lock +26 -23
  4. data/lib/anchor/auto_cert/configuration.rb +12 -3
  5. data/lib/anchor/version.rb +1 -1
  6. data/lib/anchor.rb +7 -0
  7. data/lib/puma/plugin/auto_cert.rb +6 -11
  8. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 668bda70c37b6cfed433ff05de800a8e2a4f1576a6a16b73d0c653794890938a
4
- data.tar.gz: 9c96396faf03bed36249890bd19682988bdbb52d4e5eca4fe7994bbfaddf66f8
3
+ metadata.gz: 199d953aecf7e0a21ec2d40b4b910932dce98194b02dad0ccb5a19a8edca7dfc
4
+ data.tar.gz: 75eebd2d66d21913ec9299be8f6a11ba04a53bdb6f63554258644b18d5495f56
5
5
  SHA512:
6
- metadata.gz: 6a8a30a3eb39f5544250bf12338c31d7f3392fda4440a74dc916c28ffac5d2817b8687a911695db06d46f236f7e27857a482abb172854f7d9fd88e5332115749
7
- data.tar.gz: 004d41141dcca7ef89f994f726e0502c43957ce0c144d09fc719f71292f9abdc1a7cb45c6a57f75a84debd9ca2ac3f2085778879e104f4349bae51100c46909e
6
+ metadata.gz: 7f0b100133cdbd56308538a5c3085062221d3e9d7caa154aebe7fa61661ac59713f8e14829ced0dba6731c6fbff20a47d5382e6062e164e7ac85cd05ea94c406
7
+ data.tar.gz: 6424e2cb19604b4a78a673109fc1ffc1bc4ee62de8a036fdacc36030b23d67f320f7142bc62f4fdae7b3b3864d2ab1cbdb950548460b7bf01178a2a828dea7b7
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  ## [Unreleased]
2
2
 
3
+ ## [0.8.0] - 2024-03-04
4
+
5
+ - fix 0.7 regression such that configuration once again considers ENV values
6
+
3
7
  ## [0.7.0] - 2024-01-11
4
8
 
5
9
  - inherit from the puma-acme plugin in auto\_cert plugin
data/Gemfile.lock CHANGED
@@ -1,13 +1,13 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- anchor-pki (0.6.3)
4
+ anchor-pki (0.8.0)
5
5
  puma-acme (~> 0.1)
6
6
 
7
7
  GEM
8
8
  remote: https://rubygems.org/
9
9
  specs:
10
- acme-client (2.0.15)
10
+ acme-client (2.0.17)
11
11
  faraday (>= 1.0, < 3.0.0)
12
12
  faraday-retry (>= 1.0, < 3.0.0)
13
13
  addressable (2.8.4)
@@ -16,7 +16,7 @@ GEM
16
16
  base64 (0.2.0)
17
17
  crack (0.4.5)
18
18
  rexml
19
- diff-lcs (1.5.0)
19
+ diff-lcs (1.5.1)
20
20
  docile (1.4.0)
21
21
  faraday (2.9.0)
22
22
  faraday-net_http (>= 2.0, < 3.2)
@@ -39,32 +39,34 @@ GEM
39
39
  public_suffix (5.0.1)
40
40
  puma (6.4.2)
41
41
  nio4r (~> 2.0)
42
- puma-acme (0.1.0)
42
+ puma-acme (0.1.3)
43
43
  acme-client (~> 2.0.13)
44
44
  pstore (~> 0.1)
45
- puma (~> 6.4)
46
- sinatra (~> 3.1)
47
- rack (2.2.8)
48
- rack-protection (3.2.0)
45
+ puma (~> 6.0)
46
+ sinatra (~> 4.0)
47
+ rack (3.0.9.1)
48
+ rack-protection (4.0.0)
49
49
  base64 (>= 0.1.0)
50
- rack (~> 2.2, >= 2.2.4)
50
+ rack (>= 3.0.0, < 4)
51
+ rack-session (2.0.0)
52
+ rack (>= 3.0.0)
51
53
  rainbow (3.1.1)
52
54
  rake (13.1.0)
53
55
  regexp_parser (2.8.0)
54
56
  rexml (3.2.5)
55
- rspec (3.12.0)
56
- rspec-core (~> 3.12.0)
57
- rspec-expectations (~> 3.12.0)
58
- rspec-mocks (~> 3.12.0)
59
- rspec-core (3.12.2)
60
- rspec-support (~> 3.12.0)
61
- rspec-expectations (3.12.3)
57
+ rspec (3.13.0)
58
+ rspec-core (~> 3.13.0)
59
+ rspec-expectations (~> 3.13.0)
60
+ rspec-mocks (~> 3.13.0)
61
+ rspec-core (3.13.0)
62
+ rspec-support (~> 3.13.0)
63
+ rspec-expectations (3.13.0)
62
64
  diff-lcs (>= 1.2.0, < 2.0)
63
- rspec-support (~> 3.12.0)
64
- rspec-mocks (3.12.5)
65
+ rspec-support (~> 3.13.0)
66
+ rspec-mocks (3.13.0)
65
67
  diff-lcs (>= 1.2.0, < 2.0)
66
- rspec-support (~> 3.12.0)
67
- rspec-support (3.12.0)
68
+ rspec-support (~> 3.13.0)
69
+ rspec-support (3.13.1)
68
70
  rubocop (1.51.0)
69
71
  json (~> 2.3)
70
72
  parallel (~> 1.10)
@@ -93,10 +95,11 @@ GEM
93
95
  simplecov_json_formatter (~> 0.1)
94
96
  simplecov-html (0.12.3)
95
97
  simplecov_json_formatter (0.1.4)
96
- sinatra (3.2.0)
98
+ sinatra (4.0.0)
97
99
  mustermann (~> 3.0)
98
- rack (~> 2.2, >= 2.2.4)
99
- rack-protection (= 3.2.0)
100
+ rack (>= 3.0.0, < 4)
101
+ rack-protection (= 4.0.0)
102
+ rack-session (>= 2.0.0, < 3)
100
103
  tilt (~> 2.0)
101
104
  tilt (2.3.0)
102
105
  unicode-display_width (2.4.2)
data/lib/anchor/auto_cert/configuration.rb CHANGED
@@ -30,11 +30,14 @@ module Anchor
30
30
  alias_method :directory_url=, :directory=
31
31
 
32
32
  def initialize(opts = {})
33
- self.directory_url = opts.delete(:directory_url)
34
- self.allow_identifiers = opts.delete(:allow_identifiers)
33
+ opts[:directory] ||= envs(:directory)
34
+ opts[:eab_kid] ||= envs(:eab_kid)
35
+ opts[:eab_hmac_key] ||= envs(:eab_hmac_key)
36
+ opts[:server_names] ||= envs(:server_names)&.split(',')
35
37
 
36
38
  if (eab = opts.delete(:external_account_binding))
37
- self.external_account_binding = eab
39
+ opts[:eab_kid] = eab[:kid]
40
+ opts[:eab_hmac_key] = eab[:hmac_key]
38
41
  end
39
42
 
40
43
  super(opts)
@@ -48,6 +51,12 @@ module Anchor
48
51
  self.eab_kid = eab[:kid]
49
52
  self.eab_hmac_key = eab[:hmac_key]
50
53
  end
54
+
55
+ private
56
+
57
+ def envs(key)
58
+ Anchor::ENV_VARS[key].map { |k| ENV.fetch(k, nil) }.compact.first
59
+ end
51
60
  end
52
61
  end
53
62
  end
data/lib/anchor/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Anchor
4
- VERSION = '0.7.0'
4
+ VERSION = '0.8.0'
5
5
  end
data/lib/anchor.rb CHANGED
@@ -6,6 +6,13 @@ require 'openssl'
6
6
  # Anchor module is the top-level namespace for the Anchor PKI client.
7
7
  #
8
8
  module Anchor
9
+ ENV_VARS = {
10
+ directory: %w[ACME_DIRECTORY ACME_DIRECTORY_URL],
11
+ eab_kid: %w[ACME_KID ACME_EAB_KID],
12
+ eab_hmac_key: %w[ACME_HMAC_KEY ACME_EAB_HMAC_KEY],
13
+ server_names: %w[ACME_SERVER_NAME ACME_SERVER_NAMES SERVER_NAME SERVER_NAMES ACME_ALLOW_IDENTIFIERS]
14
+ }.freeze
15
+
9
16
  def self.add_cert(pem)
10
17
  (@certs ||= []) << OpenSSL::X509::Certificate.new(pem)
11
18
  end
data/lib/puma/plugin/auto_cert.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require_relative '../../anchor'
3
4
  require_relative '../dsl'
4
5
 
5
6
  require 'puma/acme'
@@ -20,13 +21,6 @@ module Puma
20
21
  attr_accessor :start_hooks
21
22
  end
22
23
 
23
- ENV_VARS = {
24
- server_names: %w[ACME_SERVER_NAME ACME_SERVER_NAMES SERVER_NAME SERVER_NAMES ACME_ALLOW_IDENTIFIERS],
25
- directory: %w[ACME_DIRECTORY ACME_DIRECTORY_URL],
26
- eab_kid: %w[ACME_KID ACME_EAB_KID],
27
- eab_hmac_key: %w[ACME_HMAC_KEY ACME_EAB_HMAC_KEY]
28
- }.freeze
29
-
30
24
  def self.add_start_hook(&block)
31
25
  (self.start_hooks ||= []) << block
32
26
  end
@@ -47,7 +41,7 @@ module Puma
47
41
  return
48
42
  end
49
43
 
50
- server_names = [*config.all(:server_names, env: ENV_VARS[:server_names])]
44
+ server_names = [*config.all(:server_names, env: Anchor::ENV_VARS[:server_names])]
51
45
  .map { |val| val.split(/[ ,]/) }.flatten.uniq
52
46
 
53
47
  if server_names.empty?
@@ -71,10 +65,11 @@ module Puma
71
65
  end
72
66
  end
73
67
 
74
- launcher.options[:acme_directory] ||= config.first(:directory, env: ENV_VARS[:directory])
68
+ launcher.options[:acme_directory] ||= config.first(:directory, env: Anchor::ENV_VARS[:directory])
75
69
 
76
- launcher.options[:acme_eab_kid] ||= config.first(:eab_kid, env: ENV_VARS[:eab_kid])
77
- launcher.options[:acme_eab_hmac_key] ||= config.first(:eab_hmac_key, env: ENV_VARS[:eab_hmac_key])
70
+ launcher.options[:acme_eab_kid] ||= config.first(:eab_kid, env: Anchor::ENV_VARS[:eab_kid])
71
+ launcher.options[:acme_eab_hmac_key] ||= config.first(:eab_hmac_key,
72
+ env: Anchor::ENV_VARS[:eab_hmac_key])
78
73
 
79
74
  launcher.options[:acme_mode] ||= config.first(:mode) || :foreground
80
75
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: anchor-pki
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.0
4
+ version: 0.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Anchor Security, Inc
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-11 00:00:00.000000000 Z
11
+ date: 2024-03-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: puma-acme
@@ -182,7 +182,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
182
182
  - !ruby/object:Gem::Version
183
183
  version: '0'
184
184
  requirements: []
185
- rubygems_version: 3.4.10
185
+ rubygems_version: 3.4.22
186
186
  signing_key:
187
187
  specification_version: 4
188
188
  summary: Ruby client for Anchor PKI. See https://anchor.dev/ for details.