bullion 0.1.2 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 010be491b129c74b11557aa08487ea130d9026af4a84cb1036b7e3409cab8633
-  data.tar.gz: 7de3eba05bded0ffcb439cc8c0f2faa1539020767d761e8bc773b10ee8439519
+  metadata.gz: f7e5e7935b8ed90f7e8e6695215b039507272a2db3ab1ed8919b0ae9abef1823
+  data.tar.gz: 81e4de3cc1fe7e876c487c7edb0fd3e775125d841e16ff3948fafd5e1d5adec2
 SHA512:
-  metadata.gz: 4d198c5fb45716236d64d2cf180bc4494cbaad7e0d07d30e6f5a25dc80caba635999df72bd4cf80cc281e96e7d517fb64af4bc6afd8926f8aa17c95ab1f5eb37
-  data.tar.gz: b230b4bc97c014b27037d0dcf9a938af9e14d2cf51a5925b25a54e09ef3b69650aa95feb14da7dbf93277f75350d421c36656b9c6d973335c1a0cf386bceb76a
+  metadata.gz: e8d9a743a1b81df4ee26858d7ece2b43c77070568f01298d35c4b2eef78f6cac6a1ecab89e232d18e5321f81b4382ac331a3242d11771bd954de64b5a9a16961
+  data.tar.gz: 628f70c629f53e09424c59a5553c81dbb172d3d57fa117e76c74d861e8cd1ad9a0a47d52db52609d17d2da78b6c50d7fc533007966a532d2e4acc9f04dab79d6

data/.roxanne.yml

@@ -0,0 +1,14 @@
+version: 1.0
+stages:
+  build:
+    image: docker:latest
+    scripts:
+    - ./scripts/build.sh
+  test:
+    image: ruby:3.1
+    scripts:
+    - ./scripts/test.sh
+  release:
+    image: ruby:3.1
+    only:
+    - main

data/.rubocop.yml

@@ -3,18 +3,18 @@ Layout/LineLength:
 
 AllCops:
   Exclude:
-    - 'spec/**/*_spec.rb'
-    - 'db/schema.rb'
-    - 'vendor/**/*'
-  TargetRubyVersion: 2.6
+  - 'db/schema.rb'
+  - 'vendor/**/*'
+  TargetRubyVersion: 3.1
   NewCops: enable
 
 Metrics/AbcSize:
   Max: 21
 
 Metrics/BlockLength:
-  Max: 30
+  Max: 35
   Exclude:
+  - 'spec/**/*_spec.rb'
   - 'Rakefile'
   - '*.gemspec'
 
@@ -22,10 +22,29 @@ Metrics/MethodLength:
   Max: 20
 
 Metrics/ModuleLength:
-  Max: 150
+  Max: 160
+  Exclude:
+  - 'spec/**/*_spec.rb'
 
 Metrics/ClassLength:
   Max: 300
+  Exclude:
+  - 'spec/**/*_spec.rb'
+
+Gemspec/RequireMFA:
+  Enabled: false
+
+Style/MixinUsage:
+  Exclude:
+  - "bin/console"
+
+Style/StringLiterals:
+  Enabled: true
+  EnforcedStyle: double_quotes
+
+Style/StringLiteralsInInterpolation:
+  Enabled: true
+  EnforcedStyle: double_quotes
 
 Style/StringConcatenation:
   Exclude:

data/.ruby-version

@@ -0,0 +1 @@
+3.1.2

data/.travis.yml

@@ -7,9 +7,10 @@ before_install: gem install bundler -v 2.1.4
 deploy:
   provider: rubygems
   api_key:
-    secure: zDbqFIQbCirgJ7KLCAyJV6KvJIOFa+FyDVXgrOTopDUUHbqV+tBMO/bvcMOwSUZQKsqfR/HMgoVCEDnq+iesLIQqBrSAuFcjEFM06rF7KC7Q7y0pmXVuK/I3tyQ1nsvOBApc6PHLxu+cEFZ3K37Rx5AZpj/wss+Oqz6Rx0VO7IgZ7Zs/+Ssp6aESSxs+IEXhK+wekEzt6lznqvcuZ5Z/KUlZ2Hd8uH7JxpBQb3EdzFD6coxaisb6ZIX9S7EPJeA08kmswPmv12HVJjm2M6dW6cyeZLbkGct1tnRqmxxSwFJqMJ8/Omlh26+1iaeFKnahBW3OsaiepSFeXfpACSmo+NhOO6cLDxvs5Fk9QsvXIvib1rSkTvNjZZnKN/fd48lcG7U/XiOJefFV23IeILNXiEFI6tDWlGiMQ/qZvQtlgmCsAeu31eW2oxGLFw4651q2ORUENXu5nuC9zQaxniPxsk1DnQVasn2TbVt6Hmpe4R9JWdd59eFddMAK4pysFGr1+jJzEdVw3/SbI+5cSoQ8DCSHxfJhLWjL0I2NjArtnjoeVOLqyDIs6h0FObKP4pi6TxlpGlbh2uf7jT2VIDoUnQwnHjLJiKYG+dK6Xvw6+j82a0QOA9wreEasri2LG1N7UUD5vBSYkJrCy/7u65rfZ438RDM66n1dyZKZ81pXP3w=
+    secure: jCGp7gsBcWZhEXQfFkcJKh+6zsAbsAkzyf0rS/IYuJ/IltrZzVm8KXugYMAhL8ZgvKl7ecFhjOmXOMC4q+YPh0ax5ozzbwipR9JoMiACh24RDB302Ye66eyO8xMAQK/KYqyy5ym9mT6ZpP/kKwvIEYJOBjypQ4+Rk+OZJize6L0MAmAtwfRNo9ah7czCQ2wdl18Ss7nfCs9jFrL6aTdZTHi0uolfz2lXHE5kgxSaQoF+xRIYkb4WLrUwypMt9oYimp4LGP+a5BwWIEyz+Kw1i3XXl9cdusKrkGH1no+eNoiK1pAFy6DC6tR1Dtw95EoMCnRhgJ99f5pf2J/3FrJYyUFk0Fph3SWsO8x6EJ05YAnuql+jcuzsXYn3/TCDilS6kbP2NY4anTZLxOha2VesIqtWsT6skKac+zVa9YCG+DVSqaUig93fNxyw+c27giY4oDAOvRBo10m/r4QFJ1oiK+PTHf4phuUtjhVWAzRasSk2Q+nNIK8XHNgtp/GY8RYkxzANsotwg3aZ2FsCh3+9KwZYyEh+pD+n7Ev4d+Lqr5hw2VhIzaY/RbzGkADFuXxz5BVOE42iKdtO1MSycFDGmegQancyt1XDT0dVYhXI8gnw9BvixVmgPMVqTVdodLpjZFLyFbIB93l7zO07gSQ1sVmwhEUL0rbTEBfPPwNX78w=
   gem: bullion
   on:
     tags: true
+    rvm: 2.6
     repo: jgnagy/bullion
   skip_cleanup: 'true'

data/Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:2.6-alpine AS build
+FROM ruby:3.1-alpine AS build
 
 ENV RACK_ENV=development
 
@@ -17,7 +17,7 @@ RUN apk add build-base \
 
 WORKDIR /build
 
-FROM ruby:2.6-alpine
+FROM ruby:3.1-alpine
 LABEL maintainer="Jonathan Gnagy <jonathan.gnagy@gmail.com>"
 
 ENV BULLION_PORT=9292

data/Gemfile

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-source 'https://rubygems.org'
+source "https://rubygems.org"
 
 git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
 

data/Gemfile.lock

@@ -1,132 +1,140 @@
 PATH
   remote: .
   specs:
-    bullion (0.1.2)
+    bullion (0.3.0)
       httparty (~> 0.18)
-      json (~> 2.5)
-      jwt (~> 1.5)
+      json (~> 2.6)
+      jwt (~> 2.4)
       mysql2 (~> 0.5)
-      openssl (~> 2.2)
-      prometheus-client (~> 2.1)
-      puma (~> 3.12)
-      sinatra (~> 2.1)
+      openssl (~> 3.0)
+      prometheus-client (~> 4.0)
+      puma (~> 5.6)
+      sinatra (~> 2.2)
       sinatra-activerecord (~> 2.0)
-      sinatra-contrib (~> 2.1)
+      sinatra-contrib (~> 2.2)
       sqlite3 (~> 1.4)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    acme-client (2.0.7)
-      faraday (>= 0.17, < 2.0.0)
-    activemodel (6.1.1)
-      activesupport (= 6.1.1)
-    activerecord (6.1.1)
-      activemodel (= 6.1.1)
-      activesupport (= 6.1.1)
-    activesupport (6.1.1)
+    acme-client (2.0.11)
+      faraday (>= 1.0, < 3.0.0)
+      faraday-retry (~> 1.0)
+    activemodel (7.0.3.1)
+      activesupport (= 7.0.3.1)
+    activerecord (7.0.3.1)
+      activemodel (= 7.0.3.1)
+      activesupport (= 7.0.3.1)
+    activesupport (7.0.3.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
-    ast (2.4.1)
-    byebug (9.1.0)
-    concurrent-ruby (1.1.7)
-    diff-lcs (1.4.4)
-    docile (1.3.5)
-    faraday (1.3.0)
-      faraday-net_http (~> 1.0)
-      multipart-post (>= 1.2, < 3)
-      ruby2_keywords
-    faraday-net_http (1.0.1)
-    httparty (0.18.1)
+    ast (2.4.2)
+    byebug (11.1.3)
+    concurrent-ruby (1.1.10)
+    diff-lcs (1.5.0)
+    docile (1.4.0)
+    faraday (2.3.0)
+      faraday-net_http (~> 2.0)
+      ruby2_keywords (>= 0.0.4)
+    faraday-net_http (2.0.3)
+    faraday-retry (1.0.3)
+    httparty (0.20.0)
       mime-types (~> 3.0)
       multi_xml (>= 0.5.2)
-    i18n (1.8.7)
+    i18n (1.12.0)
       concurrent-ruby (~> 1.0)
-    json (2.5.1)
-    jwt (1.5.6)
-    mime-types (3.3.1)
+    json (2.6.2)
+    jwt (2.4.1)
+    mime-types (3.4.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2020.1104)
-    minitest (5.14.3)
+    mime-types-data (3.2022.0105)
+    minitest (5.16.2)
     multi_json (1.15.0)
     multi_xml (0.6.0)
-    multipart-post (2.1.1)
-    mustermann (1.1.1)
+    mustermann (1.1.2)
       ruby2_keywords (~> 0.0.1)
-    mysql2 (0.5.3)
-    openssl (2.2.0)
-    parallel (1.20.1)
-    parser (3.0.0.0)
+    mysql2 (0.5.4)
+    nio4r (2.5.8)
+    openssl (3.0.0)
+    parallel (1.22.1)
+    parser (3.1.2.0)
       ast (~> 2.4.1)
-    prometheus-client (2.1.0)
-    puma (3.12.6)
-    rack (2.2.3)
-    rack-protection (2.1.0)
+    prometheus-client (4.0.0)
+    puma (5.6.4)
+      nio4r (~> 2.0)
+    rack (2.2.4)
+    rack-protection (2.2.1)
       rack
-    rack-test (0.8.3)
-      rack (>= 1.0, < 3)
-    rainbow (3.0.0)
+    rack-test (2.0.2)
+      rack (>= 1.3)
+    rainbow (3.1.1)
     rake (12.3.3)
-    regexp_parser (2.0.3)
-    rexml (3.2.4)
-    rspec (3.10.0)
-      rspec-core (~> 3.10.0)
-      rspec-expectations (~> 3.10.0)
-      rspec-mocks (~> 3.10.0)
-    rspec-core (3.10.1)
-      rspec-support (~> 3.10.0)
-    rspec-expectations (3.10.1)
+    regexp_parser (2.5.0)
+    rexml (3.2.5)
+    rspec (3.11.0)
+      rspec-core (~> 3.11.0)
+      rspec-expectations (~> 3.11.0)
+      rspec-mocks (~> 3.11.0)
+    rspec-core (3.11.0)
+      rspec-support (~> 3.11.0)
+    rspec-expectations (3.11.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-mocks (3.10.1)
+      rspec-support (~> 3.11.0)
+    rspec-mocks (3.11.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.10.0)
-    rspec-support (3.10.1)
-    rubocop (0.93.1)
+      rspec-support (~> 3.11.0)
+    rspec-support (3.11.0)
+    rubocop (1.31.2)
+      json (~> 2.3)
       parallel (~> 1.10)
-      parser (>= 2.7.1.5)
+      parser (>= 3.1.0.0)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8)
-      rexml
-      rubocop-ast (>= 0.6.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.18.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-ast (1.4.0)
-      parser (>= 2.7.1.5)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.19.1)
+      parser (>= 3.1.1.0)
+    rubocop-rake (0.6.0)
+      rubocop (~> 1.0)
+    rubocop-rspec (2.11.1)
+      rubocop (~> 1.19)
     ruby-progressbar (1.11.0)
-    ruby2_keywords (0.0.2)
+    ruby2_keywords (0.0.5)
     simplecov (0.21.2)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
-    simplecov-cobertura (1.4.2)
-      simplecov (~> 0.8)
+    simplecov-cobertura (2.1.0)
+      rexml
+      simplecov (~> 0.19)
     simplecov-html (0.12.3)
-    simplecov_json_formatter (0.1.2)
-    sinatra (2.1.0)
+    simplecov_json_formatter (0.1.4)
+    sinatra (2.2.1)
       mustermann (~> 1.0)
       rack (~> 2.2)
-      rack-protection (= 2.1.0)
+      rack-protection (= 2.2.1)
       tilt (~> 2.0)
-    sinatra-activerecord (2.0.21)
+    sinatra-activerecord (2.0.25)
       activerecord (>= 4.1)
       sinatra (>= 1.0)
-    sinatra-contrib (2.1.0)
+    sinatra-contrib (2.2.1)
       multi_json
       mustermann (~> 1.0)
-      rack-protection (= 2.1.0)
-      sinatra (= 2.1.0)
+      rack-protection (= 2.2.1)
+      sinatra (= 2.2.1)
       tilt (~> 2.0)
-    sqlite3 (1.4.2)
+    sqlite3 (1.4.4)
     tilt (2.0.10)
     tzinfo (2.0.4)
       concurrent-ruby (~> 1.0)
-    unicode-display_width (1.7.0)
-    yard (0.9.26)
-    zeitwerk (2.4.2)
+    unicode-display_width (2.2.0)
+    webrick (1.7.0)
+    yard (0.9.28)
+      webrick (~> 1.7.0)
 
 PLATFORMS
   ruby
@@ -134,15 +142,17 @@ PLATFORMS
 DEPENDENCIES
   acme-client (~> 2.0)
   bullion!
-  bundler (~> 2.0)
-  byebug (~> 9)
-  rack-test (~> 0.8)
+  bundler (~> 2.3)
+  byebug (~> 11)
+  rack-test (~> 2.0)
   rake (~> 12.3)
   rspec (~> 3.10)
-  rubocop (~> 0.93)
-  simplecov (~> 0.20)
-  simplecov-cobertura (~> 1.4)
+  rubocop (~> 1.31)
+  rubocop-rake (~> 0.6)
+  rubocop-rspec (~> 2.11)
+  simplecov (~> 0.21)
+  simplecov-cobertura (~> 2.1)
   yard (~> 0.9)
 
 BUNDLED WITH
-   2.1.4
+   2.3.10

data/README.md

@@ -36,8 +36,8 @@ Whether run locally or via Docker, the following environment variables configure
 | `CA_CERT_PATH` | `$CA_DIR/tls.crt` | Public cert for Bullion. If Bullion is an intermediate CA, you'll want to include the root CA's public cert in this file as well the signed cert for Bullion. |
 | `CA_DOMAINS` | `example.com` | A comma-delimited list of domains for which Bullion will sign certificate requests. Subdomains are automatically allowed. Certificates containing other domains will be rejected. |
 | `CERT_VALIDITY_DURATION` | `7776000` | How long should issued certs be valid (in seconds)? Default is 90 days. |
-| `DATABASE_URL` | _None_ | A shorthand for telling Bullion how to connect to a database. Acceptable URLs will either being with `sqlite3:` or [`mysql2://`](https://github.com/brianmario/mysql2#using-active-records-database_url). |
-| `DNS01_NAMESERVERS` | `8.8.8.8` | A comma-delimited list of nameservers to use for resolving [DNS-01](https://letsencrypt.org/docs/challenge-types/#dns-01-challenge) challenges. Usually you'll want this to be set to your _internal_ nameservers so internal names resolve correctly. |
+| `DATABASE_URL` | _None_ | **(Required)** A shorthand for telling Bullion how to connect to a database. Acceptable URLs will either being with `sqlite3:` or [`mysql2://`](https://github.com/brianmario/mysql2#using-active-records-database_url). |
+| `DNS01_NAMESERVERS` | _None_ | A comma-delimited list of nameservers to use for resolving [DNS-01](https://letsencrypt.org/docs/challenge-types/#dns-01-challenge) challenges. Usually you'll want this to be set to your _internal_ nameservers so internal names resolve correctly. When not set, it'll use the host's DNS. |
 | `LOG_LEVEL` | `warn` | Log level for Bullion. Supported levels (starting with the noisiest) are debug, info, warn, error, and fatal. |
 | `BULLION_PORT` | `9292` | TCP port Bullion will listen on. |
 | `MIN_THREADS` | `2` | Minimum number of [Puma](https://puma.io/) threads for processing requests. |

data/Rakefile

@@ -1,20 +1,22 @@
 # frozen_string_literal: true
 
-if %w[development test].include? ENV['RACK_ENV']
-  ENV['DATABASE_URL'] = "sqlite3:#{File.expand_path('.')}/tmp/db/#{ENV['RACK_ENV']}.sqlite3"
+ENV["RACK_ENV"] ||= "development"
+
+if %w[development test].include? ENV["RACK_ENV"]
+  ENV["DATABASE_URL"] = "sqlite3:#{File.expand_path(".")}/tmp/db/#{ENV["RACK_ENV"]}.sqlite3"
 end
 
-require 'bundler/gem_tasks'
-require 'rspec/core/rake_task'
-require 'rubocop/rake_task'
-require 'yard'
-require 'openssl'
-require 'sqlite3'
-require 'sinatra/activerecord/rake'
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+require "rubocop/rake_task"
+require "yard"
+require "openssl"
+require "sqlite3"
+require "sinatra/activerecord/rake"
 
 namespace :db do
   task :load_config do
-    ActiveRecord::Base.establish_connection(ENV['DATABASE_URL'])
+    ActiveRecord::Base.establish_connection(url: ENV.fetch("DATABASE_URL", nil))
   end
 end
 
@@ -23,69 +25,70 @@ RuboCop::RakeTask.new(:rubocop)
 YARD::Rake::YardocTask.new
 
 task :prep do
-  FileUtils.mkdir_p(File.join(File.expand_path('.'), 'tmp'))
-  ENV['CA_DIR'] = File.join(File.expand_path('.'), 'tmp').to_s
-  ENV['CA_SECRET'] = 'SomeS3cret'
-  ENV['CA_DOMAINS'] = 'test.domain'
+  FileUtils.mkdir_p(File.join(File.expand_path("."), "tmp"))
+  ENV["CA_DIR"] = File.join(File.expand_path("."), "tmp").to_s
+  ENV["CA_SECRET"] = "SomeS3cret"
+  ENV["CA_DOMAINS"] = "test.domain"
 
   key = OpenSSL::PKey::RSA.new(4096)
-  File.open(File.join(File.expand_path('.'), 'tmp', 'tls.key'), 'w') do |f|
-    f.write key.to_pem(OpenSSL::Cipher.new('aes-128-cbc'), ENV['CA_SECRET'])
-  end
+  File.write(File.join(File.expand_path("."), "tmp", "tls.key"),
+             key.to_pem(OpenSSL::Cipher.new("aes-128-cbc"), ENV.fetch("CA_SECRET", nil)))
 
   root_ca = OpenSSL::X509::Certificate.new
   root_ca.version = 2
   root_ca.serial = (2**rand(10..20)) - 1
   root_ca.subject = OpenSSL::X509::Name.parse(
-    %w[test domain].reverse.map { |piece| "DC=#{piece}" }.join('/') + '/CN=bullion'
+    %w[test domain].reverse.map { |piece| "DC=#{piece}" }.join("/") + "/CN=bullion"
   )
   root_ca.issuer = root_ca.subject # root CA's are "self-signed"
   root_ca.public_key = key.public_key
   root_ca.not_before = Time.now
-  root_ca.not_after = root_ca.not_before + 5 * 365 * 24 * 60 * 60 # 5 years validity
+  root_ca.not_after = root_ca.not_before + (5 * 365 * 24 * 60 * 60) # 5 years validity
   ef = OpenSSL::X509::ExtensionFactory.new
   ef.subject_certificate = root_ca
   ef.issuer_certificate = root_ca
   root_ca.add_extension(
-    ef.create_extension('basicConstraints', 'CA:TRUE', true)
+    ef.create_extension("basicConstraints", "CA:TRUE", true)
   )
   root_ca.add_extension(
-    ef.create_extension('keyUsage', 'keyCertSign, cRLSign', true)
+    ef.create_extension("keyUsage", "keyCertSign, cRLSign", true)
   )
   root_ca.add_extension(
-    ef.create_extension('subjectKeyIdentifier', 'hash', false)
+    ef.create_extension("subjectKeyIdentifier", "hash", false)
   )
   root_ca.add_extension(
-    ef.create_extension('authorityKeyIdentifier', 'keyid:always', false)
+    ef.create_extension("authorityKeyIdentifier", "keyid:always", false)
   )
-  root_ca.sign(key, OpenSSL::Digest.new('SHA256'))
-  File.open(File.join(File.expand_path('.'), 'tmp', 'tls.crt'), 'w') do |f|
-    f.write root_ca.to_pem
-  end
+  root_ca.sign(key, OpenSSL::Digest.new("SHA256"))
+  File.write(File.join(File.expand_path("."), "tmp", "tls.crt"), root_ca.to_pem)
 end
 
 task :demo do
-  system("rackup -D -P #{File.expand_path('.')}/tmp/daemon.pid")
+  system("rackup -D -P #{File.expand_path(".")}/tmp/daemon.pid")
 end
 
 task :foreground_demo do
-  system("rackup -P #{File.expand_path('.')}/tmp/daemon.pid")
+  system("rackup -P #{File.expand_path(".")}/tmp/daemon.pid")
 end
 
 task :cleanup do
   at_exit do
-    system("kill $(cat #{File.expand_path('.')}/tmp/daemon.pid)")
-    FileUtils.rm_f(File.join(File.expand_path('.'), 'tmp', 'tls.crt'))
-    FileUtils.rm_f(File.join(File.expand_path('.'), 'tmp', 'tls.key'))
-    FileUtils.rm_rf(File.join(File.expand_path('.'), 'tmp', 'db'))
-    ENV['CA_DIR'] = nil
-    ENV['CA_SECRET'] = nil
-    ENV['CA_DOMAINS'] = nil
+    if File.exist?("#{File.expand_path(".")}/tmp/daemon.pid")
+      system("kill $(cat #{File.expand_path(".")}/tmp/daemon.pid)")
+    end
+    FileUtils.rm_f(File.join(File.expand_path("."), "tmp", "tls.crt"))
+    FileUtils.rm_f(File.join(File.expand_path("."), "tmp", "tls.key"))
+    FileUtils.rm_rf(File.join(File.expand_path("."), "tmp", "db"))
+    ENV["CA_DIR"] = nil
+    ENV["CA_SECRET"] = nil
+    ENV["CA_DOMAINS"] = nil
   end
 end
 
-Rake::Task['spec'].enhance(['cleanup'])
+Rake::Task["spec"].enhance(["cleanup"])
 
 task default: %i[prep db:migrate demo spec rubocop]
 
+task test: %i[prep db:migrate demo spec]
+
 task local_demo: %i[prep db:migrate foreground_demo]

data/bin/console

@@ -1,8 +1,8 @@
 #!/usr/bin/env ruby
 # frozen_string_literal: true
 
-require 'bundler/setup'
-require 'bullion'
+require "bundler/setup"
+require "bullion"
 
 # You can add fixtures and/or initialization code here to make experimenting
 # with your gem easier. You can also use a different console, if you like.
@@ -11,5 +11,5 @@ require 'bullion'
 # require "pry"
 # Pry.start
 
-require 'irb'
+require "irb"
 IRB.start(__FILE__)

data/bullion.gemspec

@@ -1,51 +1,53 @@
 # frozen_string_literal: true
 
-require_relative 'lib/bullion/version'
+require_relative "lib/bullion/version"
 
 Gem::Specification.new do |spec|
-  spec.name          = 'bullion'
+  spec.name          = "bullion"
   spec.version       = Bullion::VERSION
-  spec.authors       = ['Jonathan Gnagy']
-  spec.email         = ['jonathan.gnagy@gmail.com']
+  spec.authors       = ["Jonathan Gnagy"]
+  spec.email         = ["jonathan.gnagy@gmail.com"]
 
-  spec.summary       = 'Ruby ACME v2 Certificate Authority'
-  spec.homepage      = 'https://github.com/jgnagy/bullion'
-  spec.license       = 'MIT'
+  spec.summary       = "Ruby ACME v2 Certificate Authority"
+  spec.homepage      = "https://github.com/jgnagy/bullion"
+  spec.license       = "MIT"
 
-  spec.metadata['homepage_uri'] = spec.homepage
-  spec.metadata['source_code_uri'] = 'https://github.com/jgnagy/bullion'
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = "https://github.com/jgnagy/bullion"
 
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
   spec.files = Dir.chdir(File.expand_path(__dir__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
-  spec.bindir        = 'exe'
+  spec.bindir        = "exe"
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ['lib']
-
-  spec.required_ruby_version = '~> 2.6'
-
-  spec.add_runtime_dependency 'httparty',             '~> 0.18'
-  spec.add_runtime_dependency 'json',                 '~> 2.5'
-  spec.add_runtime_dependency 'jwt',                  '~> 1.5'
-  spec.add_runtime_dependency 'mysql2',               '~> 0.5'
-  spec.add_runtime_dependency 'openssl',              '~> 2.2'
-  spec.add_runtime_dependency 'prometheus-client',    '~> 2.1'
-  spec.add_runtime_dependency 'puma',                 '~> 3.12'
-  spec.add_runtime_dependency 'sinatra',              '~> 2.1'
-  spec.add_runtime_dependency 'sinatra-activerecord', '~> 2.0'
-  spec.add_runtime_dependency 'sinatra-contrib',      '~> 2.1'
-  spec.add_runtime_dependency 'sqlite3',              '~> 1.4'
-
-  spec.add_development_dependency 'acme-client',         '~> 2.0'
-  spec.add_development_dependency 'bundler',             '~> 2.0'
-  spec.add_development_dependency 'byebug',              '~> 9'
-  spec.add_development_dependency 'rack-test',           '~> 0.8'
-  spec.add_development_dependency 'rake',                '~> 12.3'
-  spec.add_development_dependency 'rspec',               '~> 3.10'
-  spec.add_development_dependency 'rubocop',             '~> 0.93'
-  spec.add_development_dependency 'simplecov',           '~> 0.20'
-  spec.add_development_dependency 'simplecov-cobertura', '~> 1.4'
-  spec.add_development_dependency 'yard',                '~> 0.9'
+  spec.require_paths = ["lib"]
+
+  spec.required_ruby_version = "~> 3.1"
+
+  spec.add_runtime_dependency "httparty",             "~> 0.18"
+  spec.add_runtime_dependency "json",                 "~> 2.6"
+  spec.add_runtime_dependency "jwt",                  "~> 2.4"
+  spec.add_runtime_dependency "mysql2",               "~> 0.5"
+  spec.add_runtime_dependency "openssl",              "~> 3.0"
+  spec.add_runtime_dependency "prometheus-client",    "~> 4.0"
+  spec.add_runtime_dependency "puma",                 "~> 5.6"
+  spec.add_runtime_dependency "sinatra",              "~> 2.2"
+  spec.add_runtime_dependency "sinatra-activerecord", "~> 2.0"
+  spec.add_runtime_dependency "sinatra-contrib",      "~> 2.2"
+  spec.add_runtime_dependency "sqlite3",              "~> 1.4"
+
+  spec.add_development_dependency "acme-client",         "~> 2.0"
+  spec.add_development_dependency "bundler",             "~> 2.3"
+  spec.add_development_dependency "byebug",              "~> 11"
+  spec.add_development_dependency "rack-test",           "~> 2.0"
+  spec.add_development_dependency "rake",                "~> 12.3"
+  spec.add_development_dependency "rspec",               "~> 3.10"
+  spec.add_development_dependency "rubocop",             "~> 1.31"
+  spec.add_development_dependency "rubocop-rake",        "~> 0.6"
+  spec.add_development_dependency "rubocop-rspec",       "~> 2.11"
+  spec.add_development_dependency "simplecov",           "~> 0.21"
+  spec.add_development_dependency "simplecov-cobertura", "~> 2.1"
+  spec.add_development_dependency "yard",                "~> 0.9"
 end

data/config/puma.rb

@@ -1,3 +1,3 @@
 # frozen_string_literal: true
 
-threads 2, Integer(ENV.fetch('MAX_THREADS', 32))
+threads 2, Integer(ENV.fetch("MAX_THREADS", 32))