bullion 0.10.0 → 0.10.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 74fbfc1ee8b98c2ff1c707302c8e62c9b2f8d106308b8b3b02d6a1ffe622cb77
-  data.tar.gz: adbd79fc4e82a9630dee2dd71c1e33c7e0a8f02732c986af07b1ba3d1733fd5c
+  metadata.gz: 9b418034aabf17318c2f100d13bedd6e24338241d175a8a745aa59adc63b88c3
+  data.tar.gz: 55de2bbebec20c8a485baa9d7f3e1b4f50fdc0b3d79e1124ed1dbb67c25ef759
 SHA512:
-  metadata.gz: f1cfc723554109cdb6e837e2dabd66eed6dd52d3cd7ca649923f88940c31e83e957e749ec1449c6eef4ffbcc89aafbbf822a3725b55688a3dc5d4290bd63552b
-  data.tar.gz: ccbe2a235fa91b4568b6977f55b22122de5f0fc1e0c2620c4ef9e16dfc4ce618ccff0322ea1e5c9dc3711f2dc10b22a9dc0bcd5c45d406adb08640229ec78048
+  metadata.gz: 955267201ea388e0676962863224b79883a239830347a5d372415b45b71b52a334116ec58aac187dec20c7f5992ad7bc3422809da85a5dbbdbce53c062081ab3
+  data.tar.gz: 781b2d68d4808a3ff1ae72c5d252c75a3220aa1d23be6d456a9b15bc5c87f970f8b6cd0397888d19167d35b22b1830bfcd1f583827302b33b2cdd324810c22ae

data/.github/workflows/release.yml

@@ -31,3 +31,26 @@ jobs:
 
       - uses: rubygems/release-gem@v1
         if: ${{ steps.release.outputs.release_created }}
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        if: ${{ steps.release.outputs.release_created }}
+        with:
+          username: ${{ vars.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        if: ${{ steps.release.outputs.release_created }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        if: ${{ steps.release.outputs.release_created }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        if: ${{ steps.release.outputs.release_created }}
+        with:
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: jgnagy/bullion:latest,jgnagy/bullion:${{ steps.release.outputs.version }},jgnagy/bullion:${{ steps.release.outputs.major }}.${{ steps.release.outputs.minor }}

data/.release-please-manifest.json

@@ -1,3 +1,3 @@
 {
-  ".": "0.10.0"
+  ".": "0.10.2"
 }

data/.rubocop.yml

@@ -73,7 +73,7 @@ RSpec/MultipleExpectations:
   Max: 13
 
 RSpec/ExampleLength:
-  Max: 34
+  Max: 40
 
 Gemspec/DevelopmentDependencies:
   Enabled: false

data/CHANGELOG.md

@@ -1,5 +1,19 @@
 # Changelog
 
+## [0.10.2](https://github.com/jgnagy/bullion/compare/bullion/v0.10.1...bullion/v0.10.2) (2025-08-20)
+
+
+### Bug Fixes
+
+* correct x509 certificate version to ensure x509v3 compliance ([0e8f6d7](https://github.com/jgnagy/bullion/commit/0e8f6d7bb6fc9b6913cff84390b1a5c436b53d2c))
+
+## [0.10.1](https://github.com/jgnagy/bullion/compare/bullion/v0.10.0...bullion/v0.10.1) (2025-07-06)
+
+
+### Features
+
+* enable automatic Docker image builds ([6854692](https://github.com/jgnagy/bullion/commit/685469269d1f7e5b11c3c87bcd814225d5a26d1e))
+
 ## [0.10.0](https://github.com/jgnagy/bullion/compare/bullion/v0.9.0...bullion/v0.10.0) (2025-07-05)
 
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    bullion (0.10.0)
+    bullion (0.10.2)
       benchmark (~> 0.4)
       dry-configurable (~> 1.1)
       httparty (~> 0.21)
@@ -23,13 +23,13 @@ GEM
       base64 (~> 0.2)
       faraday (>= 1.0, < 3.0.0)
       faraday-retry (>= 1.0, < 3.0.0)
-    activemodel (8.0.2)
-      activesupport (= 8.0.2)
-    activerecord (8.0.2)
-      activemodel (= 8.0.2)
-      activesupport (= 8.0.2)
+    activemodel (8.0.2.1)
+      activesupport (= 8.0.2.1)
+    activerecord (8.0.2.1)
+      activemodel (= 8.0.2.1)
+      activesupport (= 8.0.2.1)
       timeout (>= 0.4.0)
-    activesupport (8.0.2)
+    activesupport (8.0.2.1)
       base64
       benchmark (>= 0.3)
       bigdecimal

data/lib/bullion/acme/error.rb

@@ -19,53 +19,44 @@ module Bullion
     end
 
     module Errors
+      # ACME exception for nonexistent accounts
+      class AccountDoesNotExist < Bullion::Acme::Error
+        def acme_type = "accountDoesNotExist"
+      end
+
       # ACME exception for bad CSRs
       class BadCsr < Bullion::Acme::Error
-        def acme_type
-          "badCSR"
-        end
+        def acme_type = "badCSR"
       end
 
       # ACME exception for bad Nonces
       class BadNonce < Bullion::Acme::Error
-        def acme_type
-          "badNonce"
-        end
+        def acme_type = "badNonce"
       end
 
       # ACME exception for invalid contacts in accounts
       class InvalidContact < Bullion::Acme::Error
-        def acme_type
-          "invalidContact"
-        end
+        def acme_type = "invalidContact"
       end
 
       # ACME exception for invalid orders
       class InvalidOrder < Bullion::Acme::Error
-        def acme_type
-          "invalidOrder"
-        end
+        def acme_type = "invalidOrder"
       end
 
       # ACME exception for malformed requests
       class Malformed < Bullion::Acme::Error
-        def acme_type
-          "malformed"
-        end
+        def acme_type = "malformed"
       end
 
       # ACME exception for unsupported contacts in accounts
       class UnsupportedContact < Bullion::Acme::Error
-        def acme_type
-          "unsupportedContact"
-        end
+        def acme_type = "unsupportedContact"
       end
 
       # Non-standard exception for unsupported challenge types
       class UnsupportedChallengeType < Bullion::Acme::Error
-        def acme_error
-          "urn:ietf:params:bullion:error:unsupportedChallengeType"
-        end
+        def acme_error = "urn:ietf:params:bullion:error:unsupportedChallengeType"
       end
     end
   end

data/lib/bullion/helpers/ssl.rb

@@ -200,7 +200,7 @@ module Bullion
         # Create a OpenSSL cert using select info from the CSR
         csr_cert = OpenSSL::X509::Certificate.new
         csr_cert.serial = cert.serial
-        csr_cert.version = 3
+        csr_cert.version = 2 # OpenSSL uses zero-indexed versions: 2 = x509v3
         csr_cert.not_before = Time.now
         # only 90 days for ACMEv2
         csr_cert.not_after = csr_cert.not_before + (3 * 30 * 24 * 60 * 60)

data/lib/bullion/services/ca.rb

@@ -118,14 +118,9 @@ module Bullion
       # @see https://tools.ietf.org/html/rfc8555#section-7.3
       post "/accounts" do
         header_data = JSON.parse(Base64.decode64(@json_body[:protected]))
-        begin
-          parse_acme_jwt(header_data["jwk"], validate_nonce: false)
+        parse_acme_jwt(header_data["jwk"], validate_nonce: false)
 
-          account_data_valid?(@payload_data)
-        rescue Bullion::Acme::Error => e
-          content_type "application/problem+json"
-          halt 400, { type: e.acme_error, detail: e.message }.to_json
-        end
+        account_data_valid?(@payload_data)
 
         user = Models::Account.where(
           public_key: header_data["jwk"]
@@ -133,7 +128,10 @@ module Bullion
 
         if @payload_data["onlyReturnExisting"]
           content_type "application/problem+json"
-          halt 400, { type: "urn:ietf:params:acme:error:accountDoesNotExist" }.to_json unless user
+          unless user
+            raise Bullion::Acme::Error::AccountDoesNotExist,
+                  "onlyReturnExisting requested and account does not exist"
+          end
         end
 
         user ||= Models::Account.new(public_key: header_data["jwk"])
@@ -149,6 +147,9 @@ module Bullion
           contact: user.contacts,
           orders: uri("/accounts/#{user.id}/orders")
         }.to_json
+      rescue Bullion::Acme::Error => e
+        content_type "application/problem+json"
+        halt 400, { type: e.acme_error, detail: e.message }.to_json
       end
 
       # Endpoint for updating accounts

data/lib/bullion/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Bullion
-  VERSION = "0.10.0"
+  VERSION = "0.10.2"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: bullion
 version: !ruby/object:Gem::Version
-  version: 0.10.0
+  version: 0.10.2
 platform: ruby
 authors:
 - Jonathan Gnagy