bullion 0.3.0 → 0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f7e5e7935b8ed90f7e8e6695215b039507272a2db3ab1ed8919b0ae9abef1823
-  data.tar.gz: 81e4de3cc1fe7e876c487c7edb0fd3e775125d841e16ff3948fafd5e1d5adec2
+  metadata.gz: f1897a626efbdecba9680874c7c3266b74bcfdbbe75e6b9646876cdac0951166
+  data.tar.gz: 9615ce0ee849c308eb6c0e19ca265e08f2794decb0b204fe1d3b4ed0896e7705
 SHA512:
-  metadata.gz: e8d9a743a1b81df4ee26858d7ece2b43c77070568f01298d35c4b2eef78f6cac6a1ecab89e232d18e5321f81b4382ac331a3242d11771bd954de64b5a9a16961
-  data.tar.gz: 628f70c629f53e09424c59a5553c81dbb172d3d57fa117e76c74d861e8cd1ad9a0a47d52db52609d17d2da78b6c50d7fc533007966a532d2e4acc9f04dab79d6
+  metadata.gz: f78395c368c1b52af2cf043615c89925697f48faf40d7fa5623198b44b14eece6085d7a49d00bbaff53c7e4d24dafe2fb8fb65fc7f788a872de98c3a75e6aa2a
+  data.tar.gz: d89899a9513543bbba121496a4c214f96ee327e98d7993c5806b436a32e2c16256dc9296f82fa74ab3a558ddaba8755dd895c8534a07e77580f5b964efbad118

data/.rspec

@@ -1,3 +1,2 @@
 --format documentation
 --color
---require spec_helper

data/Dockerfile

@@ -1,34 +1,25 @@
-FROM ruby:3.1-alpine AS build
+FROM ruby:3.1 AS build
 
 ENV RACK_ENV=development
 
 COPY . /build
 
-RUN apk --no-cache upgrade \
-    && apk --no-cache add git mariadb-client mariadb-connector-c \
-       runit sqlite-dev \
-    && apk --no-cache add --virtual build-dependencies \
-       build-base mariadb-dev
+RUN apt-get update && apt-get upgrade -y && apt-get install -y libsqlite3-dev sqlite3 curl libsodium-dev
 
-RUN apk add build-base \
-    && cd /build \
+RUN cd /build \
     && gem build bullion.gemspec \
     && mv bullion*.gem /bullion.gem
 
 WORKDIR /build
 
-FROM ruby:3.1-alpine
+FROM ruby:3.1
 LABEL maintainer="Jonathan Gnagy <jonathan.gnagy@gmail.com>"
 
 ENV BULLION_PORT=9292
 ENV BULLION_ENVIRONMENT=development
 ENV DATABASE_URL=sqlite3:///tmp/bullion.db
 
-RUN apk --no-cache upgrade \
-    && apk --no-cache add git mariadb-client mariadb-connector-c \
-       runit sqlite-dev \
-    && apk --no-cache add --virtual build-dependencies \
-       build-base mariadb-dev
+RUN apt-get update && apt-get upgrade -y && apt-get -y install libsqlite3-dev sqlite3 curl libsodium-dev
 
 RUN mkdir /app
 
@@ -47,8 +38,7 @@ RUN chmod +x /entrypoint.sh \
 
 WORKDIR /app
 
-RUN gem install bullion.gem \
-    && apk del build-dependencies
+RUN gem install bullion.gem
 
 USER nobody
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    bullion (0.3.0)
+    bullion (0.3.1)
       httparty (~> 0.18)
       json (~> 2.6)
       jwt (~> 2.4)

data/README.md

@@ -36,7 +36,7 @@ Whether run locally or via Docker, the following environment variables configure
 | `CA_CERT_PATH` | `$CA_DIR/tls.crt` | Public cert for Bullion. If Bullion is an intermediate CA, you'll want to include the root CA's public cert in this file as well the signed cert for Bullion. |
 | `CA_DOMAINS` | `example.com` | A comma-delimited list of domains for which Bullion will sign certificate requests. Subdomains are automatically allowed. Certificates containing other domains will be rejected. |
 | `CERT_VALIDITY_DURATION` | `7776000` | How long should issued certs be valid (in seconds)? Default is 90 days. |
-| `DATABASE_URL` | _None_ | **(Required)** A shorthand for telling Bullion how to connect to a database. Acceptable URLs will either being with `sqlite3:` or [`mysql2://`](https://github.com/brianmario/mysql2#using-active-records-database_url). |
+| `DATABASE_URL` | _None_ | **(Required)** A shorthand for telling Bullion how to connect to a database. Acceptable URLs will either begin with `sqlite3:` or [`mysql2://`](https://github.com/brianmario/mysql2#using-active-records-database_url). |
 | `DNS01_NAMESERVERS` | _None_ | A comma-delimited list of nameservers to use for resolving [DNS-01](https://letsencrypt.org/docs/challenge-types/#dns-01-challenge) challenges. Usually you'll want this to be set to your _internal_ nameservers so internal names resolve correctly. When not set, it'll use the host's DNS. |
 | `LOG_LEVEL` | `warn` | Log level for Bullion. Supported levels (starting with the noisiest) are debug, info, warn, error, and fatal. |
 | `BULLION_PORT` | `9292` | TCP port Bullion will listen on. |

data/Rakefile

@@ -20,7 +20,14 @@ namespace :db do
   end
 end
 
-RSpec::Core::RakeTask.new(:spec)
+RSpec::Core::RakeTask.new(:spec) do |t|
+  t.exclude_pattern = "spec/integration/**{,/*/**}/*_spec.rb"
+  t.rspec_opts = "--require spec_helper"
+end
+RSpec::Core::RakeTask.new(:integration_testing) do |t|
+  t.pattern = "spec/integration/**{,/*/**}/*_spec.rb"
+  t.rspec_opts = "--require integration_helper"
+end
 RuboCop::RakeTask.new(:rubocop)
 YARD::Rake::YardocTask.new
 
@@ -64,7 +71,14 @@ task :prep do
 end
 
 task :demo do
-  system("rackup -D -P #{File.expand_path(".")}/tmp/daemon.pid")
+  rack_env = "test"
+  database_url = "sqlite3:#{File.expand_path(".")}/tmp/db/#{rack_env}.sqlite3"
+  system("RACK_ENV=\"#{rack_env}\" DATABASE_URL=\"#{database_url}\" bundle exec rake db:migrate")
+  system(
+    "RACK_ENV=\"#{rack_env}\" DATABASE_URL=\"#{database_url}\" " \
+    "LOG_LEVEL='#{ENV.fetch("LOG_LEVEL", "info")}' " \
+    "rackup -D -P #{File.expand_path(".")}/tmp/daemon.pid"
+  )
 end
 
 task :foreground_demo do
@@ -85,10 +99,11 @@ task :cleanup do
   end
 end
 
-Rake::Task["spec"].enhance(["cleanup"])
+Rake::Task["integration_testing"].enhance(["cleanup"])
 
-task default: %i[prep db:migrate demo spec rubocop]
+task test: %i[prep db:migrate spec demo integration_testing]
+task unit: %i[prep db:migrate spec]
 
-task test: %i[prep db:migrate demo spec]
+task default: %i[test rubocop yard]
 
 task local_demo: %i[prep db:migrate foreground_demo]

data/lib/bullion/challenge_client.rb

@@ -53,7 +53,7 @@ module Bullion
     # rubocop:enable Metrics/MethodLength
 
     def identifier
-      challenge.authorization.identifier["value"]
+      challenge.identifier
     end
   end
 end

data/lib/bullion/challenge_clients/dns.rb

@@ -23,29 +23,26 @@ module Bullion
         Base64.urlsafe_encode64(digest).sub(/[\s=]*\z/, "")
       end
 
-      def dns_value
-        name = "_acme-challenge.#{identifier}"
+      def dns_name
+        "_acme-challenge.#{identifier}"
+      end
 
+      def dns_value
         # Randomly select a nameserver to pull the TXT record
         nameserver = NAMESERVERS.sample
 
-        LOGGER.debug "Looking up #{name}"
-        records = records_for(name, nameserver)
-        raise "Failed to find records for #{name}" unless records
+        LOGGER.debug "Looking up #{dns_name}"
+        records = records_for(dns_name, nameserver)
+        raise "Failed to find records for #{dns_name}" unless records
 
         record = records.map(&:strings).flatten.first
-        LOGGER.debug "Resolved #{name} to value #{record}"
+        LOGGER.debug "Resolved #{dns_name} to value #{record}"
         record
-      rescue Resolv::ResolvError
-        msg = ["Resolution error for #{name}"]
+      rescue StandardError => e
+        msg = ["Resolution error '#{e.message}' for #{dns_name}"]
         msg << "via #{nameserver}" if nameserver
         LOGGER.info msg.join(" ")
         false
-      rescue StandardError => e
-        msg = ["Error '#{e.message}' for #{name}"]
-        msg << "with #{nameserver}" if nameserver
-        LOGGER.warn msg.join(" ")
-        false
       end
 
       def records_for(name, nameserver = nil)

data/lib/bullion/models/account.rb

@@ -4,8 +4,8 @@ module Bullion
   module Models
     # ACMEv2 Account model
     class Account < ActiveRecord::Base
-      serialize :contacts, Array
-      serialize :public_key, Hash
+      serialize :contacts, JSON
+      serialize :public_key, JSON
 
       validates_uniqueness_of :public_key
 

data/lib/bullion/models/authorization.rb

@@ -4,7 +4,7 @@ module Bullion
   module Models
     # ACMEv2 Authorization model
     class Authorization < ActiveRecord::Base
-      serialize :identifier, Hash
+      serialize :identifier, JSON
 
       after_initialize :init_values, unless: :persisted?
 

data/lib/bullion/models/certificate.rb

@@ -4,7 +4,7 @@ module Bullion
   module Models
     # SSL Certificate model
     class Certificate < ActiveRecord::Base
-      serialize :alternate_names
+      serialize :alternate_names, JSON
 
       after_initialize :init_values, unless: :persisted?
 

data/lib/bullion/models/challenge.rb

@@ -11,6 +11,13 @@ module Bullion
       validates :acme_type, inclusion: { in: %w[http-01 dns-01] }
       validates :status, inclusion: { in: %w[invalid pending processing valid] }
 
+      scope :dns01, -> { where(acme_type: "dns-01") }
+      scope :http01, -> { where(acme_type: "http-01") }
+
+      def identifier
+        authorization.identifier["value"]
+      end
+
       def init_values
         self.expires ||= Time.now + (60 * 60)
         self.token ||= SecureRandom.alphanumeric(48)

data/lib/bullion/models/order.rb

@@ -4,7 +4,7 @@ module Bullion
   module Models
     # ACMEv2 Order model
     class Order < ActiveRecord::Base
-      serialize :identifiers, Array
+      serialize :identifiers, JSON
 
       after_initialize :init_values, unless: :persisted?
 

data/lib/bullion/version.rb

@@ -4,6 +4,6 @@ module Bullion
   VERSION = [
     0, # major
     3, # minor
-    0 # patch
+    1 # patch
   ].join(".")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bullion
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Jonathan Gnagy
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-07-18 00:00:00.000000000 Z
+date: 2022-07-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty