bullion 0.3.0 → 0.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f7e5e7935b8ed90f7e8e6695215b039507272a2db3ab1ed8919b0ae9abef1823
-  data.tar.gz: 81e4de3cc1fe7e876c487c7edb0fd3e775125d841e16ff3948fafd5e1d5adec2
+  metadata.gz: eeb140b2f96dc4b7a1b90dd67def6ea51aa6cafe95d539802ff08d5051215944
+  data.tar.gz: ebadc84892a2cd895d1d5c89491df517b2a5e71a59aa245211a0e603d43a3fb5
 SHA512:
-  metadata.gz: e8d9a743a1b81df4ee26858d7ece2b43c77070568f01298d35c4b2eef78f6cac6a1ecab89e232d18e5321f81b4382ac331a3242d11771bd954de64b5a9a16961
-  data.tar.gz: 628f70c629f53e09424c59a5553c81dbb172d3d57fa117e76c74d861e8cd1ad9a0a47d52db52609d17d2da78b6c50d7fc533007966a532d2e4acc9f04dab79d6
+  metadata.gz: 37844c15c8c40d311f1dd8bbc31661b8810af1af7641ff799509a27b9bf325780a7c8c15f307efc59de9065c9c430e674f198bd67b5a8cf54e0a2a096ac4cb4f
+  data.tar.gz: 88bb5cb35c0cdf2c857538a631fa8ac681a70b56df56ec7d6bf6843597c778ddc07fa3cae54dc90a6585727b87a32bc76bad3942b850f2544b86feff03d1b91e

data/.rspec

@@ -1,3 +1,2 @@
 --format documentation
 --color
---require spec_helper

data/Dockerfile

@@ -1,34 +1,25 @@
-FROM ruby:3.1-alpine AS build
+FROM ruby:3.1 AS build
 
 ENV RACK_ENV=development
 
 COPY . /build
 
-RUN apk --no-cache upgrade \
-    && apk --no-cache add git mariadb-client mariadb-connector-c \
-       runit sqlite-dev \
-    && apk --no-cache add --virtual build-dependencies \
-       build-base mariadb-dev
+RUN apt-get update && apt-get upgrade -y && apt-get install -y libsqlite3-dev sqlite3 curl libsodium-dev
 
-RUN apk add build-base \
-    && cd /build \
+RUN cd /build \
     && gem build bullion.gemspec \
     && mv bullion*.gem /bullion.gem
 
 WORKDIR /build
 
-FROM ruby:3.1-alpine
+FROM ruby:3.1
 LABEL maintainer="Jonathan Gnagy <jonathan.gnagy@gmail.com>"
 
 ENV BULLION_PORT=9292
 ENV BULLION_ENVIRONMENT=development
 ENV DATABASE_URL=sqlite3:///tmp/bullion.db
 
-RUN apk --no-cache upgrade \
-    && apk --no-cache add git mariadb-client mariadb-connector-c \
-       runit sqlite-dev \
-    && apk --no-cache add --virtual build-dependencies \
-       build-base mariadb-dev
+RUN apt-get update && apt-get upgrade -y && apt-get -y install libsqlite3-dev sqlite3 curl libsodium-dev
 
 RUN mkdir /app
 
@@ -47,8 +38,7 @@ RUN chmod +x /entrypoint.sh \
 
 WORKDIR /app
 
-RUN gem install bullion.gem \
-    && apk del build-dependencies
+RUN gem install bullion.gem
 
 USER nobody
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    bullion (0.3.0)
+    bullion (0.3.3)
       httparty (~> 0.18)
       json (~> 2.6)
       jwt (~> 2.4)
@@ -31,10 +31,13 @@ GEM
       minitest (>= 5.1)
       tzinfo (~> 2.0)
     ast (2.4.2)
+    backport (1.2.0)
+    benchmark (0.2.0)
     byebug (11.1.3)
     concurrent-ruby (1.1.10)
     diff-lcs (1.5.0)
     docile (1.4.0)
+    e2mmap (0.1.0)
     faraday (2.3.0)
       faraday-net_http (~> 2.0)
       ruby2_keywords (>= 0.0.4)
@@ -45,11 +48,17 @@ GEM
       multi_xml (>= 0.5.2)
     i18n (1.12.0)
       concurrent-ruby (~> 1.0)
+    jaro_winkler (1.5.4)
     json (2.6.2)
     jwt (2.4.1)
+    kramdown (2.4.0)
+      rexml
+    kramdown-parser-gfm (1.1.0)
+      kramdown (~> 2.0)
     mime-types (3.4.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2022.0105)
+    mini_portile2 (2.8.0)
     minitest (5.16.2)
     multi_json (1.15.0)
     multi_xml (0.6.0)
@@ -57,6 +66,9 @@ GEM
       ruby2_keywords (~> 0.0.1)
     mysql2 (0.5.4)
     nio4r (2.5.8)
+    nokogiri (1.13.7)
+      mini_portile2 (~> 2.8.0)
+      racc (~> 1.4)
     openssl (3.0.0)
     parallel (1.22.1)
     parser (3.1.2.0)
@@ -64,6 +76,7 @@ GEM
     prometheus-client (4.0.0)
     puma (5.6.4)
       nio4r (~> 2.0)
+    racc (1.6.0)
     rack (2.2.4)
     rack-protection (2.2.1)
       rack
@@ -72,6 +85,8 @@ GEM
     rainbow (3.1.1)
     rake (12.3.3)
     regexp_parser (2.5.0)
+    reverse_markdown (2.1.1)
+      nokogiri
     rexml (3.2.5)
     rspec (3.11.0)
       rspec-core (~> 3.11.0)
@@ -86,22 +101,22 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.11.0)
     rspec-support (3.11.0)
-    rubocop (1.31.2)
+    rubocop (1.32.0)
       json (~> 2.3)
       parallel (~> 1.10)
       parser (>= 3.1.0.0)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.18.0, < 2.0)
+      rubocop-ast (>= 1.19.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
     rubocop-ast (1.19.1)
       parser (>= 3.1.1.0)
     rubocop-rake (0.6.0)
       rubocop (~> 1.0)
-    rubocop-rspec (2.11.1)
-      rubocop (~> 1.19)
+    rubocop-rspec (2.12.1)
+      rubocop (~> 1.31)
     ruby-progressbar (1.11.0)
     ruby2_keywords (0.0.5)
     simplecov (0.21.2)
@@ -127,9 +142,25 @@ GEM
       rack-protection (= 2.2.1)
       sinatra (= 2.2.1)
       tilt (~> 2.0)
+    solargraph (0.45.0)
+      backport (~> 1.2)
+      benchmark
+      bundler (>= 1.17.2)
+      diff-lcs (~> 1.4)
+      e2mmap
+      jaro_winkler (~> 1.5)
+      kramdown (~> 2.3)
+      kramdown-parser-gfm (~> 1.1)
+      parser (~> 3.0)
+      reverse_markdown (>= 1.0.5, < 3)
+      rubocop (>= 0.52)
+      thor (~> 1.0)
+      tilt (~> 2.0)
+      yard (~> 0.9, >= 0.9.24)
     sqlite3 (1.4.4)
-    tilt (2.0.10)
-    tzinfo (2.0.4)
+    thor (1.2.1)
+    tilt (2.0.11)
+    tzinfo (2.0.5)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.2.0)
     webrick (1.7.0)
@@ -152,6 +183,7 @@ DEPENDENCIES
   rubocop-rspec (~> 2.11)
   simplecov (~> 0.21)
   simplecov-cobertura (~> 2.1)
+  solargraph (~> 0.45)
   yard (~> 0.9)
 
 BUNDLED WITH

data/README.md

@@ -36,7 +36,7 @@ Whether run locally or via Docker, the following environment variables configure
 | `CA_CERT_PATH` | `$CA_DIR/tls.crt` | Public cert for Bullion. If Bullion is an intermediate CA, you'll want to include the root CA's public cert in this file as well the signed cert for Bullion. |
 | `CA_DOMAINS` | `example.com` | A comma-delimited list of domains for which Bullion will sign certificate requests. Subdomains are automatically allowed. Certificates containing other domains will be rejected. |
 | `CERT_VALIDITY_DURATION` | `7776000` | How long should issued certs be valid (in seconds)? Default is 90 days. |
-| `DATABASE_URL` | _None_ | **(Required)** A shorthand for telling Bullion how to connect to a database. Acceptable URLs will either being with `sqlite3:` or [`mysql2://`](https://github.com/brianmario/mysql2#using-active-records-database_url). |
+| `DATABASE_URL` | _None_ | **(Required)** A shorthand for telling Bullion how to connect to a database. Acceptable URLs will either begin with `sqlite3:` or [`mysql2://`](https://github.com/brianmario/mysql2#using-active-records-database_url). |
 | `DNS01_NAMESERVERS` | _None_ | A comma-delimited list of nameservers to use for resolving [DNS-01](https://letsencrypt.org/docs/challenge-types/#dns-01-challenge) challenges. Usually you'll want this to be set to your _internal_ nameservers so internal names resolve correctly. When not set, it'll use the host's DNS. |
 | `LOG_LEVEL` | `warn` | Log level for Bullion. Supported levels (starting with the noisiest) are debug, info, warn, error, and fatal. |
 | `BULLION_PORT` | `9292` | TCP port Bullion will listen on. |

data/Rakefile

@@ -20,7 +20,14 @@ namespace :db do
   end
 end
 
-RSpec::Core::RakeTask.new(:spec)
+RSpec::Core::RakeTask.new(:spec) do |t|
+  t.exclude_pattern = "spec/integration/**{,/*/**}/*_spec.rb"
+  t.rspec_opts = "--require spec_helper"
+end
+RSpec::Core::RakeTask.new(:integration_testing) do |t|
+  t.pattern = "spec/integration/**{,/*/**}/*_spec.rb"
+  t.rspec_opts = "--require integration_helper"
+end
 RuboCop::RakeTask.new(:rubocop)
 YARD::Rake::YardocTask.new
 
@@ -64,7 +71,14 @@ task :prep do
 end
 
 task :demo do
-  system("rackup -D -P #{File.expand_path(".")}/tmp/daemon.pid")
+  rack_env = "test"
+  database_url = "sqlite3:#{File.expand_path(".")}/tmp/db/#{rack_env}.sqlite3"
+  system("RACK_ENV=\"#{rack_env}\" DATABASE_URL=\"#{database_url}\" bundle exec rake db:migrate")
+  system(
+    "RACK_ENV=\"#{rack_env}\" DATABASE_URL=\"#{database_url}\" " \
+    "LOG_LEVEL='#{ENV.fetch("LOG_LEVEL", "info")}' " \
+    "rackup -D -P #{File.expand_path(".")}/tmp/daemon.pid"
+  )
 end
 
 task :foreground_demo do
@@ -85,10 +99,11 @@ task :cleanup do
   end
 end
 
-Rake::Task["spec"].enhance(["cleanup"])
+Rake::Task["integration_testing"].enhance(["cleanup"])
 
-task default: %i[prep db:migrate demo spec rubocop]
+task test: %i[prep db:migrate spec demo integration_testing]
+task unit: %i[prep db:migrate spec]
 
-task test: %i[prep db:migrate demo spec]
+task default: %i[test rubocop yard]
 
 task local_demo: %i[prep db:migrate foreground_demo]

data/bullion.gemspec

@@ -49,5 +49,6 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rubocop-rspec",       "~> 2.11"
   spec.add_development_dependency "simplecov",           "~> 0.21"
   spec.add_development_dependency "simplecov-cobertura", "~> 2.1"
+  spec.add_development_dependency "solargraph",          "~> 0.45"
   spec.add_development_dependency "yard",                "~> 0.9"
 end

data/lib/bullion/challenge_client.rb

@@ -53,7 +53,7 @@ module Bullion
     # rubocop:enable Metrics/MethodLength
 
     def identifier
-      challenge.authorization.identifier["value"]
+      challenge.identifier
     end
   end
 end

data/lib/bullion/challenge_clients/dns.rb

@@ -23,29 +23,26 @@ module Bullion
         Base64.urlsafe_encode64(digest).sub(/[\s=]*\z/, "")
       end
 
-      def dns_value
-        name = "_acme-challenge.#{identifier}"
+      def dns_name
+        "_acme-challenge.#{identifier}"
+      end
 
+      def dns_value
         # Randomly select a nameserver to pull the TXT record
         nameserver = NAMESERVERS.sample
 
-        LOGGER.debug "Looking up #{name}"
-        records = records_for(name, nameserver)
-        raise "Failed to find records for #{name}" unless records
+        LOGGER.debug "Looking up #{dns_name}"
+        records = records_for(dns_name, nameserver)
+        raise "Failed to find records for #{dns_name}" unless records
 
         record = records.map(&:strings).flatten.first
-        LOGGER.debug "Resolved #{name} to value #{record}"
+        LOGGER.debug "Resolved #{dns_name} to value #{record}"
         record
-      rescue Resolv::ResolvError
-        msg = ["Resolution error for #{name}"]
+      rescue StandardError => e
+        msg = ["Resolution error '#{e.message}' for #{dns_name}"]
         msg << "via #{nameserver}" if nameserver
         LOGGER.info msg.join(" ")
         false
-      rescue StandardError => e
-        msg = ["Error '#{e.message}' for #{name}"]
-        msg << "with #{nameserver}" if nameserver
-        LOGGER.warn msg.join(" ")
-        false
       end
 
       def records_for(name, nameserver = nil)

data/lib/bullion/models/account.rb

@@ -4,8 +4,8 @@ module Bullion
   module Models
     # ACMEv2 Account model
     class Account < ActiveRecord::Base
-      serialize :contacts, Array
-      serialize :public_key, Hash
+      serialize :contacts, JSON
+      serialize :public_key, JSON
 
       validates_uniqueness_of :public_key
 

data/lib/bullion/models/authorization.rb

@@ -4,7 +4,7 @@ module Bullion
   module Models
     # ACMEv2 Authorization model
     class Authorization < ActiveRecord::Base
-      serialize :identifier, Hash
+      serialize :identifier, JSON
 
       after_initialize :init_values, unless: :persisted?
 

data/lib/bullion/models/certificate.rb

@@ -4,7 +4,7 @@ module Bullion
   module Models
     # SSL Certificate model
     class Certificate < ActiveRecord::Base
-      serialize :alternate_names
+      serialize :alternate_names, JSON
 
       after_initialize :init_values, unless: :persisted?
 

data/lib/bullion/models/challenge.rb

@@ -11,6 +11,13 @@ module Bullion
       validates :acme_type, inclusion: { in: %w[http-01 dns-01] }
       validates :status, inclusion: { in: %w[invalid pending processing valid] }
 
+      scope :dns01, -> { where(acme_type: "dns-01") }
+      scope :http01, -> { where(acme_type: "http-01") }
+
+      def identifier
+        authorization.identifier["value"]
+      end
+
       def init_values
         self.expires ||= Time.now + (60 * 60)
         self.token ||= SecureRandom.alphanumeric(48)

data/lib/bullion/models/order.rb

@@ -4,7 +4,7 @@ module Bullion
   module Models
     # ACMEv2 Order model
     class Order < ActiveRecord::Base
-      serialize :identifiers, Array
+      serialize :identifiers, JSON
 
       after_initialize :init_values, unless: :persisted?
 

data/lib/bullion/service.rb

@@ -11,17 +11,26 @@ module Bullion
       set :logging, true
       set :logger, Bullion::LOGGER
       set :database, DB_CONNECTION_SETTINGS
+      set :show_exceptions, false
     end
 
     before do
       # Sets up a useful variable (@json_body) for accessing a parsed request body
       if request.content_type&.include?("json") && !request.body.read.empty?
-        p request.body
         request.body.rewind
         @json_body = JSON.parse(request.body.read, symbolize_names: true)
       end
     rescue StandardError => e
       halt(400, { error: "Request must be JSON: #{e.message}}" }.to_json)
     end
+
+    error do
+      content_type :json
+
+      e = env["sinatra.error"]
+      resp = { result: "error", message: e.message }
+      resp[:trace] = e.full_message if settings.environment.to_s != "production"
+      resp.to_json
+    end
   end
 end

data/lib/bullion/version.rb

@@ -4,6 +4,6 @@ module Bullion
   VERSION = [
     0, # major
     3, # minor
-    0 # patch
+    3 # patch
   ].join(".")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bullion
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.3
 platform: ruby
 authors:
 - Jonathan Gnagy
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-07-18 00:00:00.000000000 Z
+date: 2022-08-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -318,6 +318,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.1'
+- !ruby/object:Gem::Dependency
+  name: solargraph
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.45'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.45'
 - !ruby/object:Gem::Dependency
   name: yard
   requirement: !ruby/object:Gem::Requirement
@@ -345,7 +359,6 @@ files:
 - ".rspec"
 - ".rubocop.yml"
 - ".ruby-version"
-- ".travis.yml"
 - CODE_OF_CONDUCT.md
 - Dockerfile
 - Gemfile

data/.travis.yml

@@ -1,16 +0,0 @@
-language: ruby
-cache: bundler
-rvm:
-- 2.6
-- 2.7
-before_install: gem install bundler -v 2.1.4
-deploy:
-  provider: rubygems
-  api_key:
-    secure: jCGp7gsBcWZhEXQfFkcJKh+6zsAbsAkzyf0rS/IYuJ/IltrZzVm8KXugYMAhL8ZgvKl7ecFhjOmXOMC4q+YPh0ax5ozzbwipR9JoMiACh24RDB302Ye66eyO8xMAQK/KYqyy5ym9mT6ZpP/kKwvIEYJOBjypQ4+Rk+OZJize6L0MAmAtwfRNo9ah7czCQ2wdl18Ss7nfCs9jFrL6aTdZTHi0uolfz2lXHE5kgxSaQoF+xRIYkb4WLrUwypMt9oYimp4LGP+a5BwWIEyz+Kw1i3XXl9cdusKrkGH1no+eNoiK1pAFy6DC6tR1Dtw95EoMCnRhgJ99f5pf2J/3FrJYyUFk0Fph3SWsO8x6EJ05YAnuql+jcuzsXYn3/TCDilS6kbP2NY4anTZLxOha2VesIqtWsT6skKac+zVa9YCG+DVSqaUig93fNxyw+c27giY4oDAOvRBo10m/r4QFJ1oiK+PTHf4phuUtjhVWAzRasSk2Q+nNIK8XHNgtp/GY8RYkxzANsotwg3aZ2FsCh3+9KwZYyEh+pD+n7Ev4d+Lqr5hw2VhIzaY/RbzGkADFuXxz5BVOE42iKdtO1MSycFDGmegQancyt1XDT0dVYhXI8gnw9BvixVmgPMVqTVdodLpjZFLyFbIB93l7zO07gSQ1sVmwhEUL0rbTEBfPPwNX78w=
-  gem: bullion
-  on:
-    tags: true
-    rvm: 2.6
-    repo: jgnagy/bullion
-  skip_cleanup: 'true'