github-pages-health-check 1.17.7 → 1.17.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/push-cibuild.yml +1 -0
  3. data/Gemfile +1 -0
  4. data/README.md +37 -0
  5. data/config/cloudflare-ips.txt +8 -1
  6. data/config/fastly-ips.txt +3 -1
  7. data/lib/github-pages-health-check/domain.rb +45 -22
  8. data/lib/github-pages-health-check/version.rb +1 -1
  9. data/script/check +2 -0
  10. data/script/update-cdn-ips +34 -6
  11. metadata +3 -4
  12. data/.travis.yml +0 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e961f88294ef76b14d92f54148d7945f53b6530fca559f6bbc2293791009a1aa
4
- data.tar.gz: 031ae5026c940269ef7f6c76440acb3b20ee8c4df284280877778d4f8554a31c
3
+ metadata.gz: b93b42aca0a60b8bd7d5df583585ec14e09c171077bf389e0d53699e935a344c
4
+ data.tar.gz: 9616ee04e0a5c2e80e2a1f32b66e401a39f98f31ba30317ffcb8e98c810994ca
5
5
  SHA512:
6
- metadata.gz: ae56fb03f358257dd708d28e8241e57bb706efe4491794aaaf23c5e0fd6f74c9bc7e052d70d6c407edf9e1b9126bad029c4b4c2076208765d57a57301f2ee78b
7
- data.tar.gz: 39902634d23d7d69b110dbe17f2ae6fa5f668628e3829c0c816bffe46143320d531bd23f098612c87f480ec416e8ca754125eaec5f58ba364ff2496c0798236d
6
+ metadata.gz: 911c9d7e94f6a943a6789bc701b7bdf3ff1aa74b4ed0083d18304b40e903b0056175ea5c8990b1ef091156543cf651efcb3a38d80b7bb6721725b1b40c87ade1
7
+ data.tar.gz: 5dbcdd645e5f05c758126c1ce6dda0338a41ae6404f152ef18de7e2b6b37308446dd5b06cbf4f154d57a0c5eca87a1623debe3760aada69639b9d85193de6298
data/.github/workflows/push-cibuild.yml CHANGED
@@ -10,6 +10,7 @@ jobs:
10
10
  - 2.5
11
11
  - 2.6
12
12
  - 2.7
13
+ - 3.0
13
14
  steps:
14
15
  - uses: actions/checkout@master
15
16
  - name: script/cibuild-docker
data/Gemfile CHANGED
@@ -6,6 +6,7 @@ group :development do
6
6
  gem "dotenv", "~> 2.7"
7
7
  gem "gem-release", "~> 2.1"
8
8
  gem "pry", "~> 0.10"
9
+ gem "pry-byebug"
9
10
  gem "rspec", "~> 3.0"
10
11
  gem "rubocop", "~> 0.52"
11
12
  gem "webmock", "~> 3.8"
data/README.md CHANGED
@@ -81,3 +81,40 @@ check = GitHubPages::HealthCheck::Site.new "github/pages-health-check", access_t
81
81
  ```
82
82
 
83
83
  You can also set `OCTOKIT_ACCESS_TOKEN` as an environmental variable, or via a `.env` file in your working directory.
84
+
85
+ ### Command Line
86
+
87
+ ```
88
+ ./script/check pages.github.com
89
+
90
+ host: pages.github.com
91
+ uri: https://pages.github.com/
92
+ nameservers: :default
93
+ dns_resolves?: true
94
+ proxied?: false
95
+ cloudflare_ip?: false
96
+ fastly_ip?: false
97
+ old_ip_address?: false
98
+ a_record?: false
99
+ cname_record?: true
100
+ mx_records_present?: false
101
+ valid_domain?: true
102
+ apex_domain?: false
103
+ should_be_a_record?: false
104
+ cname_to_github_user_domain?: true
105
+ cname_to_pages_dot_github_dot_com?: false
106
+ cname_to_fastly?: false
107
+ pointed_to_github_pages_ip?: false
108
+ non_github_pages_ip_present?: false
109
+ pages_domain?: true
110
+ served_by_pages?: true
111
+ valid?: true
112
+ reason:
113
+ https?: true
114
+ enforces_https?: true
115
+ https_error:
116
+ https_eligible?: true
117
+ caa_error:
118
+ dns_zone_soa?: false
119
+ dns_zone_ns?: false
120
+ ```
data/config/cloudflare-ips.txt CHANGED
@@ -12,4 +12,11 @@
12
12
  104.16.0.0/13
13
13
  104.24.0.0/14
14
14
  172.64.0.0/13
15
- 131.0.72.0/22
15
+ 131.0.72.0/22
16
+ 2400:cb00::/32
17
+ 2606:4700::/32
18
+ 2803:f800::/32
19
+ 2405:b500::/32
20
+ 2405:8100::/32
21
+ 2a06:98c0::/29
22
+ 2c0f:f248::/32
data/config/fastly-ips.txt CHANGED
@@ -14,4 +14,6 @@
14
14
  172.111.64.0/18
15
15
  185.31.16.0/22
16
16
  199.27.72.0/21
17
- 199.232.0.0/16
17
+ 199.232.0.0/16
18
+ 2a04:4e40::/32
19
+ 2a04:4e42::/32
data/lib/github-pages-health-check/domain.rb CHANGED
@@ -77,13 +77,23 @@ module GitHubPages
77
77
  185.199.111.153
78
78
  ).freeze
79
79
 
80
+ CURRENT_IPV6_ADDRESSES = %w(
81
+ 2606:50c0:8000::153
82
+ 2606:50c0:8001::153
83
+ 2606:50c0:8002::153
84
+ 2606:50c0:8003::153
85
+ ).freeze
86
+
87
+ CURRENT_IP_ADDRESSES_ALL =
88
+ (CURRENT_IP_ADDRESSES + CURRENT_IPV6_ADDRESSES).freeze
89
+
80
90
  HASH_METHODS = %i[
81
91
  host uri nameservers dns_resolves? proxied? cloudflare_ip?
82
- fastly_ip? old_ip_address? a_record? cname_record?
83
- mx_records_present? valid_domain? apex_domain? should_be_a_record?
84
- cname_to_github_user_domain? cname_to_pages_dot_github_dot_com?
85
- cname_to_fastly? pointed_to_github_pages_ip?
86
- non_github_pages_ip_present? pages_domain?
92
+ fastly_ip? old_ip_address? a_record? aaaa_record? aaaa_record_present?
93
+ cname_record? mx_records_present? valid_domain? apex_domain?
94
+ should_be_a_record? cname_to_github_user_domain?
95
+ cname_to_pages_dot_github_dot_com? cname_to_fastly?
96
+ pointed_to_github_pages_ip? non_github_pages_ip_present? pages_domain?
87
97
  served_by_pages? valid? reason valid_domain? https?
88
98
  enforces_https? https_error https_eligible? caa_error dns_zone_soa? dns_zone_ns?
89
99
  ].freeze
@@ -128,8 +138,8 @@ module GitHubPages
128
138
  def invalid_aaaa_record?
129
139
  return @invalid_aaaa_record if defined? @invalid_aaaa_record
130
140
 
131
- @invalid_aaaa_record = (valid_domain? && should_be_a_record? &&
132
- aaaa_record_present?)
141
+ @invalid_aaaa_record =
142
+ (valid_domain? && aaaa_record_present? && !should_be_a_record?)
133
143
  end
134
144
 
135
145
  def invalid_a_record?
@@ -213,20 +223,20 @@ module GitHubPages
213
223
  !should_be_a_record?
214
224
  end
215
225
 
216
- # Is the domain's first response an A record to a valid GitHub Pages IP?
226
+ # Is the domain's first response an A or AAAA record to a valid GitHub Pages IP?
217
227
  def pointed_to_github_pages_ip?
218
- a_record? && CURRENT_IP_ADDRESSES.include?(dns.first.address.to_s)
228
+ return false unless address_record?
229
+
230
+ CURRENT_IP_ADDRESSES_ALL.include?(dns.first.address.to_s.downcase)
219
231
  end
220
232
 
221
- # Are any of the domain's A records pointing elsewhere?
233
+ # Are any of the domain's A or AAAA records pointing elsewhere?
222
234
  def non_github_pages_ip_present?
223
235
  return unless dns?
224
236
 
225
- a_records = dns.select { |answer| answer.type == Dnsruby::Types::A }
226
-
227
- a_records.any? { |answer| !github_pages_ip?(answer.address.to_s) }
228
-
229
- false
237
+ dns
238
+ .select { |a| Dnsruby::Types::A == a.type || Dnsruby::Types::AAAA == a.type }
239
+ .any? { |a| !github_pages_ip?(a.address.to_s) }
230
240
  end
231
241
 
232
242
  # Is the domain's first response a CNAME to a pages domain?
@@ -345,9 +355,18 @@ module GitHubPages
345
355
 
346
356
  # Is this domain's first response an A record?
347
357
  def a_record?
358
+ return @is_a_record if defined?(@is_a_record)
348
359
  return unless dns?
349
360
 
350
- dns.first.type == Dnsruby::Types::A
361
+ @is_a_record = Dnsruby::Types::A == dns.first.type
362
+ end
363
+
364
+ # Is this domain's first response an AAAA record?
365
+ def aaaa_record?
366
+ return @is_aaaa_record if defined?(@is_aaaa_record)
367
+ return unless dns?
368
+
369
+ @is_aaaa_record = Dnsruby::Types::AAAA == dns.first.type
351
370
  end
352
371
 
353
372
  def aaaa_record_present?
@@ -423,8 +442,6 @@ module GitHubPages
423
442
  def https_eligible?
424
443
  # Can't have any IP's which aren't GitHub's present.
425
444
  return false if non_github_pages_ip_present?
426
- # Can't have any AAAA records present
427
- return false if aaaa_record_present?
428
445
  # Must be a CNAME or point to our IPs.
429
446
 
430
447
  # Only check the one domain if a CNAME. Don't check the parent domain.
@@ -443,6 +460,10 @@ module GitHubPages
443
460
 
444
461
  private
445
462
 
463
+ def address_record?
464
+ a_record? || aaaa_record?
465
+ end
466
+
446
467
  def caa
447
468
  @caa ||= GitHubPages::HealthCheck::CAA.new(
448
469
  :host => cname&.host || host,
@@ -517,10 +538,12 @@ module GitHubPages
517
538
  def cdn_ip?(cdn)
518
539
  return unless dns?
519
540
 
520
- a_records = dns.select { |answer| answer.type == Dnsruby::Types::A }
521
- return false if !a_records || a_records.empty?
541
+ address_records = dns.select do |answer|
542
+ Dnsruby::Types::A == answer.type || Dnsruby::Types::AAAA == answer.type
543
+ end
544
+ return false if !address_records || address_records.empty?
522
545
 
523
- a_records.all? do |answer|
546
+ address_records.all? do |answer|
524
547
  cdn.controls_ip?(answer.address)
525
548
  end
526
549
  end
@@ -530,7 +553,7 @@ module GitHubPages
530
553
  end
531
554
 
532
555
  def github_pages_ip?(ip_addr)
533
- CURRENT_IP_ADDRESSES.include?(ip_addr)
556
+ CURRENT_IP_ADDRESSES_ALL.include?(ip_addr&.to_s&.downcase)
534
557
  end
535
558
  end
536
559
  end
data/lib/github-pages-health-check/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module GitHubPages
4
4
  module HealthCheck
5
- VERSION = "1.17.7"
5
+ VERSION = "1.17.8"
6
6
  end
7
7
  end
data/script/check CHANGED
@@ -3,6 +3,8 @@
3
3
  #
4
4
  # Usage: script/check [DOMAIN]
5
5
 
6
+ require "rubygems"
7
+ require "bundler/setup"
6
8
  require_relative "../lib/github-pages-health-check"
7
9
 
8
10
  if ARGV.count != 1
data/script/update-cdn-ips CHANGED
@@ -8,15 +8,43 @@ require "open-uri"
8
8
  require "json"
9
9
 
10
10
  SOURCES = {
11
- :cloudflare => "https://www.cloudflare.com/ips-v4",
12
- :fastly => "https://api.fastly.com/public-ip-list"
11
+ :cloudflare => ["https://www.cloudflare.com/ips-v4", "https://www.cloudflare.com/ips-v6"],
12
+ :fastly => ["https://api.fastly.com/public-ip-list"]
13
13
  }.freeze
14
14
 
15
- SOURCES.each do |source, url|
15
+ def parse_fastly(data)
16
+ json_data = JSON.parse(data)
17
+ (json_data["addresses"] + json_data["ipv6_addresses"]).join("\n")
18
+ end
19
+
20
+ def parse_cloudflare(data)
21
+ data
22
+ end
23
+
24
+ def fetch_ips_from_cdn(urls)
25
+ urls.map do |url|
26
+ puts "Fetching #{url}..."
27
+ URI.parse(url).open.read
28
+ end.join("\n")
29
+ end
30
+
31
+ def update_cdn_file(source, data)
16
32
  file = "config/#{source}-ips.txt"
17
- puts "Fetching #{url}..."
18
- data = open(url).read
19
- data = JSON.parse(data)["addresses"].join("\n") if source == :fastly
20
33
  File.write(file, data)
34
+ puts "Writing contents to #{file} and staging changes."
21
35
  `git add --verbose #{file}`
22
36
  end
37
+
38
+ def parse_cdn_response(source, ips)
39
+ send("parse_#{source}", ips)
40
+ end
41
+
42
+ def update_cdn_ips(source, urls)
43
+ ips = fetch_ips_from_cdn(urls)
44
+ data = parse_cdn_response(source, ips)
45
+ update_cdn_file(source, data)
46
+ end
47
+
48
+ SOURCES.each do |source, urls|
49
+ update_cdn_ips(source, urls)
50
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: github-pages-health-check
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.17.7
4
+ version: 1.17.8
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub, Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-23 00:00:00.000000000 Z
11
+ date: 2021-09-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: addressable
@@ -99,7 +99,6 @@ files:
99
99
  - ".rspec"
100
100
  - ".rubocop.yml"
101
101
  - ".ruby-version"
102
- - ".travis.yml"
103
102
  - Dockerfile
104
103
  - Gemfile
105
104
  - LICENSE.md
@@ -161,7 +160,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
161
160
  - !ruby/object:Gem::Version
162
161
  version: '0'
163
162
  requirements: []
164
- rubygems_version: 3.1.2
163
+ rubygems_version: 3.2.9
165
164
  signing_key:
166
165
  specification_version: 4
167
166
  summary: Checks your GitHub Pages site for commons DNS configuration issues
data/.travis.yml DELETED
@@ -1,16 +0,0 @@
1
- language: ruby
2
- rvm:
3
- - 2.5
4
- - 2.6
5
- - 2.7
6
-
7
- before_install:
8
- - gem update --system
9
-
10
- script: "script/cibuild"
11
-
12
- notifications:
13
- email: false
14
-
15
- cache: bundler
16
- sudo: false