github-pages-health-check 1.17.7 → 1.17.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/push-cibuild.yml +1 -0
- data/Gemfile +1 -0
- data/README.md +37 -0
- data/config/cloudflare-ips.txt +8 -1
- data/config/fastly-ips.txt +3 -1
- data/lib/github-pages-health-check/domain.rb +45 -22
- data/lib/github-pages-health-check/version.rb +1 -1
- data/script/check +2 -0
- data/script/update-cdn-ips +34 -6
- metadata +3 -4
- data/.travis.yml +0 -16
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b93b42aca0a60b8bd7d5df583585ec14e09c171077bf389e0d53699e935a344c
|
|
4
|
+
data.tar.gz: 9616ee04e0a5c2e80e2a1f32b66e401a39f98f31ba30317ffcb8e98c810994ca
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 911c9d7e94f6a943a6789bc701b7bdf3ff1aa74b4ed0083d18304b40e903b0056175ea5c8990b1ef091156543cf651efcb3a38d80b7bb6721725b1b40c87ade1
|
|
7
|
+
data.tar.gz: 5dbcdd645e5f05c758126c1ce6dda0338a41ae6404f152ef18de7e2b6b37308446dd5b06cbf4f154d57a0c5eca87a1623debe3760aada69639b9d85193de6298
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -81,3 +81,40 @@ check = GitHubPages::HealthCheck::Site.new "github/pages-health-check", access_t
|
|
|
81
81
|
```
|
|
82
82
|
|
|
83
83
|
You can also set `OCTOKIT_ACCESS_TOKEN` as an environmental variable, or via a `.env` file in your working directory.
|
|
84
|
+
|
|
85
|
+
### Command Line
|
|
86
|
+
|
|
87
|
+
```
|
|
88
|
+
./script/check pages.github.com
|
|
89
|
+
|
|
90
|
+
host: pages.github.com
|
|
91
|
+
uri: https://pages.github.com/
|
|
92
|
+
nameservers: :default
|
|
93
|
+
dns_resolves?: true
|
|
94
|
+
proxied?: false
|
|
95
|
+
cloudflare_ip?: false
|
|
96
|
+
fastly_ip?: false
|
|
97
|
+
old_ip_address?: false
|
|
98
|
+
a_record?: false
|
|
99
|
+
cname_record?: true
|
|
100
|
+
mx_records_present?: false
|
|
101
|
+
valid_domain?: true
|
|
102
|
+
apex_domain?: false
|
|
103
|
+
should_be_a_record?: false
|
|
104
|
+
cname_to_github_user_domain?: true
|
|
105
|
+
cname_to_pages_dot_github_dot_com?: false
|
|
106
|
+
cname_to_fastly?: false
|
|
107
|
+
pointed_to_github_pages_ip?: false
|
|
108
|
+
non_github_pages_ip_present?: false
|
|
109
|
+
pages_domain?: true
|
|
110
|
+
served_by_pages?: true
|
|
111
|
+
valid?: true
|
|
112
|
+
reason:
|
|
113
|
+
https?: true
|
|
114
|
+
enforces_https?: true
|
|
115
|
+
https_error:
|
|
116
|
+
https_eligible?: true
|
|
117
|
+
caa_error:
|
|
118
|
+
dns_zone_soa?: false
|
|
119
|
+
dns_zone_ns?: false
|
|
120
|
+
```
|
data/config/cloudflare-ips.txt
CHANGED
data/config/fastly-ips.txt
CHANGED
|
@@ -77,13 +77,23 @@ module GitHubPages
|
|
|
77
77
|
185.199.111.153
|
|
78
78
|
).freeze
|
|
79
79
|
|
|
80
|
+
CURRENT_IPV6_ADDRESSES = %w(
|
|
81
|
+
2606:50c0:8000::153
|
|
82
|
+
2606:50c0:8001::153
|
|
83
|
+
2606:50c0:8002::153
|
|
84
|
+
2606:50c0:8003::153
|
|
85
|
+
).freeze
|
|
86
|
+
|
|
87
|
+
CURRENT_IP_ADDRESSES_ALL =
|
|
88
|
+
(CURRENT_IP_ADDRESSES + CURRENT_IPV6_ADDRESSES).freeze
|
|
89
|
+
|
|
80
90
|
HASH_METHODS = %i[
|
|
81
91
|
host uri nameservers dns_resolves? proxied? cloudflare_ip?
|
|
82
|
-
fastly_ip? old_ip_address? a_record?
|
|
83
|
-
mx_records_present? valid_domain? apex_domain?
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
non_github_pages_ip_present? pages_domain?
|
|
92
|
+
fastly_ip? old_ip_address? a_record? aaaa_record? aaaa_record_present?
|
|
93
|
+
cname_record? mx_records_present? valid_domain? apex_domain?
|
|
94
|
+
should_be_a_record? cname_to_github_user_domain?
|
|
95
|
+
cname_to_pages_dot_github_dot_com? cname_to_fastly?
|
|
96
|
+
pointed_to_github_pages_ip? non_github_pages_ip_present? pages_domain?
|
|
87
97
|
served_by_pages? valid? reason valid_domain? https?
|
|
88
98
|
enforces_https? https_error https_eligible? caa_error dns_zone_soa? dns_zone_ns?
|
|
89
99
|
].freeze
|
|
@@ -128,8 +138,8 @@ module GitHubPages
|
|
|
128
138
|
def invalid_aaaa_record?
|
|
129
139
|
return @invalid_aaaa_record if defined? @invalid_aaaa_record
|
|
130
140
|
|
|
131
|
-
@invalid_aaaa_record =
|
|
132
|
-
|
|
141
|
+
@invalid_aaaa_record =
|
|
142
|
+
(valid_domain? && aaaa_record_present? && !should_be_a_record?)
|
|
133
143
|
end
|
|
134
144
|
|
|
135
145
|
def invalid_a_record?
|
|
@@ -213,20 +223,20 @@ module GitHubPages
|
|
|
213
223
|
!should_be_a_record?
|
|
214
224
|
end
|
|
215
225
|
|
|
216
|
-
# Is the domain's first response an A record to a valid GitHub Pages IP?
|
|
226
|
+
# Is the domain's first response an A or AAAA record to a valid GitHub Pages IP?
|
|
217
227
|
def pointed_to_github_pages_ip?
|
|
218
|
-
|
|
228
|
+
return false unless address_record?
|
|
229
|
+
|
|
230
|
+
CURRENT_IP_ADDRESSES_ALL.include?(dns.first.address.to_s.downcase)
|
|
219
231
|
end
|
|
220
232
|
|
|
221
|
-
# Are any of the domain's A records pointing elsewhere?
|
|
233
|
+
# Are any of the domain's A or AAAA records pointing elsewhere?
|
|
222
234
|
def non_github_pages_ip_present?
|
|
223
235
|
return unless dns?
|
|
224
236
|
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
false
|
|
237
|
+
dns
|
|
238
|
+
.select { |a| Dnsruby::Types::A == a.type || Dnsruby::Types::AAAA == a.type }
|
|
239
|
+
.any? { |a| !github_pages_ip?(a.address.to_s) }
|
|
230
240
|
end
|
|
231
241
|
|
|
232
242
|
# Is the domain's first response a CNAME to a pages domain?
|
|
@@ -345,9 +355,18 @@ module GitHubPages
|
|
|
345
355
|
|
|
346
356
|
# Is this domain's first response an A record?
|
|
347
357
|
def a_record?
|
|
358
|
+
return @is_a_record if defined?(@is_a_record)
|
|
348
359
|
return unless dns?
|
|
349
360
|
|
|
350
|
-
|
|
361
|
+
@is_a_record = Dnsruby::Types::A == dns.first.type
|
|
362
|
+
end
|
|
363
|
+
|
|
364
|
+
# Is this domain's first response an AAAA record?
|
|
365
|
+
def aaaa_record?
|
|
366
|
+
return @is_aaaa_record if defined?(@is_aaaa_record)
|
|
367
|
+
return unless dns?
|
|
368
|
+
|
|
369
|
+
@is_aaaa_record = Dnsruby::Types::AAAA == dns.first.type
|
|
351
370
|
end
|
|
352
371
|
|
|
353
372
|
def aaaa_record_present?
|
|
@@ -423,8 +442,6 @@ module GitHubPages
|
|
|
423
442
|
def https_eligible?
|
|
424
443
|
# Can't have any IP's which aren't GitHub's present.
|
|
425
444
|
return false if non_github_pages_ip_present?
|
|
426
|
-
# Can't have any AAAA records present
|
|
427
|
-
return false if aaaa_record_present?
|
|
428
445
|
# Must be a CNAME or point to our IPs.
|
|
429
446
|
|
|
430
447
|
# Only check the one domain if a CNAME. Don't check the parent domain.
|
|
@@ -443,6 +460,10 @@ module GitHubPages
|
|
|
443
460
|
|
|
444
461
|
private
|
|
445
462
|
|
|
463
|
+
def address_record?
|
|
464
|
+
a_record? || aaaa_record?
|
|
465
|
+
end
|
|
466
|
+
|
|
446
467
|
def caa
|
|
447
468
|
@caa ||= GitHubPages::HealthCheck::CAA.new(
|
|
448
469
|
:host => cname&.host || host,
|
|
@@ -517,10 +538,12 @@ module GitHubPages
|
|
|
517
538
|
def cdn_ip?(cdn)
|
|
518
539
|
return unless dns?
|
|
519
540
|
|
|
520
|
-
|
|
521
|
-
|
|
541
|
+
address_records = dns.select do |answer|
|
|
542
|
+
Dnsruby::Types::A == answer.type || Dnsruby::Types::AAAA == answer.type
|
|
543
|
+
end
|
|
544
|
+
return false if !address_records || address_records.empty?
|
|
522
545
|
|
|
523
|
-
|
|
546
|
+
address_records.all? do |answer|
|
|
524
547
|
cdn.controls_ip?(answer.address)
|
|
525
548
|
end
|
|
526
549
|
end
|
|
@@ -530,7 +553,7 @@ module GitHubPages
|
|
|
530
553
|
end
|
|
531
554
|
|
|
532
555
|
def github_pages_ip?(ip_addr)
|
|
533
|
-
|
|
556
|
+
CURRENT_IP_ADDRESSES_ALL.include?(ip_addr&.to_s&.downcase)
|
|
534
557
|
end
|
|
535
558
|
end
|
|
536
559
|
end
|
data/script/check
CHANGED
data/script/update-cdn-ips
CHANGED
|
@@ -8,15 +8,43 @@ require "open-uri"
|
|
|
8
8
|
require "json"
|
|
9
9
|
|
|
10
10
|
SOURCES = {
|
|
11
|
-
:cloudflare => "https://www.cloudflare.com/ips-v4",
|
|
12
|
-
:fastly => "https://api.fastly.com/public-ip-list"
|
|
11
|
+
:cloudflare => ["https://www.cloudflare.com/ips-v4", "https://www.cloudflare.com/ips-v6"],
|
|
12
|
+
:fastly => ["https://api.fastly.com/public-ip-list"]
|
|
13
13
|
}.freeze
|
|
14
14
|
|
|
15
|
-
|
|
15
|
+
def parse_fastly(data)
|
|
16
|
+
json_data = JSON.parse(data)
|
|
17
|
+
(json_data["addresses"] + json_data["ipv6_addresses"]).join("\n")
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def parse_cloudflare(data)
|
|
21
|
+
data
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def fetch_ips_from_cdn(urls)
|
|
25
|
+
urls.map do |url|
|
|
26
|
+
puts "Fetching #{url}..."
|
|
27
|
+
URI.parse(url).open.read
|
|
28
|
+
end.join("\n")
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
def update_cdn_file(source, data)
|
|
16
32
|
file = "config/#{source}-ips.txt"
|
|
17
|
-
puts "Fetching #{url}..."
|
|
18
|
-
data = open(url).read
|
|
19
|
-
data = JSON.parse(data)["addresses"].join("\n") if source == :fastly
|
|
20
33
|
File.write(file, data)
|
|
34
|
+
puts "Writing contents to #{file} and staging changes."
|
|
21
35
|
`git add --verbose #{file}`
|
|
22
36
|
end
|
|
37
|
+
|
|
38
|
+
def parse_cdn_response(source, ips)
|
|
39
|
+
send("parse_#{source}", ips)
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def update_cdn_ips(source, urls)
|
|
43
|
+
ips = fetch_ips_from_cdn(urls)
|
|
44
|
+
data = parse_cdn_response(source, ips)
|
|
45
|
+
update_cdn_file(source, data)
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
SOURCES.each do |source, urls|
|
|
49
|
+
update_cdn_ips(source, urls)
|
|
50
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: github-pages-health-check
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.17.
|
|
4
|
+
version: 1.17.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- GitHub, Inc.
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-09-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: addressable
|
|
@@ -99,7 +99,6 @@ files:
|
|
|
99
99
|
- ".rspec"
|
|
100
100
|
- ".rubocop.yml"
|
|
101
101
|
- ".ruby-version"
|
|
102
|
-
- ".travis.yml"
|
|
103
102
|
- Dockerfile
|
|
104
103
|
- Gemfile
|
|
105
104
|
- LICENSE.md
|
|
@@ -161,7 +160,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
161
160
|
- !ruby/object:Gem::Version
|
|
162
161
|
version: '0'
|
|
163
162
|
requirements: []
|
|
164
|
-
rubygems_version: 3.
|
|
163
|
+
rubygems_version: 3.2.9
|
|
165
164
|
signing_key:
|
|
166
165
|
specification_version: 4
|
|
167
166
|
summary: Checks your GitHub Pages site for commons DNS configuration issues
|