release-it 18.0.0-next.3 → 18.0.0

package/test/gitlab.js

@@ -2,13 +2,17 @@ import fs from 'node:fs';
 import test from 'ava';
 import sinon from 'sinon';
 import nock from 'nock';
+import { Agent } from 'undici';
+import Git from '../lib/plugin/git/Git.js';
 import GitLab from '../lib/plugin/gitlab/GitLab.js';
+import { GitlabTestServer } from './util/https-server/server.js';
 import { factory, runTasks } from './util/index.js';
 import {
   interceptUser,
   interceptCollaborator,
   interceptPublish,
   interceptAsset,
+  interceptAssetGeneric,
   interceptMilestones
 } from './stub/gitlab.js';
 
@@ -63,6 +67,9 @@ test.serial('should upload assets and release', async t => {
   const gitlab = factory(GitLab, { options });
   sinon.stub(gitlab, 'getLatestVersion').resolves('2.0.0');
 
+  const git = factory(Git);
+  const ref = (await git.getBranchName()) ?? 'HEAD';
+
   interceptUser();
   interceptCollaborator();
   interceptMilestones({
@@ -89,7 +96,9 @@ test.serial('should upload assets and release', async t => {
   interceptPublish({
     body: {
       name: 'Release 2.0.1',
+      ref,
       tag_name: '2.0.1',
+      tag_message: 'Release 2.0.1',
       description: 'Custom notes',
       assets: {
         links: [
@@ -108,7 +117,58 @@ test.serial('should upload assets and release', async t => {
   t.is(gitlab.assets[0].url, `${pushRepo}/uploads/7e8bec1fe27cc46a4bc6a91b9e82a07c/file-v2.0.1.txt`);
   const { isReleased, releaseUrl } = gitlab.getContext();
   t.true(isReleased);
-  t.is(releaseUrl, `${pushRepo}/-/releases`);
+  t.is(releaseUrl, `${pushRepo}/-/releases/2.0.1`);
+});
+
+test.serial('should upload assets with ID-based URLs too', async t => {
+  const host = 'https://gitlab.com';
+  const pushRepo = `${host}/user/repo`;
+  const options = {
+    git: { pushRepo },
+    gitlab: {
+      tokenRef,
+      release: true,
+      assets: 'test/resources/file-v${version}.txt',
+      useIdsForUrls: true
+    }
+  };
+  const gitlab = factory(GitLab, { options });
+  sinon.stub(gitlab, 'getLatestVersion').resolves('2.0.0');
+
+  interceptUser();
+  interceptCollaborator();
+  interceptAsset();
+  interceptPublish();
+
+  await runTasks(gitlab);
+
+  t.is(gitlab.assets[0].url, `${host}/-/project/1234/uploads/7e8bec1fe27cc46a4bc6a91b9e82a07c/file-v2.0.1.txt`);
+});
+
+test.serial('should upload assets to generic repo', async t => {
+  const host = 'https://gitlab.com';
+  const pushRepo = `${host}/user/repo`;
+  const options = {
+    git: { pushRepo },
+    gitlab: {
+      tokenRef,
+      release: true,
+      assets: 'test/resources/file-v${version}.txt',
+      useGenericPackageRepositoryForAssets: true,
+      genericPackageRepositoryName: 'release-it'
+    }
+  };
+  const gitlab = factory(GitLab, { options });
+  sinon.stub(gitlab, 'getLatestVersion').resolves('2.0.0');
+
+  interceptUser();
+  interceptCollaborator();
+  interceptAssetGeneric();
+  interceptPublish();
+
+  await runTasks(gitlab);
+
+  t.is(gitlab.assets[0].url, `${host}/api/v4/projects/user%2Frepo/packages/generic/release-it/2.0.1/file-v2.0.1.txt`);
 });
 
 test.serial('should throw when release milestone is missing', async t => {
@@ -180,7 +240,7 @@ test.serial('should release to sub-grouped repo', async t => {
 
   const { isReleased, releaseUrl } = gitlab.getContext();
   t.true(isReleased);
-  t.is(releaseUrl, 'https://gitlab.com/group/sub-group/repo/-/releases');
+  t.regex(releaseUrl, /https:\/\/gitlab.com\/group\/sub-group\/repo\/-\/releases\//);
 });
 
 test.serial('should throw for unauthenticated user', async t => {
@@ -234,7 +294,7 @@ test('should not make requests in dry run', async t => {
   t.is(gitlab.log.exec.args[2][0], 'gitlab releases#uploadAssets');
   t.is(gitlab.log.exec.args[3][0], 'gitlab releases#createRelease "R" (1.0.1)');
   t.true(isReleased);
-  t.is(releaseUrl, `${pushRepo}/-/releases`);
+  t.is(releaseUrl, `${pushRepo}/-/releases/1.0.1`);
 });
 
 test('should skip checks', async t => {
@@ -247,49 +307,111 @@ test('should skip checks', async t => {
   t.is(gitlab.log.exec.args.filter(entry => /checkReleaseMilestones/.test(entry[0])).length, 0);
 });
 
-test('should handle certificate authority options', t => {
+test.serial('should not create fetch agent', t => {
+  const options = { gitlab: {} };
+  const gitlab = factory(GitLab, { options });
+
+  t.deepEqual(gitlab.certificateAuthorityOption, {});
+});
+
+test.serial('should create fetch agent if secure == false', t => {
+  const options = { gitlab: { secure: false } };
+  const gitlab = factory(GitLab, { options });
+  const { dispatcher } = gitlab.certificateAuthorityOption;
+
+  t.true(dispatcher instanceof Agent, "Fetch dispatcher should be an instance of undici's Agent class");
+
+  const kOptions = Object.getOwnPropertySymbols(dispatcher).find(symbol => symbol.description === 'options');
+  t.deepEqual(dispatcher[kOptions].connect, { rejectUnauthorized: false, ca: undefined });
+});
+
+test.serial('should create fetch agent if certificateAuthorityFile', t => {
   const sandbox = sinon.createSandbox();
   sandbox.stub(fs, 'readFileSync').returns('test certificate');
 
-  {
-    const options = { gitlab: {} };
-    const gitlab = factory(GitLab, { options });
-    t.deepEqual(gitlab.certificateAuthorityOption, {});
-  }
-
-  {
-    const options = { gitlab: { certificateAuthorityFile: 'cert.crt' } };
-    const gitlab = factory(GitLab, { options });
-    t.deepEqual(gitlab.certificateAuthorityOption, { https: { certificateAuthority: 'test certificate' } });
-  }
-
-  {
-    const options = { gitlab: { secure: false } };
-    const gitlab = factory(GitLab, { options });
-    t.deepEqual(gitlab.certificateAuthorityOption, { https: { rejectUnauthorized: false } });
-  }
-
-  {
-    const options = { gitlab: { secure: true } };
-    const gitlab = factory(GitLab, { options });
-    t.deepEqual(gitlab.certificateAuthorityOption, { https: { rejectUnauthorized: true } });
-  }
-
-  {
-    const options = { gitlab: { certificateAuthorityFile: 'cert.crt', secure: true } };
-    const gitlab = factory(GitLab, { options });
-    t.deepEqual(gitlab.certificateAuthorityOption, {
-      https: { certificateAuthority: 'test certificate', rejectUnauthorized: true }
-    });
-  }
-
-  {
-    const options = { gitlab: { certificateAuthorityFile: 'cert.crt', secure: false } };
-    const gitlab = factory(GitLab, { options });
-    t.deepEqual(gitlab.certificateAuthorityOption, {
-      https: { certificateAuthority: 'test certificate', rejectUnauthorized: false }
-    });
-  }
+  const options = { gitlab: { certificateAuthorityFile: 'cert.crt' } };
+  const gitlab = factory(GitLab, { options });
+  const { dispatcher } = gitlab.certificateAuthorityOption;
+
+  t.true(dispatcher instanceof Agent, "Fetch dispatcher should be an instance of undici's Agent class");
+
+  const kOptions = Object.getOwnPropertySymbols(dispatcher).find(symbol => symbol.description === 'options');
+  t.deepEqual(dispatcher[kOptions].connect, { rejectUnauthorized: undefined, ca: 'test certificate' });
 
   sandbox.restore();
 });
+
+test.serial('should throw for insecure connections to self-hosted instances', async t => {
+  const host = 'https://localhost:3000';
+
+  const options = {
+    git: { pushRepo: `${host}/user/repo` },
+    gitlab: { host, tokenRef, origin: host }
+  };
+  const gitlab = factory(GitLab, { options });
+  const server = new GitlabTestServer();
+
+  t.teardown(async () => {
+    nock.disableNetConnect();
+    await server.stop();
+  });
+
+  await server.run();
+  nock.enableNetConnect();
+
+  await t.throwsAsync(gitlab.init(), {
+    message: /^Could not authenticate with GitLab using environment variable "GITLAB_TOKEN"/
+  });
+});
+
+test.serial('should succesfully connect to self-hosted instance if insecure connection allowed', async t => {
+  const host = 'https://localhost:3000';
+
+  const options = {
+    git: { pushRepo: `${host}/user/repo` },
+    gitlab: {
+      host,
+      tokenRef,
+      origin: host,
+      secure: false
+    }
+  };
+  const gitlab = factory(GitLab, { options });
+  const server = new GitlabTestServer();
+
+  t.teardown(async () => {
+    nock.disableNetConnect();
+    await server.stop();
+  });
+
+  await server.run();
+  nock.enableNetConnect();
+
+  await t.notThrowsAsync(gitlab.init());
+});
+
+test.serial('should succesfully connect to self-hosted instance with valid CA file', async t => {
+  const host = 'https://localhost:3000';
+
+  const options = {
+    git: { pushRepo: `${host}/user/repo` },
+    gitlab: {
+      host,
+      tokenRef,
+      origin: host,
+      certificateAuthorityFile: 'test/util/https-server/client/my-private-root-ca.cert.pem'
+    }
+  };
+  const gitlab = factory(GitLab, { options });
+  const server = new GitlabTestServer();
+
+  t.teardown(async () => {
+    nock.disableNetConnect();
+    await server.stop();
+  });
+
+  await server.run();
+  nock.enableNetConnect();
+
+  await t.notThrowsAsync(gitlab.init());
+});

package/test/stub/github.js

@@ -44,7 +44,16 @@ const interceptCreate = ({
   host = 'github.com',
   owner = 'user',
   project = 'repo',
-  body: { tag_name, name = '', generate_release_notes = false, body = null, prerelease = false, draft = false }
+  body: {
+    tag_name,
+    name = '',
+    body = null,
+    prerelease = false,
+    draft = false,
+    generate_release_notes = false,
+    make_latest = 'true',
+    discussion_category_name = undefined
+  }
 } = {}) => {
   nock(api)
     .post(`/repos/${owner}/${project}/releases`, {
@@ -54,7 +63,8 @@ const interceptCreate = ({
       prerelease,
       draft,
       generate_release_notes,
-      make_latest: 'true'
+      make_latest,
+      discussion_category_name
     })
     .reply(() => {
       const id = 1;
@@ -67,7 +77,8 @@ const interceptCreate = ({
         draft,
         generate_release_notes,
         upload_url: `https://uploads.${host}/repos/${owner}/${project}/releases/${id}/assets{?name,label}`,
-        html_url: `https://${host}/${owner}/${project}/releases/tag/${tag_name}`
+        html_url: `https://${host}/${owner}/${project}/releases/tag/${tag_name}`,
+        discussion_url: discussion_category_name ? `https://${host}/${owner}/${project}/discussions/${id}` : undefined
       };
       return [200, responseBody, { location: `${api}/repos/${owner}/${project}/releases/${id}` }];
     });
@@ -78,7 +89,16 @@ const interceptUpdate = ({
   api = 'https://api.github.com',
   owner = 'user',
   project = 'repo',
-  body: { tag_name, name = '', body = null, prerelease = false, draft = false, generate_release_notes = false }
+  body: {
+    tag_name,
+    name = '',
+    body = null,
+    prerelease = false,
+    draft = false,
+    generate_release_notes = false,
+    make_latest = 'true',
+    discussion_category_name = undefined
+  }
 } = {}) => {
   nock(api)
     .patch(`/repos/${owner}/${project}/releases/1`, {
@@ -88,7 +108,8 @@ const interceptUpdate = ({
       draft,
       prerelease,
       generate_release_notes,
-      make_latest: 'true'
+      make_latest,
+      discussion_category_name
     })
     .reply(200, {
       id: 1,

package/test/stub/gitlab.js

@@ -12,7 +12,13 @@ export let interceptCollaborator = (
     .reply(200, { id: userId, username: owner, access_level: 30 });
 
 export let interceptPublish = ({ host = 'https://gitlab.com', owner = 'user', project = 'repo', body } = {}, options) =>
-  nock(host, options).post(`/api/v4/projects/${owner}%2F${project}/releases`, body).reply(200, {});
+  nock(host, options)
+    .post(`/api/v4/projects/${owner}%2F${project}/releases`, body)
+    .reply(200, {
+      _links: {
+        self: `https://gitlab.com/${owner}/${project}/-/releases/${body?.tag_name ?? '1.0.0'}`
+      }
+    });
 
 export let interceptMilestones = (
   { host = 'https://gitlab.com', owner = 'user', project = 'repo', query = {}, milestones = [] } = {},
@@ -34,11 +40,24 @@ export let interceptAsset = ({ host = 'https://gitlab.com', owner = 'user', proj
   nock(host)
     .post(`/api/v4/projects/${owner}%2F${project}/uploads`)
     .query(true)
-    .reply(200, function (_, requestBody) {
+    .reply(200, (_, requestBody) => {
       const [, name] = requestBody.match(/filename="([^"]+)/);
       return {
         alt: name,
         url: `/uploads/7e8bec1fe27cc46a4bc6a91b9e82a07c/${name}`,
-        markdown: `[${name}](/uploads/7e8bec1fe27cc46a4bc6a91b9e82a07c/${name})`
+        full_path: `/-/project/1234/uploads/7e8bec1fe27cc46a4bc6a91b9e82a07c/${name}`,
+        markdown: `[${name}](/uploads/7e8bec1fe27cc46a4bc6a91b9e82a07c/${name})`,
+        _links: {
+          self: `https://gitlab.com/${owner}/${project}/-/releases/${name}`
+        }
+      };
+    });
+
+export let interceptAssetGeneric = ({ host = 'https://gitlab.com', owner = 'user', project = 'repo' } = {}) =>
+  nock(host)
+    .put(`/api/v4/projects/${owner}%2F${project}/packages/generic/release-it/2.0.1/file-v2.0.1.txt`)
+    .reply(200, () => {
+      return {
+        message: '201 Created'
       };
     });

package/test/tasks.interactive.js

@@ -8,10 +8,12 @@ import Spinner from '../lib/spinner.js';
 import Prompt from '../lib/prompt.js';
 import Config from '../lib/config.js';
 import runTasks from '../lib/index.js';
+import Git from '../lib/plugin/git/Git.js';
 import { mkTmpDir, gitAdd } from './util/helpers.js';
 import ShellStub from './stub/shell.js';
 import { interceptPublish as interceptGitLabPublish } from './stub/gitlab.js';
 import { interceptCreate as interceptGitHubCreate } from './stub/github.js';
+import { factory } from './util/index.js';
 
 const noop = Promise.resolve();
 
@@ -160,6 +162,9 @@ test.serial('should run "after:*:release" plugin hooks', async t => {
   sh.exec('git tag 1.0.0');
   const sha = gitAdd('line', 'file', 'More file');
 
+  const git = factory(Git);
+  const ref = (await git.getBranchName()) ?? 'HEAD';
+
   interceptGitHubCreate({
     owner,
     project,
@@ -171,7 +176,9 @@ test.serial('should run "after:*:release" plugin hooks', async t => {
     project,
     body: {
       name: 'Release 1.1.0',
+      ref,
       tag_name: '1.1.0',
+      tag_message: 'Release 1.1.0',
       description: `* More file (${sha})`
     }
   });

package/test/tasks.js

@@ -8,6 +8,7 @@ import Log from '../lib/log.js';
 import Spinner from '../lib/spinner.js';
 import Config from '../lib/config.js';
 import runTasks from '../lib/index.js';
+import Git from '../lib/plugin/git/Git.js';
 import { mkTmpDir, gitAdd, getArgs } from './util/helpers.js';
 import ShellStub from './stub/shell.js';
 import {
@@ -22,6 +23,7 @@ import {
   interceptCreate as interceptGitHubCreate,
   interceptAsset as interceptGitHubAsset
 } from './stub/github.js';
+import { factory } from './util/index.js';
 
 const rootDir = new URL('..', import.meta.url);
 
@@ -247,6 +249,8 @@ test.serial('should release all the things (pre-release, github, gitlab)', async
   sh.exec('git tag v1.0.0');
   const sha = gitAdd('line', 'file', 'More file');
   sh.exec('git push --follow-tags');
+  const git = factory(Git);
+  const ref = (await git.getBranchName()) ?? 'HEAD';
 
   interceptGitHubAuthentication();
   interceptGitHubCollaborator({ owner, project });
@@ -270,7 +274,9 @@ test.serial('should release all the things (pre-release, github, gitlab)', async
     project,
     body: {
       name: 'Release 1.1.0-alpha.0',
+      ref,
       tag_name: 'v1.1.0-alpha.0',
+      tag_message: `${owner} ${owner}/${project} ${project}`,
       description: `Notes for ${pkgName}: ${sha}`,
       assets: {
         links: [
@@ -333,7 +339,7 @@ test.serial('should release all the things (pre-release, github, gitlab)', async
   t.true(log.obtrusive.firstCall.args[0].endsWith(`release ${pkgName} (1.0.0...1.1.0-alpha.0)`));
   t.true(log.log.firstCall.args[0].endsWith(`https://www.npmjs.com/package/${pkgName}`));
   t.true(log.log.secondCall.args[0].endsWith(`https://github.com/${owner}/${project}/releases/tag/v1.1.0-alpha.0`));
-  t.true(log.log.thirdCall.args[0].endsWith(`${project}/-/releases`));
+  t.true(log.log.thirdCall.args[0].endsWith(`${project}/-/releases/v1.1.0-alpha.0`));
   t.regex(log.log.lastCall.args[0], /Done \(in [0-9]+s\.\)/);
 
   exec.restore();

package/test/util/https-server/client/my-private-root-ca.cert.pem

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDrzCCApegAwIBAgIUUAyKcu86WuJQd1fdlHsXkCl1mYMwDQYJKoZIhvcNAQEL
+BQAwZzELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFV0YWgxDjAMBgNVBAcMBVByb3Zv
+MSMwIQYDVQQKDBpBQ01FIFNpZ25pbmcgQXV0aG9yaXR5IEluYzEUMBIGA1UEAwwL
+ZXhhbXBsZS5jb20wHhcNMjQxMjExMTMxMzIyWhcNMjcxMDAxMTMxMzIyWjBnMQsw
+CQYDVQQGEwJVUzENMAsGA1UECAwEVXRhaDEOMAwGA1UEBwwFUHJvdm8xIzAhBgNV
+BAoMGkFDTUUgU2lnbmluZyBBdXRob3JpdHkgSW5jMRQwEgYDVQQDDAtleGFtcGxl
+LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKlp3Kz278oyTDY4
++1iNv1xMzWCJBWf7YxyYkXACVvZzUqgwxotNwAE/kE131HgpBJnu7HsDdS8nLy80
+mDkFCGmqEuVZMDaMGtcz3HJSklESjxYM1VNgifz2IlNmoaidNehFkCi1rz6cLMR0
+rEZpi98EbVZGl3n0vDD0eEZF5QQn/eDwclt/aKVBVLcQxo6MHhQdaK85a1uNyUU3
+HPUYiyPGVn9oX9PGcOpYFomJoBdg3sUVk32xKCUf15+uqVchdtyGFW/bp5KSBCnB
+QD0TzN+SgBHnVTzIfoi8WY56uuwnYauvT4fRh8SfkV91BzHBtWSbulNTfTUzgWhs
+VvCGw7ECAwEAAaNTMFEwHQYDVR0OBBYEFC4qTshaPoBie1ukhhM0KBi95NzJMB8G
+A1UdIwQYMBaAFC4qTshaPoBie1ukhhM0KBi95NzJMA8GA1UdEwEB/wQFMAMBAf8w
+DQYJKoZIhvcNAQELBQADggEBAB+fRdUHgqwpTWRfF+jQB4Af75HTfp6hgemUjapI
+eZn/OugS75/jfJt9npVsHl/aa63GL/W6kQShoMVOhrYqW52J1TSsLKZR2L7sv0ji
+KYfakv+aLkRKewPoVadsCL8GUmaCByE9mwlhmmZprkjDmA3hWsjEM5lyg7qleJ0k
+V32FVysdhLLnftt2SJB7lyoTujhkNAjJhLT/0Qr8t59v0sViPtL8532jSXqE1GK+
+zncsJDK7v2VEuurz1lPTRY6tPQOJ1Qt8vUzDH/ugcc5JPBEuHhjjrd5K65lxnGNw
+lnPHIS7FJm1OMkuatQXomNuuoWDPyM7fuVyGUUpmlkbpJsg=
+-----END CERTIFICATE-----

package/test/util/https-server/gen-cert.sh

@@ -0,0 +1,65 @@
+#!/bin/bash
+
+# Generate client and server self-signed HTTPS certificates
+# Adapted from:
+# https://stackoverflow.com/questions/19665863/how-do-i-use-a-self-signed-certificate-for-a-https-node-js-server/24749608#24749608
+
+FQDN=$1
+
+if [ -z "$FQDN" ]; then
+  echo -e "\nError: Missing required parameter for domain name.\n"
+  echo -e "Usage:\n\t./gen-cert.sh <DOMAIN_NAME>\n"
+  exit 1
+fi;
+
+# make directories to work from
+mkdir -p server/ client/ all/
+
+# Create your very own Root Certificate Authority
+openssl genrsa \
+  -out all/my-private-root-ca.privkey.pem \
+  2048
+
+# Self-sign your Root Certificate Authority
+# Since this is private, the details can be as bogus as you like
+openssl req \
+  -x509 \
+  -new \
+  -nodes \
+  -key all/my-private-root-ca.privkey.pem \
+  -days 1024 \
+  -out all/my-private-root-ca.cert.pem \
+  -subj "/C=US/ST=Utah/L=Provo/O=ACME Signing Authority Inc/CN=example.com"
+
+# Create a Device Certificate for each domain,
+# such as example.com, *.example.com, awesome.example.com
+# NOTE: You MUST match CN to the domain name or ip address you want to use
+openssl genrsa \
+  -out all/privkey.pem \
+  2048
+
+# Create a request from your Device, which your Root CA will sign
+openssl req -new \
+  -key all/privkey.pem \
+  -out all/csr.pem \
+  -subj "/C=US/ST=Utah/L=Provo/O=ACME Tech Inc/CN=${FQDN}"
+
+# Sign the request from Device with your Root CA
+openssl x509 \
+  -req -in all/csr.pem \
+  -CA all/my-private-root-ca.cert.pem \
+  -CAkey all/my-private-root-ca.privkey.pem \
+  -CAcreateserial \
+  -out all/cert.pem \
+  -days 500
+
+# Put things in their proper place
+rsync -a all/{privkey,cert}.pem server/
+cat all/cert.pem > server/fullchain.pem         # we have no intermediates in this case
+rsync -a all/my-private-root-ca.cert.pem server/
+rsync -a all/my-private-root-ca.cert.pem client/
+
+# create DER format crt for iOS Mobile Safari, etc
+openssl x509 -outform der -in all/my-private-root-ca.cert.pem -out client/my-private-root-ca.crt
+
+rm -r all

package/test/util/https-server/server/cert.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRjCCAi4CFGCNNJXfcHchSO1xHnWt5wcENGznMA0GCSqGSIb3DQEBCwUAMGcx
+CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARVdGFoMQ4wDAYDVQQHDAVQcm92bzEjMCEG
+A1UECgwaQUNNRSBTaWduaW5nIEF1dGhvcml0eSBJbmMxFDASBgNVBAMMC2V4YW1w
+bGUuY29tMB4XDTI0MTIxMTEzMTMyMloXDTI2MDQyNTEzMTMyMlowWDELMAkGA1UE
+BhMCVVMxDTALBgNVBAgMBFV0YWgxDjAMBgNVBAcMBVByb3ZvMRYwFAYDVQQKDA1B
+Q01FIFRlY2ggSW5jMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC1+BYy7XcJoIAHqPcU7f74Dp/6N6f/hjLTADMIT1OO
+49W3Rrc6xbJjeLsiTD0Rj9Z/9CSI7Vh/AOLoW7OGMOZkJZNRw8L9lc14ZDB1FAcJ
+ITn8c9d0d0YltbxUOq509wEP6GSxYCqYZlvAjeyYADRW5PnP82n6MRMW9Ve5y50s
+ijeaVk120je5zKvQTd0IR9rXf8K3M8CmnlEVuuf4+uXvg0gUsGvSSkBxPVGeUQHM
+/zRxj/I8WYCewb9Qs2TSJjgnFsfUCF6C3xs/T8p4vJ8PxeLs6GNcQhhtNH0q7Wxa
+IV4cdrXkxPi6YS8ph1WErqNR2pdsCA5bUNTCT32vPjr/AgMBAAEwDQYJKoZIhvcN
+AQELBQADggEBACu1hC1yvFKF6nEjz4mdTmVIyqktfkQX4+5edpSCLM0UhOmQ9Tm3
+3NnQ06YhPnAkiXLiyKxoCGqulgh1B1+3Ii0/ttDq4D4HIEVMwT5Hmko3vppUkJD7
+aIacmTKxGFrtF+p1hIDXmAAYFUB2bWDgVvba2z70DkbffJBOwe/+2+hOgFXI5x3+
+IJuF0bYKRlFG0yvVX+ooWAaKmCSR4reCsjWNuP7KBBJv15GZLKfHPjDUuxW3u43/
+ZmyBM+1Fs91jt0v5w1dIDF0z1pxwbaRJ3w1M1kEU8i6/q+1YaahYvdeaa0jsdSsy
+kpz3YhZtb324TKmjfUFMzYvfcoR8IYDkekQ=
+-----END CERTIFICATE-----

package/test/util/https-server/server/fullchain.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRjCCAi4CFGCNNJXfcHchSO1xHnWt5wcENGznMA0GCSqGSIb3DQEBCwUAMGcx
+CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARVdGFoMQ4wDAYDVQQHDAVQcm92bzEjMCEG
+A1UECgwaQUNNRSBTaWduaW5nIEF1dGhvcml0eSBJbmMxFDASBgNVBAMMC2V4YW1w
+bGUuY29tMB4XDTI0MTIxMTEzMTMyMloXDTI2MDQyNTEzMTMyMlowWDELMAkGA1UE
+BhMCVVMxDTALBgNVBAgMBFV0YWgxDjAMBgNVBAcMBVByb3ZvMRYwFAYDVQQKDA1B
+Q01FIFRlY2ggSW5jMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC1+BYy7XcJoIAHqPcU7f74Dp/6N6f/hjLTADMIT1OO
+49W3Rrc6xbJjeLsiTD0Rj9Z/9CSI7Vh/AOLoW7OGMOZkJZNRw8L9lc14ZDB1FAcJ
+ITn8c9d0d0YltbxUOq509wEP6GSxYCqYZlvAjeyYADRW5PnP82n6MRMW9Ve5y50s
+ijeaVk120je5zKvQTd0IR9rXf8K3M8CmnlEVuuf4+uXvg0gUsGvSSkBxPVGeUQHM
+/zRxj/I8WYCewb9Qs2TSJjgnFsfUCF6C3xs/T8p4vJ8PxeLs6GNcQhhtNH0q7Wxa
+IV4cdrXkxPi6YS8ph1WErqNR2pdsCA5bUNTCT32vPjr/AgMBAAEwDQYJKoZIhvcN
+AQELBQADggEBACu1hC1yvFKF6nEjz4mdTmVIyqktfkQX4+5edpSCLM0UhOmQ9Tm3
+3NnQ06YhPnAkiXLiyKxoCGqulgh1B1+3Ii0/ttDq4D4HIEVMwT5Hmko3vppUkJD7
+aIacmTKxGFrtF+p1hIDXmAAYFUB2bWDgVvba2z70DkbffJBOwe/+2+hOgFXI5x3+
+IJuF0bYKRlFG0yvVX+ooWAaKmCSR4reCsjWNuP7KBBJv15GZLKfHPjDUuxW3u43/
+ZmyBM+1Fs91jt0v5w1dIDF0z1pxwbaRJ3w1M1kEU8i6/q+1YaahYvdeaa0jsdSsy
+kpz3YhZtb324TKmjfUFMzYvfcoR8IYDkekQ=
+-----END CERTIFICATE-----

package/test/util/https-server/server/my-private-root-ca.cert.pem

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDrzCCApegAwIBAgIUUAyKcu86WuJQd1fdlHsXkCl1mYMwDQYJKoZIhvcNAQEL
+BQAwZzELMAkGA1UEBhMCVVMxDTALBgNVBAgMBFV0YWgxDjAMBgNVBAcMBVByb3Zv
+MSMwIQYDVQQKDBpBQ01FIFNpZ25pbmcgQXV0aG9yaXR5IEluYzEUMBIGA1UEAwwL
+ZXhhbXBsZS5jb20wHhcNMjQxMjExMTMxMzIyWhcNMjcxMDAxMTMxMzIyWjBnMQsw
+CQYDVQQGEwJVUzENMAsGA1UECAwEVXRhaDEOMAwGA1UEBwwFUHJvdm8xIzAhBgNV
+BAoMGkFDTUUgU2lnbmluZyBBdXRob3JpdHkgSW5jMRQwEgYDVQQDDAtleGFtcGxl
+LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKlp3Kz278oyTDY4
++1iNv1xMzWCJBWf7YxyYkXACVvZzUqgwxotNwAE/kE131HgpBJnu7HsDdS8nLy80
+mDkFCGmqEuVZMDaMGtcz3HJSklESjxYM1VNgifz2IlNmoaidNehFkCi1rz6cLMR0
+rEZpi98EbVZGl3n0vDD0eEZF5QQn/eDwclt/aKVBVLcQxo6MHhQdaK85a1uNyUU3
+HPUYiyPGVn9oX9PGcOpYFomJoBdg3sUVk32xKCUf15+uqVchdtyGFW/bp5KSBCnB
+QD0TzN+SgBHnVTzIfoi8WY56uuwnYauvT4fRh8SfkV91BzHBtWSbulNTfTUzgWhs
+VvCGw7ECAwEAAaNTMFEwHQYDVR0OBBYEFC4qTshaPoBie1ukhhM0KBi95NzJMB8G
+A1UdIwQYMBaAFC4qTshaPoBie1ukhhM0KBi95NzJMA8GA1UdEwEB/wQFMAMBAf8w
+DQYJKoZIhvcNAQELBQADggEBAB+fRdUHgqwpTWRfF+jQB4Af75HTfp6hgemUjapI
+eZn/OugS75/jfJt9npVsHl/aa63GL/W6kQShoMVOhrYqW52J1TSsLKZR2L7sv0ji
+KYfakv+aLkRKewPoVadsCL8GUmaCByE9mwlhmmZprkjDmA3hWsjEM5lyg7qleJ0k
+V32FVysdhLLnftt2SJB7lyoTujhkNAjJhLT/0Qr8t59v0sViPtL8532jSXqE1GK+
+zncsJDK7v2VEuurz1lPTRY6tPQOJ1Qt8vUzDH/ugcc5JPBEuHhjjrd5K65lxnGNw
+lnPHIS7FJm1OMkuatQXomNuuoWDPyM7fuVyGUUpmlkbpJsg=
+-----END CERTIFICATE-----

package/test/util/https-server/server/privkey.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC1+BYy7XcJoIAH
+qPcU7f74Dp/6N6f/hjLTADMIT1OO49W3Rrc6xbJjeLsiTD0Rj9Z/9CSI7Vh/AOLo
+W7OGMOZkJZNRw8L9lc14ZDB1FAcJITn8c9d0d0YltbxUOq509wEP6GSxYCqYZlvA
+jeyYADRW5PnP82n6MRMW9Ve5y50sijeaVk120je5zKvQTd0IR9rXf8K3M8CmnlEV
+uuf4+uXvg0gUsGvSSkBxPVGeUQHM/zRxj/I8WYCewb9Qs2TSJjgnFsfUCF6C3xs/
+T8p4vJ8PxeLs6GNcQhhtNH0q7WxaIV4cdrXkxPi6YS8ph1WErqNR2pdsCA5bUNTC
+T32vPjr/AgMBAAECggEAHeLCZpfYmpSpIljuR5o063GfdZ1pco6MT1ozh3Rb0VZ6
+9bBgDH+Gpk6gUWg7CWTZwkcLLw/oHme7XJUe/XWPiTggo2em4TYWumSeDsR8yVOT
+LfKqmp6yPyRDa4P9vgkJPB8bVoRoSoJZJF1K08YI0pKlsrEUITqpG3as8z9NL5C1
+65QdpCwiRjLnM6b7k93Vxa8xOnj51iDXV9uqGASCYmU+uoHG8HU8RzbVI4Xi/RCr
+PszmOi6AMtWPpzH2jDPiYnv96K50O/cOm/n3obuySdH0qeGR37sx94F82iCyiowo
+Ij+iU8VYK6gu27z811ehSlk3/4ey8ArlHvVew3TkqQKBgQD+K70baVqolcGfkDQY
+zgZ+4YlmncDrdhd0anHUEC15l7uPPHFBxrQlzRVTjhHCKn1sQTj/41isUWQAvcRR
+ZzjI+YaHQvvzJCSX6c113IWeemCcuTxenW6G/5BHJxOPddFnrcAAoeHhcNvni/CZ
+WrInTIcWn7eY5MMaxa4ELUoKRwKBgQC3R1R9be3BY36wPYcPkTZFxRAn2o7/Z2Ft
+MDbrddDZt12F7cuD8YnipI7TkJLQTXmg6P7u2XexcEyAUy2J+jdgfpM0N/HXu3Su
+YeYXHJfyGUK6bTlQT+trNuEyX5K7h2IbBstvH9A4PXEZPQ2I3aPZk3WsL630cMo6
+tbTy0o3tiQKBgQCv11qxSCXsVA7scTtZnc9ooGgKkkERpVV8uNefOsH7STn9UneY
+Zfvj2wpSEAvBJNw4tLbWcVa7gGOLD75uAteKUvb7RSBBilO2tY3raHEYvtlwE8bs
+PkZlJxGN6D7kFUKWU+JtjZFUAlxgyLPfpJt0DMG4qS6/nCROtUw6n4qFqQKBgB2S
+JrGuIORI91HcO4Rpe4Y6S2cCvnu65F9HnjTTZ4UZLr/DJEj/ma21u02rT+TH+03Z
+CfjjoYpBgjZaNUjD1Fd/VKTiOeUC28qfBQ7JkEKBjOCjatHocyVzT1ZfUT9skoml
+yQD+8wt/7lWSIjLo/9zFDAFiGAEOibJ7Sty62CdxAoGBAJLwVkDCT3yylDRqm2YC
+1uYh/xGLW4F/Jj7PjGNrSYClkbxPTpd4Nfa8EyZmUUya1rsfK1njXZKbwwpa2fbE
++QVpXB18vaMW3hU7u63JDpLv2pCm91myPMQsF3xMc/S1vFAOWmXetYWax4/xiG2M
+SW4m9mBkzzF/2SpxQd9xy1Jx
+-----END PRIVATE KEY-----