bundled cacert.pem with --ssl-ca-file PATH option (#480)
* Add a bundled cacert.pem from curl's website * Using the --ssl-ca-file PATH option overrides ENV var SSL_CA_PATH * Having none of those allow you to use the default, the bundled cacert.pem * Octokit's SSL config uses this new setting * Rake task to update_ssl_ca_file * Rubocop target 2.2
This commit is contained in:
parent
4798a8a3d8
commit
26b124a67c
|
@ -1,6 +1,7 @@
|
||||||
inherit_from: .rubocop_todo.yml
|
inherit_from: .rubocop_todo.yml
|
||||||
|
|
||||||
AllCops:
|
AllCops:
|
||||||
|
TargetRubyVersion: 2.2
|
||||||
DisplayCopNames: true
|
DisplayCopNames: true
|
||||||
DisplayStyleGuide: true
|
DisplayStyleGuide: true
|
||||||
Exclude:
|
Exclude:
|
||||||
|
|
32
Rakefile
32
Rakefile
|
@ -1,4 +1,5 @@
|
||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
require "bundler"
|
require "bundler"
|
||||||
require "bundler/gem_tasks"
|
require "bundler/gem_tasks"
|
||||||
require "rubocop/rake_task"
|
require "rubocop/rake_task"
|
||||||
|
@ -10,31 +11,10 @@ require "overcommit"
|
||||||
RuboCop::RakeTask.new
|
RuboCop::RakeTask.new
|
||||||
RSpec::Core::RakeTask.new(:rspec)
|
RSpec::Core::RakeTask.new(:rspec)
|
||||||
|
|
||||||
task :copy_man_page_to_manpath do |_t|
|
desc "When releasing the gem, re-fetch latest cacert.pem from curl.haxx.se. Developer task."
|
||||||
known_manpath_paths = %w(/etc/manpath.config /etc/manpaths)
|
task :update_ssl_ca_file do
|
||||||
manpath = known_manpath_paths.find do |f|
|
`pushd lib/github_changelog_generator/ssl_certs && curl --remote-name --time-cond cacert.pem https://curl.haxx.se/ca/cacert.pem && popd`
|
||||||
path = Pathname(f)
|
|
||||||
path.file? && path.readable?
|
|
||||||
end
|
end
|
||||||
|
|
||||||
next unless manpath
|
task checks: %i[rubocop rspec]
|
||||||
|
task default: %i[rubocop rspec]
|
||||||
writable_man_path = Pathname(manpath).each_line.find do |line|
|
|
||||||
path = Pathname(line.chomp)
|
|
||||||
path.directory? && path.writable?
|
|
||||||
end
|
|
||||||
|
|
||||||
next unless writable_man_path
|
|
||||||
|
|
||||||
man_prefix = Pathname("#{writable_man_path.chomp}/man1")
|
|
||||||
man_pages = "man/git-*.1"
|
|
||||||
|
|
||||||
Pathname.glob(man_pages) do |path|
|
|
||||||
if path.exist? && man_prefix.exist? && man_prefix.writable?
|
|
||||||
FileUtils.cp(path, man_prefix + path.basename)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
task checks: [:rubocop, :rspec]
|
|
||||||
task default: [:rubocop, :rspec]
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
require "tmpdir"
|
require "tmpdir"
|
||||||
require "retriable"
|
require "retriable"
|
||||||
module GitHubChangelogGenerator
|
module GitHubChangelogGenerator
|
||||||
|
@ -42,9 +43,16 @@ module GitHubChangelogGenerator
|
||||||
@github_options[:access_token] = @github_token unless @github_token.nil?
|
@github_options[:access_token] = @github_token unless @github_token.nil?
|
||||||
@github_options[:api_endpoint] = @options[:github_endpoint] unless @options[:github_endpoint].nil?
|
@github_options[:api_endpoint] = @options[:github_endpoint] unless @options[:github_endpoint].nil?
|
||||||
|
|
||||||
|
configure_octokit_ssl
|
||||||
|
|
||||||
@client = Octokit::Client.new(@github_options)
|
@client = Octokit::Client.new(@github_options)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def configure_octokit_ssl
|
||||||
|
ca_file = @options[:ssl_ca_file] || ENV["SSL_CA_FILE"] || File.expand_path("../ssl_certs/cacert.pem", __FILE__)
|
||||||
|
Octokit.connection_options = { ssl: { ca_file: ca_file } }
|
||||||
|
end
|
||||||
|
|
||||||
def init_cache
|
def init_cache
|
||||||
middleware_opts = {
|
middleware_opts = {
|
||||||
serializer: Marshal,
|
serializer: Marshal,
|
||||||
|
|
|
@ -43,6 +43,7 @@ module GitHubChangelogGenerator
|
||||||
:release_url,
|
:release_url,
|
||||||
:simple_list,
|
:simple_list,
|
||||||
:since_tag,
|
:since_tag,
|
||||||
|
:ssl_ca_file,
|
||||||
:token,
|
:token,
|
||||||
:unreleased,
|
:unreleased,
|
||||||
:unreleased_label,
|
:unreleased_label,
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
#!/usr/bin/env ruby
|
#!/usr/bin/env ruby
|
||||||
# frozen_string_literal: true
|
# frozen_string_literal: true
|
||||||
|
|
||||||
require "optparse"
|
require "optparse"
|
||||||
require "pp"
|
require "pp"
|
||||||
require_relative "version"
|
require_relative "version"
|
||||||
|
@ -176,6 +177,9 @@ module GitHubChangelogGenerator
|
||||||
opts.on("--cache-log [CACHE-LOG]", "Filename to use for cache log. Default is github-changelog-logger.log in a temporary directory.") do |cache_log|
|
opts.on("--cache-log [CACHE-LOG]", "Filename to use for cache log. Default is github-changelog-logger.log in a temporary directory.") do |cache_log|
|
||||||
options[:cache_log] = cache_log
|
options[:cache_log] = cache_log
|
||||||
end
|
end
|
||||||
|
opts.on("--ssl-ca-file [PATH]", "Path to cacert.pem file. Default is a bundled lib/github_changelog_generator/ssl_certs/cacert.pem. Respects SSL_CA_PATH.") do |ssl_ca_file|
|
||||||
|
options[:ssl_ca_file] = ssl_ca_file
|
||||||
|
end
|
||||||
opts.on("--[no-]verbose", "Run verbosely. Default is true") do |v|
|
opts.on("--[no-]verbose", "Run verbosely. Default is true") do |v|
|
||||||
options[:verbose] = v
|
options[:verbose] = v
|
||||||
end
|
end
|
||||||
|
@ -206,12 +210,13 @@ module GitHubChangelogGenerator
|
||||||
unreleased: true,
|
unreleased: true,
|
||||||
unreleased_label: "Unreleased",
|
unreleased_label: "Unreleased",
|
||||||
compare_link: true,
|
compare_link: true,
|
||||||
enhancement_labels: %w(enhancement Enhancement),
|
enhancement_labels: %w[enhancement Enhancement],
|
||||||
bug_labels: %w(bug Bug),
|
bug_labels: %w[bug Bug],
|
||||||
exclude_labels: %w(duplicate question invalid wontfix Duplicate Question Invalid Wontfix),
|
exclude_labels: %w[duplicate question invalid wontfix Duplicate Question Invalid Wontfix],
|
||||||
issue_line_labels: [],
|
issue_line_labels: [],
|
||||||
max_issues: nil,
|
max_issues: nil,
|
||||||
simple_list: false,
|
simple_list: false,
|
||||||
|
ssl_ca_file: nil,
|
||||||
verbose: true,
|
verbose: true,
|
||||||
header: "# Change Log",
|
header: "# Change Log",
|
||||||
merge_prefix: "**Merged pull requests:**",
|
merge_prefix: "**Merged pull requests:**",
|
||||||
|
|
4043
lib/github_changelog_generator/ssl_certs/cacert.pem
Normal file
4043
lib/github_changelog_generator/ssl_certs/cacert.pem
Normal file
File diff suppressed because it is too large
Load Diff
|
@ -179,6 +179,10 @@ Automatically generate change log from your tags, issues, labels and pull reques
|
||||||
|
|
||||||
Filename to use for cache log. Default is github-changelog-logger.log in a temporary directory.
|
Filename to use for cache log. Default is github-changelog-logger.log in a temporary directory.
|
||||||
|
|
||||||
|
--ssl-ca-file [PATH]
|
||||||
|
|
||||||
|
Path to cacert.pem file. Default is a bundled lib/github_changelog_generator/ssl_certs/cacert.pem. Respects SSL_CA_PATH.
|
||||||
|
|
||||||
--[no-]verbose
|
--[no-]verbose
|
||||||
|
|
||||||
Run verbosely. Default is true
|
Run verbosely. Default is true
|
||||||
|
|
Loading…
Reference in New Issue
Block a user