bundled cacert.pem with --ssl-ca-file PATH option (#480)
* Add a bundled cacert.pem from curl's website * Using the --ssl-ca-file PATH option overrides ENV var SSL_CA_PATH * Having none of those allow you to use the default, the bundled cacert.pem * Octokit's SSL config uses this new setting * Rake task to update_ssl_ca_file * Rubocop target 2.2
This commit is contained in:
parent
4798a8a3d8
commit
26b124a67c
|
@ -1,6 +1,7 @@
|
|||
inherit_from: .rubocop_todo.yml
|
||||
|
||||
AllCops:
|
||||
TargetRubyVersion: 2.2
|
||||
DisplayCopNames: true
|
||||
DisplayStyleGuide: true
|
||||
Exclude:
|
||||
|
|
32
Rakefile
32
Rakefile
|
@ -1,4 +1,5 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require "bundler"
|
||||
require "bundler/gem_tasks"
|
||||
require "rubocop/rake_task"
|
||||
|
@ -10,31 +11,10 @@ require "overcommit"
|
|||
RuboCop::RakeTask.new
|
||||
RSpec::Core::RakeTask.new(:rspec)
|
||||
|
||||
task :copy_man_page_to_manpath do |_t|
|
||||
known_manpath_paths = %w(/etc/manpath.config /etc/manpaths)
|
||||
manpath = known_manpath_paths.find do |f|
|
||||
path = Pathname(f)
|
||||
path.file? && path.readable?
|
||||
desc "When releasing the gem, re-fetch latest cacert.pem from curl.haxx.se. Developer task."
|
||||
task :update_ssl_ca_file do
|
||||
`pushd lib/github_changelog_generator/ssl_certs && curl --remote-name --time-cond cacert.pem https://curl.haxx.se/ca/cacert.pem && popd`
|
||||
end
|
||||
|
||||
next unless manpath
|
||||
|
||||
writable_man_path = Pathname(manpath).each_line.find do |line|
|
||||
path = Pathname(line.chomp)
|
||||
path.directory? && path.writable?
|
||||
end
|
||||
|
||||
next unless writable_man_path
|
||||
|
||||
man_prefix = Pathname("#{writable_man_path.chomp}/man1")
|
||||
man_pages = "man/git-*.1"
|
||||
|
||||
Pathname.glob(man_pages) do |path|
|
||||
if path.exist? && man_prefix.exist? && man_prefix.writable?
|
||||
FileUtils.cp(path, man_prefix + path.basename)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
task checks: [:rubocop, :rspec]
|
||||
task default: [:rubocop, :rspec]
|
||||
task checks: %i[rubocop rspec]
|
||||
task default: %i[rubocop rspec]
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require "tmpdir"
|
||||
require "retriable"
|
||||
module GitHubChangelogGenerator
|
||||
|
@ -42,9 +43,16 @@ module GitHubChangelogGenerator
|
|||
@github_options[:access_token] = @github_token unless @github_token.nil?
|
||||
@github_options[:api_endpoint] = @options[:github_endpoint] unless @options[:github_endpoint].nil?
|
||||
|
||||
configure_octokit_ssl
|
||||
|
||||
@client = Octokit::Client.new(@github_options)
|
||||
end
|
||||
|
||||
def configure_octokit_ssl
|
||||
ca_file = @options[:ssl_ca_file] || ENV["SSL_CA_FILE"] || File.expand_path("../ssl_certs/cacert.pem", __FILE__)
|
||||
Octokit.connection_options = { ssl: { ca_file: ca_file } }
|
||||
end
|
||||
|
||||
def init_cache
|
||||
middleware_opts = {
|
||||
serializer: Marshal,
|
||||
|
|
|
@ -43,6 +43,7 @@ module GitHubChangelogGenerator
|
|||
:release_url,
|
||||
:simple_list,
|
||||
:since_tag,
|
||||
:ssl_ca_file,
|
||||
:token,
|
||||
:unreleased,
|
||||
:unreleased_label,
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
#!/usr/bin/env ruby
|
||||
# frozen_string_literal: true
|
||||
|
||||
require "optparse"
|
||||
require "pp"
|
||||
require_relative "version"
|
||||
|
@ -176,6 +177,9 @@ module GitHubChangelogGenerator
|
|||
opts.on("--cache-log [CACHE-LOG]", "Filename to use for cache log. Default is github-changelog-logger.log in a temporary directory.") do |cache_log|
|
||||
options[:cache_log] = cache_log
|
||||
end
|
||||
opts.on("--ssl-ca-file [PATH]", "Path to cacert.pem file. Default is a bundled lib/github_changelog_generator/ssl_certs/cacert.pem. Respects SSL_CA_PATH.") do |ssl_ca_file|
|
||||
options[:ssl_ca_file] = ssl_ca_file
|
||||
end
|
||||
opts.on("--[no-]verbose", "Run verbosely. Default is true") do |v|
|
||||
options[:verbose] = v
|
||||
end
|
||||
|
@ -206,12 +210,13 @@ module GitHubChangelogGenerator
|
|||
unreleased: true,
|
||||
unreleased_label: "Unreleased",
|
||||
compare_link: true,
|
||||
enhancement_labels: %w(enhancement Enhancement),
|
||||
bug_labels: %w(bug Bug),
|
||||
exclude_labels: %w(duplicate question invalid wontfix Duplicate Question Invalid Wontfix),
|
||||
enhancement_labels: %w[enhancement Enhancement],
|
||||
bug_labels: %w[bug Bug],
|
||||
exclude_labels: %w[duplicate question invalid wontfix Duplicate Question Invalid Wontfix],
|
||||
issue_line_labels: [],
|
||||
max_issues: nil,
|
||||
simple_list: false,
|
||||
ssl_ca_file: nil,
|
||||
verbose: true,
|
||||
header: "# Change Log",
|
||||
merge_prefix: "**Merged pull requests:**",
|
||||
|
|
4043
lib/github_changelog_generator/ssl_certs/cacert.pem
Normal file
4043
lib/github_changelog_generator/ssl_certs/cacert.pem
Normal file
File diff suppressed because it is too large
Load Diff
|
@ -179,6 +179,10 @@ Automatically generate change log from your tags, issues, labels and pull reques
|
|||
|
||||
Filename to use for cache log. Default is github-changelog-logger.log in a temporary directory.
|
||||
|
||||
--ssl-ca-file [PATH]
|
||||
|
||||
Path to cacert.pem file. Default is a bundled lib/github_changelog_generator/ssl_certs/cacert.pem. Respects SSL_CA_PATH.
|
||||
|
||||
--[no-]verbose
|
||||
|
||||
Run verbosely. Default is true
|
||||
|
|
Loading…
Reference in New Issue
Block a user