-
Notifications
You must be signed in to change notification settings - Fork 8
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add support for SPKI fingerprint generation and matching
This can be used to allow only specific certificates with TLS. Signed-off-by: Andrey Smirnov <[email protected]>
- Loading branch information
Showing
12 changed files
with
448 additions
and
47 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. | ||
# | ||
# Generated on 2020-11-11T19:39:46Z by kres latest. | ||
|
||
policies: | ||
- type: commit | ||
spec: | ||
dco: true | ||
gpg: false | ||
spellcheck: | ||
locale: US | ||
maximumOfOneCommit: true | ||
header: | ||
length: 89 | ||
imperative: true | ||
case: lower | ||
invalidLastCharacters: . | ||
body: | ||
required: true | ||
conventional: | ||
types: ["chore","docs","perf","refactor","style","test","release"] | ||
scopes: ["*"] | ||
- type: license | ||
spec: | ||
skipPaths: | ||
- .git/ | ||
includeSuffixes: | ||
- .go | ||
excludeSuffixes: | ||
- .pb.go | ||
header: | | ||
// This Source Code Form is subject to the terms of the Mozilla Public | ||
// License, v. 2.0. If a copy of the MPL was not distributed with this | ||
// file, You can obtain one at http://mozilla.org/MPL/2.0/. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,12 @@ | ||
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. | ||
# | ||
# Generated on 2020-08-17T13:49:58Z by kres 3d35a96-dirty. | ||
# Generated on 2020-11-11T19:39:46Z by kres latest. | ||
|
||
** | ||
!tls | ||
!x509 | ||
!go.mod | ||
!go.sum | ||
!.golangci.yml | ||
!README.md | ||
!.markdownlint.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. | ||
# | ||
# Generated on 2020-11-11T19:39:46Z by kres latest. | ||
|
||
{ | ||
"MD013": false, | ||
"MD033": false, | ||
"default": true | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,10 +2,19 @@ | |
|
||
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. | ||
# | ||
# Generated on 2020-08-17T13:49:58Z by kres 3d35a96-dirty. | ||
# Generated on 2020-11-11T19:39:46Z by kres latest. | ||
|
||
ARG TOOLCHAIN | ||
|
||
# runs markdownlint | ||
FROM node:14.8.0-alpine AS lint-markdown | ||
RUN npm i -g [email protected] | ||
RUN npm i [email protected] | ||
WORKDIR /src | ||
COPY .markdownlint.json . | ||
COPY ./README.md ./README.md | ||
RUN markdownlint --ignore "**/node_modules/**" --ignore '**/hack/chglog/**' --rules /node_modules/sentences-per-line/index.js . | ||
|
||
# base toolchain image | ||
FROM ${TOOLCHAIN} AS toolchain | ||
RUN apk --update --no-cache add bash curl build-base | ||
|
@@ -14,6 +23,7 @@ RUN apk --update --no-cache add bash curl build-base | |
FROM toolchain AS tools | ||
ENV GO111MODULE on | ||
ENV CGO_ENABLED 0 | ||
ENV GOPATH /go | ||
RUN curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | bash -s -- -b /bin v1.30.0 | ||
ARG GOFUMPT_VERSION | ||
RUN cd $(mktemp -d) \ | ||
|
@@ -26,11 +36,11 @@ FROM tools AS base | |
WORKDIR /src | ||
COPY ./go.mod . | ||
COPY ./go.sum . | ||
RUN go mod download | ||
RUN go mod verify | ||
RUN --mount=type=cache,target=/go/pkg go mod download | ||
RUN --mount=type=cache,target=/go/pkg go mod verify | ||
COPY ./tls ./tls | ||
COPY ./x509 ./x509 | ||
RUN go list -mod=readonly all >/dev/null | ||
RUN --mount=type=cache,target=/go/pkg go list -mod=readonly all >/dev/null | ||
|
||
# runs gofumpt | ||
FROM base AS lint-gofumpt | ||
|
@@ -41,17 +51,17 @@ RUN FILES="$(gofumports -l -local github.com/talos-systems/crypto .)" && test -z | |
FROM base AS lint-golangci-lint | ||
COPY .golangci.yml . | ||
ENV GOGC 50 | ||
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/root/.cache/golangci-lint golangci-lint run --config .golangci.yml | ||
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/root/.cache/golangci-lint --mount=type=cache,target=/go/pkg golangci-lint run --config .golangci.yml | ||
|
||
# runs unit-tests with race detector | ||
FROM base AS unit-tests-race | ||
ARG TESTPKGS | ||
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/tmp CGO_ENABLED=1 go test -v -race -count 1 ${TESTPKGS} | ||
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg --mount=type=cache,target=/tmp CGO_ENABLED=1 go test -v -race -count 1 ${TESTPKGS} | ||
|
||
# runs unit-tests | ||
FROM base AS unit-tests-run | ||
ARG TESTPKGS | ||
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/tmp go test -v -covermode=atomic -coverprofile=coverage.txt -count 1 ${TESTPKGS} | ||
RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg --mount=type=cache,target=/tmp go test -v -covermode=atomic -coverprofile=coverage.txt -count 1 ${TESTPKGS} | ||
|
||
FROM scratch AS unit-tests | ||
COPY --from=unit-tests-run /src/coverage.txt /coverage.txt | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
<!-- THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. --> | ||
<!-- --> | ||
<!-- Generated on 2020-11-11T19:39:46Z by kres latest. --> | ||
|
||
{{ range .Versions }} | ||
<a name="{{ .Tag.Name }}"></a> | ||
## {{ if .Tag.Previous }}[{{ .Tag.Name }}]({{ $.Info.RepositoryURL }}/compare/{{ .Tag.Previous.Name }}...{{ .Tag.Name }}){{ else }}{{ .Tag.Name }}{{ end }} ({{ datetime "2006-01-02" .Tag.Date }}) | ||
|
||
{{ range .CommitGroups -}} | ||
### {{ .Title }} | ||
|
||
{{ range .Commits -}} | ||
* {{ if .Scope }}**{{ .Scope }}:** {{ end }}{{ .Subject }} | ||
{{ end }} | ||
{{ end -}} | ||
|
||
{{- if .NoteGroups -}} | ||
{{ range .NoteGroups -}} | ||
### {{ .Title }} | ||
|
||
{{ range .Notes }} | ||
{{ .Body }} | ||
{{ end }} | ||
{{ end -}} | ||
{{ end -}} | ||
{{ end -}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. | ||
# | ||
# Generated on 2020-11-11T19:39:46Z by kres latest. | ||
|
||
style: github | ||
template: CHANGELOG.tpl.md | ||
info: | ||
title: CHANGELOG | ||
repository_url: https://github.com/talos-systems/crypto | ||
options: | ||
commits: | ||
# filters: | ||
# Type: | ||
# - feat | ||
# - fix | ||
# - perf | ||
# - refactor | ||
commit_groups: | ||
# title_maps: | ||
# feat: Features | ||
# fix: Bug Fixes | ||
# perf: Performance Improvements | ||
# refactor: Code Refactoring | ||
header: | ||
pattern: "^(\\w*)(?:\\(([\\w\\$\\.\\-\\*\\s]*)\\))?\\:\\s(.*)$" | ||
pattern_maps: | ||
- Type | ||
- Scope | ||
- Subject | ||
notes: | ||
keywords: | ||
- BREAKING CHANGE |
Oops, something went wrong.