Merge branch 'master' into herman/scep-provisioner-decrypter

Author: hslatman

.goreleaser.yml

@@ -36,7 +36,6 @@ archives:
     # Most common use case is to archive as zip on Windows.
     # Default is empty.
     name_template: "{{ .ProjectName }}_{{ .Os }}_{{ .Version }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}{{ if .Mips }}_{{ .Mips }}{{ end }}"
-    rlcp: true
     format_overrides:
       - goos: windows
         format: zip
@@ -88,7 +87,6 @@ nfpms:
 
 source:
   enabled: true
-  rlcp: true
   name_template: '{{ .ProjectName }}_{{ .Version }}'
 
 checksum:
@@ -199,6 +197,124 @@ release:
   #  - glob: ./glob/**/to/**/file/**/*
   #  - glob: ./glob/foo/to/bar/file/foobar/override_from_previous
 
+winget:
+  - 
+    # IDs of the archives to use.
+    # Empty means all IDs.
+    ids: [ default ]
+
+    #
+    # Default: ProjectName
+    # Templates: allowed
+    name: step-ca
+
+    # Publisher name.
+    #
+    # Templates: allowed
+    # Required.
+    publisher: Smallstep
+
+    # Your app's description.
+    #
+    # Templates: allowed
+    # Required.
+    short_description: "A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management."
+
+    # License name.
+    #
+    # Templates: allowed
+    # Required.
+    license: "Apache-2.0"
+
+    # Publisher URL.
+    #
+    # Templates: allowed
+    publisher_url: "https://smallstep.com"
+
+    # Publisher support URL.
+    #
+    # Templates: allowed
+    publisher_support_url: "https://github.com/smallstep/certificates/discussions"
+
+    # URL which is determined by the given Token (github, gitlab or gitea).
+    #
+    # Default depends on the client.
+    # Templates: allowed
+    url_template: "https://github.com/smallstep/certificates/releases/download/{{ .Tag }}/{{ .ArtifactName }}"
+
+    # Git author used to commit to the repository.
+    commit_author:
+      name: goreleaserbot
+      email: goreleaser@smallstep.com
+
+    # The project name and current git tag are used in the format string.
+    #
+    # Templates: allowed
+    commit_msg_template: "{{ .PackageIdentifier }}: {{ .Tag }}"
+
+    # Your app's homepage.
+    homepage: "https://github.com/smallstep/certificates"
+
+    # Your app's long description.
+    #
+    # Templates: allowed
+    description: ""
+
+    # License URL.
+    #
+    # Templates: allowed
+    license_url: "https://github.com/smallstep/certificates/blob/master/LICENSE"
+
+    # Release notes URL.
+    #
+    # Templates: allowed
+    release_notes_url: "https://github.com/smallstep/certificates/releases/tag/{{.Version}}"
+
+    # Create the PR - for testing
+    skip_upload: false
+
+    # Tags.
+    tags:
+      - certificates
+      - smallstep
+      - tls
+
+    # Repository to push the generated files to.
+    repository:
+      owner: smallstep
+      name: winget-pkgs
+      branch: step
+
+      # Optionally a token can be provided, if it differs from the token
+      # provided to GoReleaser
+      # Templates: allowed
+      #token: "{{ .Env.GITHUB_PERSONAL_AUTH_TOKEN }}"
+
+      # Sets up pull request creation instead of just pushing to the given branch.
+      # Make sure the 'branch' property is different from base before enabling
+      # it.
+      #
+      # Since: v1.17
+      pull_request:
+        # Whether to enable it or not.
+        enabled: true
+        #check_boxes: true
+        # Whether to open the PR as a draft or not.
+        #
+        # Default: false
+        # Since: v1.19
+        # draft: true
+
+        # Base can also be another repository, in which case the owner and name
+        # above will be used as HEAD, allowing cross-repository pull requests.
+        #
+        # Since: v1.19
+        base:
+          owner: microsoft
+          name: winget-pkgs
+          branch: master
+
+
 scoops:
   -
     ids: [ default ]
@@ -208,7 +324,7 @@ scoops:
     # Default for gitea is "https://gitea.com/<repo_owner>/<repo_name>/releases/download/{{ .Tag }}/{{ .ArtifactName }}"
     url_template: "http://github.com/smallstep/certificates/releases/download/{{ .Tag }}/{{ .ArtifactName }}"
     # Repository to push the app manifest to.
-    bucket:
+    repository:
       owner: smallstep
       name: scoop-bucket
 

acme/api/account_test.go

@@ -7,6 +7,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"net/http"
 	"net/http/httptest"
 	"net/url"
 	"testing"
@@ -313,7 +314,7 @@ func TestHandler_GetOrdersByAccountID(t *testing.T) {
 		"fail/nil-account": func(t *testing.T) test {
 			return test{
 				db:         &acme.MockDB{},
-				ctx:        context.WithValue(context.Background(), accContextKey, nil),
+				ctx:        context.WithValue(context.Background(), accContextKey, http.NoBody),
 				statusCode: 400,
 				err:        acme.NewError(acme.ErrorAccountDoesNotExistType, "account does not exist"),
 			}
@@ -363,7 +364,7 @@ func TestHandler_GetOrdersByAccountID(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := acme.NewContext(tc.ctx, tc.db, nil, acme.NewLinker("test.ca.smallstep.com", "acme"), nil)
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			GetOrdersByAccountID(w, req)
@@ -802,7 +803,7 @@ func TestHandler_NewAccount(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := acme.NewContext(tc.ctx, tc.db, nil, acme.NewLinker("test.ca.smallstep.com", "acme"), nil)
-			req := httptest.NewRequest("GET", "/foo/bar", nil)
+			req := httptest.NewRequest("GET", "/foo/bar", http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			NewAccount(w, req)
@@ -1005,7 +1006,7 @@ func TestHandler_GetOrUpdateAccount(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := acme.NewContext(tc.ctx, tc.db, nil, acme.NewLinker("test.ca.smallstep.com", "acme"), nil)
-			req := httptest.NewRequest("GET", "/foo/bar", nil)
+			req := httptest.NewRequest("GET", "/foo/bar", http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			GetOrUpdateAccount(w, req)

acme/api/handler_test.go

@@ -60,7 +60,7 @@ func TestHandler_GetNonce(t *testing.T) {
 	}
 
 	// Request with chi context
-	req := httptest.NewRequest("GET", "http://ca.smallstep.com/nonce", nil)
+	req := httptest.NewRequest("GET", "http://ca.smallstep.com/nonce", http.NoBody)
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -175,7 +175,7 @@ func TestHandler_GetDirectory(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := acme.NewLinkerContext(tc.ctx, acme.NewLinker("test.ca.smallstep.com", "acme"))
-			req := httptest.NewRequest("GET", "/foo/bar", nil)
+			req := httptest.NewRequest("GET", "/foo/bar", http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			GetDirectory(w, req)
@@ -347,7 +347,7 @@ func TestHandler_GetAuthorization(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := acme.NewContext(tc.ctx, tc.db, nil, acme.NewLinker("test.ca.smallstep.com", "acme"), nil)
-			req := httptest.NewRequest("GET", "/foo/bar", nil)
+			req := httptest.NewRequest("GET", "/foo/bar", http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			GetAuthorization(w, req)
@@ -489,7 +489,7 @@ func TestHandler_GetCertificate(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := acme.NewDatabaseContext(tc.ctx, tc.db)
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			GetCertificate(w, req)
@@ -747,7 +747,7 @@ func TestHandler_GetChallenge(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := acme.NewContext(tc.ctx, tc.db, nil, acme.NewLinker("test.ca.smallstep.com", "acme"), nil)
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			GetChallenge(w, req)

acme/api/middleware_test.go

@@ -75,7 +75,7 @@ func TestHandler_addNonce(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := newBaseContext(context.Background(), tc.db)
-			req := httptest.NewRequest("GET", u, nil).WithContext(ctx)
+			req := httptest.NewRequest("GET", u, http.NoBody).WithContext(ctx)
 			w := httptest.NewRecorder()
 			addNonce(testNext)(w, req)
 			res := w.Result()
@@ -127,7 +127,7 @@ func TestHandler_addDirLink(t *testing.T) {
 	for name, run := range tests {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
-			req := httptest.NewRequest("GET", "/foo", nil)
+			req := httptest.NewRequest("GET", "/foo", http.NoBody)
 			req = req.WithContext(tc.ctx)
 			w := httptest.NewRecorder()
 			addDirLink(testNext)(w, req)
@@ -230,7 +230,7 @@ func TestHandler_verifyContentType(t *testing.T) {
 			if tc.url != "" {
 				_u = tc.url
 			}
-			req := httptest.NewRequest("GET", _u, nil)
+			req := httptest.NewRequest("GET", _u, http.NoBody)
 			req = req.WithContext(tc.ctx)
 			req.Header.Add("Content-Type", tc.contentType)
 			w := httptest.NewRecorder()
@@ -298,7 +298,7 @@ func TestHandler_isPostAsGet(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			// h := &Handler{}
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(tc.ctx)
 			w := httptest.NewRecorder()
 			isPostAsGet(testNext)(w, req)
@@ -582,7 +582,7 @@ func TestHandler_verifyAndExtractJWSPayload(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			// h := &Handler{}
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(tc.ctx)
 			w := httptest.NewRecorder()
 			verifyAndExtractJWSPayload(tc.next)(w, req)
@@ -829,7 +829,7 @@ func TestHandler_lookupJWK(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := newBaseContext(tc.ctx, tc.db, tc.linker)
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			lookupJWK(tc.next)(w, req)
@@ -1028,7 +1028,7 @@ func TestHandler_extractJWK(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := newBaseContext(tc.ctx, tc.db)
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			extractJWK(tc.next)(w, req)
@@ -1403,7 +1403,7 @@ func TestHandler_validateJWS(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := newBaseContext(tc.ctx, tc.db)
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			validateJWS(tc.next)(w, req)
@@ -1585,7 +1585,7 @@ func TestHandler_extractOrLookupJWK(t *testing.T) {
 		tc := prep(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := newBaseContext(tc.ctx, tc.db, tc.linker)
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			extractOrLookupJWK(tc.next)(w, req)
@@ -1670,7 +1670,7 @@ func TestHandler_checkPrerequisites(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := acme.NewPrerequisitesCheckerContext(tc.ctx, tc.prerequisitesChecker)
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			checkPrerequisites(tc.next)(w, req)

acme/api/order_test.go

@@ -8,6 +8,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"net/http"
 	"net/http/httptest"
 	"net/url"
 	"reflect"
@@ -468,7 +469,7 @@ func TestHandler_GetOrder(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := newBaseContext(tc.ctx, tc.db, acme.NewLinker("test.ca.smallstep.com", "acme"))
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			GetOrder(w, req)
@@ -1827,7 +1828,7 @@ func TestHandler_NewOrder(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			mockMustAuthority(t, tc.ca)
 			ctx := newBaseContext(tc.ctx, tc.db, acme.NewLinker("test.ca.smallstep.com", "acme"))
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			NewOrder(w, req)
@@ -2124,7 +2125,7 @@ func TestHandler_FinalizeOrder(t *testing.T) {
 		tc := run(t)
 		t.Run(name, func(t *testing.T) {
 			ctx := newBaseContext(tc.ctx, tc.db, acme.NewLinker("test.ca.smallstep.com", "acme"))
-			req := httptest.NewRequest("GET", u, nil)
+			req := httptest.NewRequest("GET", u, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			FinalizeOrder(w, req)

acme/api/revoke_test.go

@@ -1072,7 +1072,7 @@ func TestHandler_RevokeCert(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			ctx := newBaseContext(tc.ctx, tc.db, acme.NewLinker("test.ca.smallstep.com", "acme"))
 			mockMustAuthority(t, tc.ca)
-			req := httptest.NewRequest("POST", revokeURL, nil)
+			req := httptest.NewRequest("POST", revokeURL, http.NoBody)
 			req = req.WithContext(ctx)
 			w := httptest.NewRecorder()
 			RevokeCert(w, req)
@@ -1094,7 +1094,7 @@ func TestHandler_RevokeCert(t *testing.T) {
 				assert.Equals(t, res.Header["Content-Type"], []string{"application/problem+json"})
 			} else {
 				assert.True(t, bytes.Equal(bytes.TrimSpace(body), []byte{}))
-				assert.Equals(t, int64(0), req.ContentLength)
+				assert.Equals(t, int64(-1), req.ContentLength)
 				assert.Equals(t, []string{fmt.Sprintf("<%s/acme/%s/directory>;rel=\"index\"", baseURL.String(), escProvName)}, res.Header["Link"])
 			}
 		})