Run unit tests on push#2
Merged
Merged
Conversation
The project has some decorative unit tests. If we run them, they are not decorative anymore and can help spot regressions.
The test suite now pass on Linux, but fails on windows. Maybe comparing bundles will help stop the root cause of the issue.
Fix this warning from jRuby: ``` OpenSSL::X509::Request#version= has no effect on certification request ```
While MRI ruby/openssl seems to have no issue with OID vs. friendly name,
jruby/jruby-openssl raise an exception when passed these OIDs as String:
Java::JavaLang::NullPointerException:
'element' cannot be null
# org.bouncycastle.asn1.ASN1EncodableVector.add(Unknown Source)
# org.jruby.ext.openssl.X509ExtensionFactory.parseExtendedKeyUsage(X509ExtensionFactory.java:608)
# org.jruby.ext.openssl.X509ExtensionFactory.create_ext(X509ExtensionFactory.java:200)
# org.jruby.ext.openssl.X509ExtensionFactory.create_extension(X509ExtensionFactory.java:216)
# org.jruby.ext.openssl.X509ExtensionFactory$INVOKER$i$0$0$create_extension.call(X509ExtensionFactory$INVOKER$i$0$0$create_extension.gen)
# org.jruby.dist/org.jruby.internal.runtime.methods.JavaMethod$JavaMethodN.call(JavaMethod.java:847)
[... 200 lines of Java backtrace ...]
# org.jruby.dist/org.jruby.Ruby.runScript(Ruby.java:1245)
# org.jruby.dist/org.jruby.Ruby.runNormally(Ruby.java:1157)
# org.jruby.dist/org.jruby.Ruby.runFromMain(Ruby.java:983)
# org.jruby.dist/org.jruby.Main.doRunFromMain(Main.java:398)
# org.jruby.dist/org.jruby.Main.internalRun(Main.java:282)
# org.jruby.dist/org.jruby.Main.run(Main.java:227)
# org.jruby.dist/org.jruby.Main.main(Main.java:199)
Pass the corresponding friendly names instead of OIDs to fix this issue.
When creating a CRL from scratch, the internal state of the CRL is incorrect when calling #to_pem, resulting in an invalid CRL. A bunch of tests are failing because of this. Implement a workaround by serializing the CRL to der format and use that to initialize a new CRL object.
smortex
force-pushed
the
run-unit-tests
branch
4 times, most recently
from
4f7e06c to
da736e6
Compare
Updating extensions in-place does not work with all Ruby implementations. Moreover, building a `crlNumber` extension does not work the same way on MRI and jruby, its bugs all the way down :-(. The first issue was already encountered with MRI: https://github.com/smortex/puppet-renew-certificate/blob/761d5e768933aae0233e77aeac4aea01d3fd2fa8/exe/puppet-renew-certificate#L125 So, play safe: remove extensions and re-create them one by one instead of trying to update them in-place. Also check what implementation of Ruby we are running to add the `crlNumber` as pleased the current ruby virtual machine.
smortex
added a commit
that referenced
this pull request
Jun 30, 2025
Test workflows has been voluntarily skiped because they are currently being worked on in another issue (#2).
The code would need to be adjusted to support windows, but as the OpenVox Server does not support windows, it is not worth working on it at the moment. This commit can be reverted when we decide to ship OpenVox Server for windows.
ruby/openssl and jruby/jruby-openssl have slightly different interfaces, and supporting both would require more adjustments, but as the openvoxservec ca command run in the context of MRI, we do not depend on this work for now. This commit can be reverted if we want to run the code on jruby.
Member
Author
|
So, I finally added a pair of commits to skip non-working environments (windows, jruby). If we decide to run on them, we can revert these commits. For now we only test with MRI, that is the only environment supported by OpenVox Server for now. |
bastelfreak
reviewed
Jul 3, 2025
| csr = OpenSSL::X509::Request.new | ||
| csr.public_key = key.public_key | ||
| csr.subject = OpenSSL::X509::Name.new([["CN", name]]) | ||
| csr.version = 2 |
Contributor
There was a problem hiding this comment.
Can you explain the Impact of this Change? I am a bit lost Here.
Member
Author
There was a problem hiding this comment.
jruby-openssl produce warnings for non-critical issues it detects. In this case, it complain that we set a version in a CSR while this parameter is ignored:
https://github.com/jruby/jruby-openssl/blob/de0d96c189c29e4f7668e3943d678696e7d7e3c3/src/main/java/org/jruby/ext/openssl/X509Request.java#L253 (current warning)
https://github.com/jruby/jruby-openssl/blame/01e12c17698bef4d7671a795d30e1c368d02b848/src/main/java/org/jruby/ext/openssl/X509Request.java#L227 (initial introduction)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The project has some decorative unit tests. If we run them, they are not
decorative anymore and can help spot regressions.