* Add CLI options
* Add manifest types
* Thread signature policy through to fetchers
* Thread signing section through from metadata
* Implement signing validation
* Clippy
* Attempt testing
* Yes and
* Why
* fmt
* Update crates/bin/src/args.rs
Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com>
* Update crates/binstalk-fetchers/src/gh_crate_meta.rs
Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com>
* Update crates/bin/src/args.rs
Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com>
* Update crates/binstalk-fetchers/src/signing.rs
Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com>
* Update crates/binstalk-fetchers/src/signing.rs
Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com>
* Update crates/binstalk-fetchers/src/signing.rs
Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com>
* Update crates/binstalk-fetchers/src/signing.rs
Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com>
* fixes
* Finish feature
* Document
* Include all fields in the signing.file template
* Readme document
* Review fixes
* Fail on non-utf8 sig
* Thank goodness for tests
* Run test in ci
* Add rsign2 commands
* Log utf8 error
* Update e2e-tests/signing.sh
Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix `e2e-tests/signing.sh` MacOS CI failure
Move the tls cert creation into `signing.sh` and sleep for 10s to wait
for https server to start.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Refactor e2e-tests-signing files
- Use a tempdir generated by `mktemp` for all certificates-related
files
- Put other checked-in files into `e2e-tests/signing`
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fixed `e2e-tests-signing` connection err in MacOS CI
Wait for server to start up by trying to connect to it.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix `e2e-tests-signing` passing `-subj` to `openssl` on Windows
Use single quote instead of double quote to avoid automatic expansion
from bash
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix `e2e-tests-signing` waiting for server to startup
Remove `timeout` since it is not supported on MacOS.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Try to fix windows CI by setting `MSYS_NO_PATHCONV=1` on `openssl` cmds
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fixed `e2e-tests-signing` on windows
By using double `//` for the value passed to option `-subj`
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fixed infinite loop in `signing/wait-for-server` on Windows
Pass `--ssl-revoke-best-effort` to prevent schannel from checking ssl
revocation status.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Add cap on retry attempt in `signing/wait-for-server.sh`
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Let `singing/server.py` print output to stderr
so that we can see the error message there.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix running `signing/server.py` on MacOS CI
use `python3` since macos-latest still has python2 installed and
`python` is a symlink to `python2` there.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
---------
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
Co-authored-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix `detect-targets` on ubuntu 20.04, glibc 2.31
Fixed#1375 and fixed#1378
glibc 2.31 does not support `--version`, so we need to detect and
fallback to passing an executable linked with that glibc to check if it
is indeed glibc.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix compilation faillure on ubuntu-20.04
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
---------
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* feat `detect-targets`: Improve support of non-std glibc/musl
Fixed#1329
- Refactor: Create `linux::detect_alternative_targets` to reuse code
from other targets
- Run `/lib/ld-linux-{cpu_arch}.so.1 --version` for checking glibc
support instead of running `ldd --version` since it could be non-std
glibc installation and does not provide
`/lib/ld-linux-{cpu_arch}.so.1`
- Check for non-std glibc and add fallback target
`{cpu_arch}-{distro_name}-linux-gnu{abi}`
- Add `{cpu_arch}-{distro_name}-linux-musl{abi}` fallback for musl
libc, specially for Alpine since it has a
`/lib/ld-musl-{cpu_arch}.so.1`
- For unknown libc flavor, check for the target provided before
fallback to musl
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* feat `detect-targets`: Support glibc on musl target
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* feat `detect-targets`: Unify `Libc::{Gnu, Musl}` checks
since we can't really tell if we are on gnu or musl
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
---------
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* feat: Improve resolution logging
Fixed#1336
Log target of the pre-built binaries which will be installed.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix args parsing: `quiet` & `verbose` cannot be set at the same time
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* feat: Implies `--log-level debug` if `--verbose` is set
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
---------
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix GitHub token auto discovery
Fixed#1333
- Rm dep `gh-token` since it is broken and we can simply run
`gh auth token` in `cargo-binstall` instead.
- binstalk-downloader: Make sure GitHub token is at least 40B long
and other than the `_`, composes of only alphanumeric characters.
- Warn on failure to read `git/credential` files
- Optimize `try_from_home` to avoid heap allocation of `PathBuf`
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Fix typo and clippy
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Simplify `is_valid_gh_token` & `is_ascii_alphanumeric` impl
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Improve err msg in `get_inner`
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Improve err msg of `cargo_binstall::gh_token::get`
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
---------
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
Fixed#1310
Also add rename `fetch_crate_cratesio` => `fetch_crate_cratesio_api` and
put it behind a new feature `crates_io_api`.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
`binstalk-downloader` contains stuff about http(s) before the
git code is moved into it and now it becomes http and git.
While git indeed uses http stuff, which is why I decided to put
it into binstalk-downloader, it is more than just downloading
since it is stateful (can be cached locally and updated)
where as http is stateless.
Also `binstalk-downloader`'s codegen time now increases
dramatically and it also creates extra dependencies for
binstalk-fetchers, delaying its execution.
The git code also don't use anything from `binstalk-downloader`
at all, it makes sense to be an independent crate.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
- Move implementation of `main` into the library part of
`cargo-binstall` to speedup codegen.
- Move `manifests.rs` into `binstalk-manifests`
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Add `error` logging if achieve doesn't contain bin required
So that users know that this is an upstream issue and will report to
upstream.
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
* Update crates/binstalk/src/ops/resolve.rs
---------
Signed-off-by: Jiahao XU <Jiahao_XU@outlook.com>
