Combine default/custom certs in cacert

author: mo khan <mo.khan@gmail.com> 2020-07-21 14:50:23 -0600
committer: mo khan <mo.khan@gmail.com> 2020-07-22 11:14:41 -0600
commit: f4ec1f1bf826654ab963d32a2d4a2588ecb91c04 (patch)
tree: d0273449c4569e2faffd053c4ed1287ef081a221 /spec/integration
parent: ca675527b53c2a8316c962ee1a17bc1ee1c0c156 (diff)
5 files changed, 36 insertions, 16 deletions
diff --git a/spec/integration/js/bower_spec.rb b/spec/integration/js/bower_spec.rb
index 6d51394..227718e 100644
--- a/spec/integration/js/bower_spec.rb
+++ b/spec/integration/js/bower_spec.rb
@@ -11,7 +11,7 @@ RSpec.describe "bower" do
     end
 
     specify { expect(subject).to match_schema }
-    specify { expect(subject.dependency_names).to match_array(['cli', 'ev-emitter', 'example-project', 'fizzy-ui-utils', 'get-size', 'jquery', 'masonry-layout', 'matches-selector', 'outlayer', 'stimulus.umd']) }
+    specify { expect(subject.dependency_names).to match_array(['debug', 'cli', 'ev-emitter', 'example-project', 'fizzy-ui-utils', 'get-size', 'jquery', 'masonry-layout', 'matches-selector', 'outlayer', 'stimulus.umd']) }
     specify { expect(subject.licenses_for('cli')).to match_array(['Apache-2.0', 'BSD-2-Clause', 'BSD-3-Clause', 'ISC', 'MIT']) }
     specify { expect(subject.licenses_for('ev-emitter')).to match_array(['MIT']) }
     specify { expect(subject.licenses_for('example-project')).to match_array(['ISC']) }
@@ -24,10 +24,15 @@ RSpec.describe "bower" do
     specify { expect(subject.licenses_for('stimulus.umd')).to match_array(['unknown']) }
   end
 
-  context "when scanning a bower project with a dependency from a custom npm registry", environment: 'offline' do
-    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => fixture_file_content('js/custom-npm.crt') }) }
+  context "when scanning a bower project with a dependency from a custom npm registry" do
+    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read }) }
+
+    let(:private_npm_host) { 'npm.test' }
 
     before do
+      add_host(private_npm_host, '127.0.0.1')
+      start_proxy_server
+
       runner.add_file(".npmrc", "registry = https://#{private_npm_host}")
       runner.add_file(".bowerrc") do
         JSON.pretty_generate({ resolvers: ['bower-npm-resolver'] })
@@ -42,7 +47,8 @@ RSpec.describe "bower" do
     end
 
     specify { expect(subject).to match_schema }
-    specify { expect(subject.dependency_names).to match_array(%w[js-bower lodash]) }
+    specify { expect(subject.dependency_names).to match_array(%w[debug js-bower lodash]) }
+    specify { expect(subject.licenses_for('debug')).to match_array(['unknown']) }
     specify { expect(subject.licenses_for('js-bower')).to match_array(['ISC']) }
     specify { expect(subject.licenses_for('lodash')).to match_array(['MIT']) }
   end
diff --git a/spec/integration/js/npm_spec.rb b/spec/integration/js/npm_spec.rb
index 0efc97a..a8dd2d4 100644
--- a/spec/integration/js/npm_spec.rb
+++ b/spec/integration/js/npm_spec.rb
@@ -467,10 +467,15 @@ RSpec.describe "npm" do
     end
   end
 
-  context "when scanning a project with dependencies sourced from a custom registry", environment: 'offline' do
-    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => fixture_file_content('js/custom-npm.crt') }) }
+  context "when scanning a project with dependencies sourced from a custom registry" do
+    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read }) }
+
+    let(:private_npm_host) { 'npm.test' }
 
     before do
+      add_host('npm.test', '127.0.0.1')
+      start_proxy_server
+
       runner.add_file(".npmrc", "registry = https://#{private_npm_host}")
       runner.add_file("package.json") do
         JSON.pretty_generate({
diff --git a/spec/integration/js/yarn_spec.rb b/spec/integration/js/yarn_spec.rb
index bacac47..d81564c 100644
--- a/spec/integration/js/yarn_spec.rb
+++ b/spec/integration/js/yarn_spec.rb
@@ -150,10 +150,15 @@ RSpec.describe "yarn" do
     end
   end
 
-  context "when scanning a project with dependencies sourced from a custom registry", environment: 'offline' do
-    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => fixture_file_content('js/custom-npm.crt') }) }
+  context "when scanning a project with dependencies sourced from a custom registry" do
+    subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read }) }
+
+    let(:private_npm_host) { 'npm.test' }
 
     before do
+      add_host('npm.test', '127.0.0.1')
+      start_proxy_server
+
       runner.add_file(".yarnrc.yml", "npmRegistryServer: \"https://#{private_npm_host}\"")
 
       runner.add_file("package.json") do
diff --git a/spec/integration/python/pip_spec.rb b/spec/integration/python/pip_spec.rb
index e808188..a52b992 100644
--- a/spec/integration/python/pip_spec.rb
+++ b/spec/integration/python/pip_spec.rb
@@ -127,11 +127,13 @@ RSpec.describe "pip" do
     end
   end
 
-  context "when connecting to a private package repository with self signed certificate", environment: 'offline' do
-    let(:index_url) { "https://#{private_pypi_host}/simple" }
-    let(:bundle) { fixture_file_content('python/pypi.crt') }
+  context "when connecting to a private package repository with self signed certificate" do
+    let(:index_url) { "https://pypi.test/simple" }
 
     before do
+      add_host('pypi.test', '127.0.0.1')
+      start_proxy_server
+
       runner.add_file('setup.py') do
         <<~RAW
 from setuptools import setup, find_packages
@@ -148,7 +150,7 @@ setup(
 
     it 'downloads the packages and trusts the certificate' do
       report = runner.scan(env: {
-        'ADDITIONAL_CA_CERT_BUNDLE' => bundle,
+        'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read,
         'PIP_INDEX_URL' => index_url
       })
 
diff --git a/spec/integration/python/pipenv_spec.rb b/spec/integration/python/pipenv_spec.rb
index b95f1fa..5cc9128 100644
--- a/spec/integration/python/pipenv_spec.rb
+++ b/spec/integration/python/pipenv_spec.rb
@@ -202,18 +202,20 @@ RSpec.describe "pipenv" do
     end
   end
 
-  context "when connecting to a private package repository with self signed certificate", environment: 'offline' do
-    let(:index_url) { "https://#{private_pypi_host}/simple" }
-    let(:bundle) { fixture_file_content('python/pypi.crt') }
+  context "when connecting to a private package repository with self signed certificate" do
+    let(:index_url) { "https://pypi.test/simple" }
 
     before do
+      add_host('pypi.test', '127.0.0.1')
+      start_proxy_server
+
       runner.add_file('Pipfile', fixture_file_content('python/airgap-Pipfile.erb', index_url: index_url))
       runner.add_file('Pipfile.lock', fixture_file_content('python/airgap-Pipfile.lock.erb', index_url: index_url))
     end
 
     it 'downloads the packages and trusts the certificate' do
       report = runner.scan(env: {
-        'ADDITIONAL_CA_CERT_BUNDLE' => bundle,
+        'ADDITIONAL_CA_CERT_BUNDLE' => x509_certificate('wildcard.test').read,
         'PIP_INDEX_URL' => index_url
       })
author	mo khan <mo.khan@gmail.com>	2020-07-21 14:50:23 -0600
committer	mo khan <mo.khan@gmail.com>	2020-07-22 11:14:41 -0600
commit	f4ec1f1bf826654ab963d32a2d4a2588ecb91c04 (patch)
tree	d0273449c4569e2faffd053c4ed1287ef081a221 /spec/integration
parent	ca675527b53c2a8316c962ee1a17bc1ee1c0c156 (diff)