Skip to content
This repository was archived by the owner on Dec 19, 2025. It is now read-only.

Comments

Use SSL_CERT_FILE env var if set in test builds#61

Merged
nothingmuch merged 2 commits intopayjoin:mainfrom
nothingmuch:testing-cert-root
Mar 12, 2025
Merged

Use SSL_CERT_FILE env var if set in test builds#61
nothingmuch merged 2 commits intopayjoin:mainfrom
nothingmuch:testing-cert-root

Conversation

@nothingmuch
Copy link
Collaborator

@nothingmuch nothingmuch commented Mar 12, 2025

When the _test-util feature is enabled, check to see if SSL_CERT_FILE is set and if that's the case use the native roots rustls connector configuration, which expects that variable to point at a pem file.

This allows a self signed certificate to be used for testing purposes, without altering the validation path, but retains webpki roots for normal builds or if the environment variable is not set (i.e. the platform supplied root certificates are not used for test builds, the environment variable must be set for this to take effect).

@nothingmuch
Use SSL_CERT_FILE env var if set in test builds
a564c7e 
When the `_test-util` feature is enabled, check to see if
`SSL_CERT_FILE` is set and if that's the case use the native roots
rustls connector configuration, which expects that variable to point at
a pem file.

This allows a self signed certificate to be used for testing purposes,
without altering the validation path, but retains webpki roots for
normal builds or if the environment variable is not set (i.e. the
platform supplied root certificates are not used for test builds, the
environment variable must be set for this to take effect).
@nothingmuch nothingmuch mentioned this pull request Mar 12, 2025
Merged
DanGould
DanGould approved these changes Mar 12, 2025
View reviewed changes
Copy link
Collaborator

@DanGould DanGould left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK a564c7e

Should we be testing that builds work without _test-util in CI after this change? I did manually test that they do, but I can see how that might break and not get caught by CI if we only build with --all-features

@nothingmuch
Run cargo test in CI with default features too
90ffa4f 
--all-features includes _test-util, so only testing with --all-features
risks breaking the default build.
@nothingmuch nothingmuch requested a review from DanGould March 12, 2025 20:17
@DanGould
Copy link
Collaborator

DanGould commented Mar 12, 2025

did you read op? gonna merge

@nothingmuch nothingmuch merged commit d921fc6 into payjoin:main Mar 12, 2025
@nothingmuch nothingmuch deleted the testing-cert-root branch March 12, 2025 20:56
@nothingmuch
Copy link
Collaborator Author

nothingmuch commented Mar 12, 2025

Oh FFS, I didn't see any CI failures on the PR page, but that's because the job itself was errorneous

@nothingmuch nothingmuch mentioned this pull request Mar 12, 2025
Merged
@nothingmuch
Copy link
Collaborator Author

nothingmuch commented Mar 12, 2025
edited
Loading

This PR's merge commit was removed from branch main, #62 replaces it

@nothingmuch nothingmuch mentioned this pull request Mar 14, 2025
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@DanGould DanGould Awaiting requested review from DanGould

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nothingmuch @DanGould