* Remove `let` from the script as it will return 1 (signalling an error) on the
first iteration, which will stop the script when in `set -e` mode.
It also is unnecessary, as the increment can be done at the place of
usage directly.
* Added a "remainder aka modulo" division, otherwise there will be no
TLP option set, once we run out of the four entries in the TLSs
list.
* (Style) remove superfluous semicolons.
* Add flag to display the version for each binary. It is based on `git describe` but adds
a number to the PATCH level if we are between annotated tags, so makes it semver.org
compatible. Use the "-ldflags" method that also works with go 1.17.
* Use Makefile bash and sed magic to do PATCH level increase if needed.
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
* Rephrase slightly and add hint that the issuer config
will be checked against the `$ssl_client_i_dn` variable, so the
example serves both uses.
resolve #46
* Make files more readable: Move ";" from variable and add it into the nginx config file.
* Add missing nginx option `disable_symlinks off;` to the tlp paths.
* Add an OpenPGP test keypair.
* Move script parts of documentation into script, so they can be used on a fresh Ubuntu 20.04 system
for within a github action to setup a csaf_provider and upload documents to it for an integration test.
* Use dineshsonachalam/markdown-autodocs in github action to automatically
insert lines from the scripts into the docs.
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
* Add "client-cert" and "client-key" flag options to allow the checker to use TLS client certificate for authentication.
* Fix typo TSL -> TLS in docs.
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
* Add "client-cert" and "client-key" flag options to allow the uploader to use
TLS client certificate for authentication with the provider.
Co-authored-by: Bernhard Reiter <bernhard@intevation.de>
* Documentation for the "issuer" option of the provider.
* More info of the format of the accepted file
* Print out the value of `SSL_CLIENT_I_DN` also when it is not match the issuer.
* Add a first description of the config options for csaf_provider.
* Change option name from `domain` to `canonical_prefix_url`
to make the usage more intuitively. Use`https` in the default,
if unset.
resolve #32
Co-authored-by: Bernhard E. Reiter <bernhard@intevation.de>
Co-authored-by: tschmidtb51 <65305130+tschmidtb51@users.noreply.github.com>
