Hi,as an alternative proposal, the attached patch fixes the bug by re-generating the example certificates before the test.
Cheers TimoOn Wed, 28 May 2025 14:49:16 +0200 Santiago Vila <sanv...@debian.org> wrote:
tags 1078640 patch thanks Hello. The attached trivial patch (to be imported with quilt) should fix this bug. Thanks.
-- ⢀⣴⠾⠻⢶⣦⠀ ╭────────────────────────────────────────────────────╮ ⣾⠁⢠⠒⠀⣿⡁ │ Timo Röhling │ ⢿⡄⠘⠷⠚⠋⠀ │ 9B03 EBB9 8300 DF97 C2B1 23BF CC8C 6BDD 1403 F4CA │ ⠈⠳⣄⠀⠀⠀⠀ ╰────────────────────────────────────────────────────╯
From 2a7a8be27f582a6829f501b38e5a19fcc78ea308 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20R=C3=B6hling?= <roehl...@debian.org>
Date: Wed, 16 Jul 2025 18:13:12 +0200
Subject: [PATCH] Freshly generate example certificates for test suite
Closes: #1078640
---
debian/control | 5 +++-
.../patches/0019-do-not-download-ca-gem.patch | 24 +++++++++++++++++++
debian/patches/series | 1 +
debian/rules | 9 +++++++
4 files changed, 38 insertions(+), 1 deletion(-)
create mode 100644 debian/patches/0019-do-not-download-ca-gem.patch
diff --git a/debian/control b/debian/control
index 659a047..136a764 100644
--- a/debian/control
+++ b/debian/control
@@ -16,7 +16,10 @@ Build-Depends: curl,
ruby-nio4r (>= 2),
ruby-rack,
ruby-rackup | ruby-rack (<< 3),
- ruby-sd-notify
+ ruby-sd-notify,
+ default-jre-headless <!nocheck>,
+ openssl <!nocheck>,
+ ruby-certificate-authority <!nocheck>,
Standards-Version: 4.7.0
Vcs-Git: https://salsa.debian.org/ruby-team/puma.git
Vcs-Browser: https://salsa.debian.org/ruby-team/puma
diff --git a/debian/patches/0019-do-not-download-ca-gem.patch b/debian/patches/0019-do-not-download-ca-gem.patch
new file mode 100644
index 0000000..eb900fb
--- /dev/null
+++ b/debian/patches/0019-do-not-download-ca-gem.patch
@@ -0,0 +1,24 @@
+From: =?utf-8?q?Timo_R=C3=B6hling?= <roehl...@debian.org>
+Date: Wed, 16 Jul 2025 18:35:43 +0200
+Subject: Do not download certificate_authority gem
+
+---
+ examples/generate_chain_test.rb | 5 +----
+ 1 file changed, 1 insertion(+), 4 deletions(-)
+
+diff --git a/examples/generate_chain_test.rb b/examples/generate_chain_test.rb
+index 2676760..dbe89ab 100644
+--- a/examples/generate_chain_test.rb
++++ b/examples/generate_chain_test.rb
+@@ -11,10 +11,7 @@ certs before date will be the first of the current month
+ =end
+
+ require 'bundler/inline'
+-gemfile(true) do
+- source 'https://rubygems.org'
+- gem 'certificate_authority'
+-end
++require 'certificate_authority'
+
+ module GenerateChainCerts
+
diff --git a/debian/patches/series b/debian/patches/series
index c5b71d5..4294a58 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -8,3 +8,4 @@
0017-disable-test-failing-on-armhf.patch
0018-disable-test-failing-with-ruby3.2.patch
0010-Disable-test-concurrency-without-concurrent_ruby.patch
+0019-do-not-download-ca-gem.patch
diff --git a/debian/rules b/debian/rules
index da15652..5951199 100755
--- a/debian/rules
+++ b/debian/rules
@@ -12,3 +12,12 @@ export TEST_CASE_TIMEOUT = 300
override_dh_installchangelogs:
dh_installchangelogs History.md
+
+EXAMPLES_CERT_DIR = examples/puma
+execute_before_dh_auto_test:
+ cp -r $(EXAMPLES_CERT_DIR) $(EXAMPLES_CERT_DIR).upstream
+ examples/generate_all_certs
+
+execute_before_dh_clean:
+ if test -d $(EXAMPLES_CERT_DIR).upstream; then rm -r $(EXAMPLES_CERT_DIR) && mv $(EXAMPLES_CERT_DIR).upstream $(EXAMPLES_CERT_DIR); fi
+
--
2.50.0
signature.asc
Description: PGP signature
