release version 1.24.0

mathiasertl · May 1, 2023 · 3b6915e · 3b6915e
1 parent 5d60b1e
commit 3b6915e
Show file tree

Hide file tree

Showing 9 changed files with 147 additions and 16 deletions.
diff --git a/ca/django_ca/__init__.py b/ca/django_ca/__init__.py
@@ -20,7 +20,7 @@
 # https://www.python.org/dev/peps/pep-0440/
 # https://www.python.org/dev/peps/pep-0396/
 # https://www.python.org/dev/peps/pep-0386/
-VERSION = (1, 24, 0, "dev", 1)
+VERSION = (1, 24, 0)
 
 # __version__ specified in PEP 0396, but we use the PEP 0440 format instead
 __version__ = ".".join([str(e) for e in VERSION[:3]])

diff --git a/devscripts/standalone/create-testdata.py b/devscripts/standalone/create-testdata.py
@@ -104,14 +104,15 @@ def create_cert(ca: CertificateAuthority, **kwargs) -> Certificate:
     common_name = f"cert.{ca.cn}"
     # NOTE: We don't care about the type of private key, as the CA only ever receives the CSR
     cert_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
+    subject = x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, common_name)])
 
     # Create the most basic CSR
     csr_builder = x509.CertificateSigningRequestBuilder()
-    csr_builder = csr_builder.subject_name(x509.Name([x509.NameAttribute(NameOID.COMMON_NAME, common_name)]))
+    csr_builder = csr_builder.subject_name(subject)
     csr_request = csr_builder.sign(cert_key, hashes.SHA256())
 
     # Create a certificate
-    cert = Certificate.objects.create_cert(ca=ca, csr=csr_request, subject=f"/CN={common_name}", **kwargs)
+    cert = Certificate.objects.create_cert(ca=ca, csr=csr_request, subject=subject, **kwargs)
     return cert
 
 

diff --git a/devscripts/standalone/test-imports.py b/devscripts/standalone/test-imports.py
@@ -103,9 +103,8 @@
 from django.contrib.staticfiles import finders
 from django.template.loader import TemplateDoesNotExist, get_template
 
-from django_ca import models, subject, utils, views
+from django_ca import models, utils, views
 from django_ca.acme import constants, messages, utils, views
-from django_ca.extensions import Extension
 
 # Test if (some) templates can be loaded
 for template in [

diff --git a/devscripts/validation/docker_compose.py b/devscripts/validation/docker_compose.py
@@ -334,10 +334,7 @@ def test_update(release):
     with tempfile.TemporaryDirectory() as tmpdir:
         last_release_dest = utils.git_archive(last_release, tmpdir)
         shutil.copy(last_release_dest / "docker-compose.yml", tmpdir)
-        if last_release == "1.21.0":  # can be removed once 1.22.0 is released
-            standalone_dir = last_release_dest / "devscripts"
-        else:
-            standalone_dir = last_release_dest / "devscripts" / "standalone"
+        standalone_dir = last_release_dest / "devscripts" / "standalone"
         backend = f"{os.path.basename(tmpdir)}-backend-1"
         frontend = f"{os.path.basename(tmpdir)}-frontend-1"
         standalone_dest = "/usr/src/django-ca/ca/"
@@ -401,7 +398,7 @@ def test_acme(release):
             # Start containers
             with _compose_up(env=environ):
                 _validate_container_versions(release, env=environ)
-                _manage("backend", "init_ca", "--path_length=1", "Root", "/CN=Root", env=environ)
+                _manage("backend", "init_ca", "--path-length=1", "Root", "/CN=Root", env=environ)
                 _manage(
                     "backend",
                     "init_ca",

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -22,7 +22,7 @@ services:
             - pgdata:/var/lib/postgresql/data
 
     backend:
-        image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-latest}
+        image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-1.24.0}
         command: ./celery.sh -l ${CELERY_LOG_LEVEL:-warning}
         depends_on:
             - cache
@@ -54,7 +54,7 @@ services:
         stop_grace_period: 30s
 
     frontend:
-        image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-latest}
+        image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-1.24.0}
         depends_on:
             - cache
             - db

diff --git a/docs/source/_files/1.24.0/docker-compose.yml b/docs/source/_files/1.24.0/docker-compose.yml
@@ -0,0 +1,133 @@
+services:
+    cache:
+        image: redis:7-alpine
+        networks:
+            - cache
+        restart: unless-stopped
+        volumes:
+           - redis:/data
+    db:
+        image: postgres:12-alpine
+        environment:
+            POSTGRES_DB:
+            POSTGRES_DB_FILE:
+            POSTGRES_PASSWORD:
+            POSTGRES_PASSWORD_FILE:
+            POSTGRES_USER:
+            POSTGRES_USER_FILE:
+        networks:
+            - database
+        restart: unless-stopped
+        volumes:
+            - pgdata:/var/lib/postgresql/data
+
+    backend:
+        image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-1.24.0}
+        command: ./celery.sh -l ${CELERY_LOG_LEVEL:-warning}
+        depends_on:
+            - cache
+            - db
+        networks:
+            - cache
+            - database
+            - public
+        volumes:
+            - backend_ca_dir:/var/lib/django-ca/certs/
+            - shared_ca_dir:/var/lib/django-ca/certs/ca/shared/
+            - ocsp_key_dir:/var/lib/django-ca/certs/ocsp/
+        environment:
+            DJANGO_CA_ALLOWED_HOSTS:
+            DJANGO_CA_CA_DEFAULT_CA:
+            DJANGO_CA_CA_DEFAULT_HOSTNAME:
+            DJANGO_CA_CA_ENABLE_ACME:
+            DJANGO_CA_SECRET_KEY:
+            DJANGO_CA_SECRET_KEY_FILE: ${DJANGO_CA_SECRET_KEY_FILE:-/var/lib/django-ca/certs/ca/shared/secret_key}
+            DJANGO_CA_SETTINGS: ${DJANGO_CA_SETTINGS:-conf/:conf/compose}
+            POSTGRES_DB:
+            POSTGRES_DB_FILE:
+            POSTGRES_PASSWORD:
+            POSTGRES_PASSWORD_FILE:
+            POSTGRES_USER:
+            POSTGRES_USER_FILE:
+            WAIT_FOR_CONNECTIONS: 'db:5432'
+        restart: unless-stopped
+        stop_grace_period: 30s
+
+    frontend:
+        image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-1.24.0}
+        depends_on:
+            - cache
+            - db
+        networks:
+            - cache
+            - database
+            - frontend
+        volumes:
+            - static:/usr/share/django-ca/static/
+            - frontend_ca_dir:/var/lib/django-ca/certs/
+            - shared_ca_dir:/var/lib/django-ca/certs/ca/shared/
+            - ocsp_key_dir:/var/lib/django-ca/certs/ocsp/
+            - nginx_config:/usr/src/django-ca/nginx/
+        environment:
+            DJANGO_CA_ALLOWED_HOSTS:
+            DJANGO_CA_CA_DEFAULT_CA:
+            DJANGO_CA_CA_DEFAULT_HOSTNAME:
+            DJANGO_CA_CA_ENABLE_ACME:
+            DJANGO_CA_SECRET_KEY:
+            DJANGO_CA_SECRET_KEY_FILE: ${DJANGO_CA_SECRET_KEY_FILE:-/var/lib/django-ca/certs/ca/shared/secret_key}
+            DJANGO_CA_SETTINGS: ${DJANGO_CA_SETTINGS:-conf/:conf/compose}
+            POSTGRES_DB:
+            POSTGRES_DB_FILE:
+            POSTGRES_PASSWORD:
+            POSTGRES_PASSWORD_FILE:
+            POSTGRES_USER:
+            POSTGRES_USER_FILE:
+            WAIT_FOR_CONNECTIONS: 'db:5432'
+        restart: unless-stopped
+        healthcheck:
+            test: ["CMD", "/usr/src/django-ca/ca/uwsgi-health.py"]
+            timeout: 3s
+            start_period: 25s
+            interval: 10s
+        stop_signal: SIGINT
+
+    webserver:
+        image: nginx:1.22-alpine
+        command: /bin/sh -c "envsubst < /etc/nginx/conf.d/${NGINX_TEMPLATE:-default}.template > /etc/nginx/conf.d/default.conf && exec nginx -g 'daemon off;'"
+        depends_on:
+            frontend:
+                condition: service_healthy
+        environment:
+            NGINX_HOST: ${DJANGO_CA_CA_DEFAULT_HOSTNAME:-localhost}
+            NGINX_PORT: ${NGINX_PORT:-80}
+            NGINX_HTTPS_PORT: ${NGINX_HTTPS_PORT:-443}
+            NGINX_PRIVATE_KEY:
+            NGINX_PUBLIC_KEY:
+        ports:
+            - 80:80
+        networks:
+            - frontend
+            - public
+        volumes:
+            - nginx_config:/etc/nginx/conf.d/
+            - static:/usr/share/nginx/html/static/
+
+volumes:
+    shared:
+    static:
+    backend_ca_dir:
+    frontend_ca_dir:
+    shared_ca_dir:
+    ocsp_key_dir:
+    nginx_config:
+    pgdata:
+    redis:
+
+networks:
+    public:
+    frontend:
+        internal: true
+    cache:
+        internal: true
+    database:
+        internal: true
diff --git a/docs/source/changelog.rst b/docs/source/changelog.rst
@@ -6,9 +6,9 @@ ChangeLog
 
 .. _changelog-1.24.0:
 
-************
-1.24.0 (TBR)
-************
+*******************
+1.24.0 (2024-05-01)
+*******************
 
 .. WARNING::
 

diff --git a/docs/source/include/quickstart_with_docker_compose/setup-cas.yaml b/docs/source/include/quickstart_with_docker_compose/setup-cas.yaml
@@ -1,5 +1,5 @@
 commands:
     - command: docker compose exec backend manage createsuperuser
       run: docker compose exec backend manage shell -c "from django.contrib.auth import get_user_model; User = get_user_model(); User.objects.create_superuser('user', '[email protected]', 'nopass')"
-    - command: docker compose exec backend manage init_ca --path_length=1 Root /CN=Root
+    - command: docker compose exec backend manage init_ca --path-length=1 Root /CN=Root
     - command: docker compose exec backend manage init_ca --path=ca/shared/ --parent=Root Intermediate /CN=Intermediate
diff --git a/docs/source/quickstart_docker_compose.rst b/docs/source/quickstart_docker_compose.rst
@@ -79,6 +79,7 @@ bundled third-party Docker images.
 ====================================================== ===== =========== =====
 Version                                                Redis PostgreSQL  NGINX
 ====================================================== ===== =========== =====
+:download:`1.24.0 </_files/1.24.0/docker-compose.yml>` 7     12          1.23
 :download:`1.23.0 </_files/1.23.0/docker-compose.yml>` 7     12          1.23
 :download:`1.22.0 </_files/1.22.0/docker-compose.yml>` 7     12          1.20
 :download:`1.21.0 </_files/1.21.0/docker-compose.yml>` 6     12          1.20