add support for higher-bit HS/RS algorithms (TeslaGov#80)

* add support for higher-bit HS/RS algorithms
fixes TeslaGov#77

* add Git hooks

* use variable for Docker image name

* cleanup

Author: JoshMcCullough

.bin/git/hooks-wrapper

@@ -0,0 +1,43 @@
+#!/usr/bin/env bash
+
+# Runs all executable pre-commit-* hooks and exits after,
+# if any of them was not successful.
+#
+# Based on
+# https://github.com/ELLIOTTCABLE/Paws.js/blob/Master/Scripts/git-hooks/chain-hooks.sh
+# http://osdir.com/ml/git/2009-01/msg00308.html
+#
+# assumes your scripts are located at <repo-root>/bin/git/hooks
+
+exitcodes=()
+hookname=`basename $0`
+# our special hooks folder
+CUSTOM_HOOKS_DIR=$(git rev-parse --show-toplevel)/bin/git/hooks
+# find gits native hooks folder
+NATIVE_HOOKS_DIR=$(git rev-parse --show-toplevel)/.git/hooks
+
+# Run each hook, passing through STDIN and storing the exit code.
+# We don't want to bail at the first failure, as the user might
+# then bypass the hooks without knowing about additional issues.
+
+for hook in ${CUSTOM_HOOKS_DIR}/$(basename $0)-*; do
+    test -x "$hook" || continue
+
+    echo "Running custom hook '$hookname' ..."
+    out=`$hook "$@"`
+    exitcodes+=($?)
+    echo "$out"
+done
+
+# check if there was a local hook that was moved previously
+if [ -f "${NATIVE_HOOKS_DIR}/$hookname.local" ]; then
+    echo "Running native hook '$hookname' ..."
+    out=`${NATIVE_HOOKS_DIR}/$hookname.local "$@"`
+    exitcodes+=($?)
+    echo "$out"
+fi
+
+# If any exit code isn't 0, bail.
+for i in "${exitcodes[@]}"; do
+    [ "$i" == 0 ] || exit $i
+done

.bin/git/hooks/pre-push-build-and-test

@@ -0,0 +1,12 @@
+#!/usr/bin/env bash
+
+REPO_ROOT_DIR=$(git rev-parse --show-toplevel)
+CHANGE_COUNT=$(cd ${REPO_ROOT_DIR}; git diff --name-only origin/HEAD..HEAD -- resources/ src/ test/ Dockerfile scripts.sh |wc -l)
+
+if [[ "0" -ne "${CHANGE_COUNT}" ]]; then
+	(cd ${REPO_ROOT_DIR}; ./scripts.sh rebuild_nginx rebuild_test_runner test)
+else
+  HOOK_NAME=$(basename $0)
+
+	echo "Skipping hook '${HOOK_NAME}' -- no changes detected which would require tests to be run."
+fi

.bin/git/init-hooks

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+# based on http://stackoverflow.com/a/3464399/1383268
+# assumes that the hooks-wrapper script is located at <repo-root>/bin/git/hooks-wrapper
+
+HOOK_NAMES="applypatch-msg pre-applypatch post-applypatch pre-commit prepare-commit-msg commit-msg post-commit pre-rebase post-checkout post-merge pre-receive update post-receive post-update pre-auto-gc pre-push"
+# find git's native hooks folder
+REPO_ROOT_DIR=$(git rev-parse --show-toplevel)
+HOOKS_DIR=$(git rev-parse --show-toplevel)/.git/hooks
+
+for hook in ${HOOK_NAMES}; do
+    # If the hook already exists, is a file, and is not a symlink
+    if [ ! -h ${HOOKS_DIR}/${hook} ] && [ -f ${HOOKS_DIR}/${hook} ]; then
+        mv ${HOOKS_DIR}/${hook} ${HOOKS_DIR}/${hook}.local
+    fi
+    # create the symlink, overwriting the file if it exists
+    # probably the only way this would happen is if you're using an old version of git
+    # -- back when the sample hooks were not executable, instead of being named ____.sample
+    ln -s -f ${REPO_ROOT_DIR}/bin/git/hooks-wrapper ${HOOKS_DIR}/${hook}
+done

.bin/init

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+source $(dirname $0)/git/init-hooks

Dockerfile

@@ -1,40 +1,41 @@
-ARG NGINX_VERSION=1.22.0
+ARG NGINX_VERSION
 
 
 FROM debian:bullseye-slim as BASE_IMAGE
 LABEL stage=builder
-RUN apt-get update \
+RUN  apt-get update \
 	&& apt-get install -y curl build-essential
 
 
 FROM BASE_IMAGE as BUILD_IMAGE
 LABEL stage=builder
 ENV LD_LIBRARY_PATH=/usr/local/lib
 ARG NGINX_VERSION
-ADD . /root/dl/ngx-http-auth-jwt-module
-RUN set -x \
+RUN  set -x \
 	&& apt-get install -y libjwt-dev libjwt0 libjansson-dev libjansson4 libpcre2-dev zlib1g-dev libpcre3-dev \
-	&& mkdir -p /root/dl
-WORKDIR /root/dl
-RUN set -x \
-	&& curl -O http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz \
-	&& tar -xzf nginx-$NGINX_VERSION.tar.gz \
-	&& rm nginx-$NGINX_VERSION.tar.gz \
-	&& ln -sf nginx-$NGINX_VERSION nginx \
-	&& cd /root/dl/nginx \
-	&& ./configure --with-compat --add-dynamic-module=../ngx-http-auth-jwt-module \
+	&& mkdir -p /root/build/ngx-http-auth-jwt-module
+WORKDIR /root/build/ngx-http-auth-jwt-module
+ADD config ./
+ADD src/*.h src/*.c ./src/
+WORKDIR /root/build
+RUN  set -x \
+  && mkdir nginx \
+	&& curl -O http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz \
+	&& tar -xzf nginx-${NGINX_VERSION}.tar.gz --strip-components 1 -C nginx \
+	&& rm nginx-${NGINX_VERSION}.tar.gz
+WORKDIR /root/build/nginx
+RUN  ./configure --with-compat --add-dynamic-module=../ngx-http-auth-jwt-module \
 	&& make modules
 
 
 FROM nginx:${NGINX_VERSION}
 LABEL stage=builder
-RUN apt-get update \
-    && apt-get -y install libjansson4 libjwt0 \
+RUN  apt-get update \
+	&& apt-get -y install libjansson4 libjwt0 \
 	&& cd /etc/nginx \
-	&& cp nginx.conf nginx.conf.orig \
 	&& sed -ri '/pid\s+\/var\/run\/nginx\.pid;$/a load_module \/usr\/lib64\/nginx\/modules\/ngx_http_auth_jwt_module\.so;' nginx.conf
 
 
 LABEL stage=
 LABEL maintainer="TeslaGov" email="[email protected]"
-COPY --from=BUILD_IMAGE /root/dl/nginx/objs/ngx_http_auth_jwt_module.so /usr/lib64/nginx/modules/
+COPY --from=BUILD_IMAGE /root/build/nginx/objs/ngx_http_auth_jwt_module.so /usr/lib64/nginx/modules/