initial init

.github/workflows/push.yml

@@ -0,0 +1,55 @@
+on:
+    push:
+
+name: push
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v2
+        with:
+          # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version.
+          version: v1.29
+  test:
+    name: Test with Coverage
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Go
+        uses: actions/setup-go@v1
+        with:
+          go-version: '1.14.9'
+      - name: Check out code
+        uses: actions/checkout@v2
+      - name: Install dependencies
+        run: |
+          go mod download
+      - name: Run Unit tests
+        run: |
+          go test -race -covermode atomic -coverprofile=covprofile ./...
+      - name: Send coverage
+        uses: shogo82148/actions-goveralls@v1
+        with:
+          path-to-profile: covprofile
+  build:
+    name: test, build
+    runs-on: ubuntu-latest
+    steps:
+      - name: install go
+        uses: actions/setup-go@v2
+        with:
+          go-version: '1.14.9'
+
+      - name: git checkout
+        uses: actions/checkout@v2
+
+      - name: install lint
+        run: GO111MODULE=off go get golang.org/x/lint/golint
+
+      - name: run golint and go fmt
+        run: ./tests/fmtlint.sh
+
+      - name: go build
+        run: go build

.github/workflows/release.yml

@@ -0,0 +1,27 @@
+on:
+  push:
+    tags:
+      - '*'
+
+name: release
+jobs:
+    release:
+        name: run gorleaser
+        runs-on: ubuntu-latest
+        steps:
+          - name: git checkout
+            uses: actions/checkout@v2
+
+          - name: Set up Go
+            uses: actions/setup-go@v2
+            with:
+              go-version: 1.14.9
+
+          - name: Run GoReleaser
+            uses: goreleaser/goreleaser-action@v2
+            with:
+              version: latest
+              args: release --rm-dist
+            env:
+              GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+

.gitignore

@@ -0,0 +1 @@
+certificateDownloader

README.md

@@ -0,0 +1,29 @@
+# certificateDownloader
+[![Go Report Card](https://goreportcard.com/badge/github.com/Jmainguy/certificateDownloader)](https://goreportcard.com/badge/github.com/Jmainguy/certificateDownloader)
+[![Release](https://img.shields.io/github/release/Jmainguy/certificateDownloader.svg?style=flat-square)](https://github.com/Jmainguy/certificateDownloader/releases/latest)
+[![Coverage Status](https://coveralls.io/repos/github/Jmainguy/certificateDownloader/badge.svg?branch=main)](https://coveralls.io/github/Jmainguy/certificateDownloader?branch=main)
+
+This command is designed to to bump the version in CHANGELOG.md and RELEASE
+
+## Usage
+```/bin/bash
+Usage of ./certificateDownloader:
+  -pem string
+    	pem file to write to, insecure.pem by default (default "insecure.pem")
+  -updateFedora
+    	write pem to /etc/pki/ca-trust/source/anchors and run update-ca-trust
+  -uri string
+    	A hostname and port, jmainguy.com:443 for example (default "jmainguy.com:443")
+```
+```/bin/bash
+./certificateDownloader -updateFedora
+```
+
+## PreBuilt Binaries
+Grab Binaries from [The Releases Page](https://github.com/Jmainguy/certificateDownloader/releases)
+
+## Build
+```/bin/bash
+export GO111MODULE=on
+go build
+```

go.mod

@@ -0,0 +1,3 @@
+module github.com/jmainguy/certificateDownloader
+
+go 1.15

insecure.pem

@@ -0,0 +1,56 @@
+-----BEGIN CERTIFICATE-----
+MIIFMDCCBBigAwIBAgISA8SwHml/qEqZaPC7Gif0oX1kMA0GCSqGSIb3DQEBCwUA
+MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
+EwJSMzAeFw0yMDEyMDcwNTAwMzhaFw0yMTAzMDcwNTAwMzhaMBcxFTATBgNVBAMT
+DGptYWluZ3V5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMB/
+ABX7ttqoSlrhyfrOhay2Kgd3od2oCcUOaBydEFG2Ague6VCrjWY31tu1j7BcCIex
+0wyxQb54utGhXMiq8Gwnv0F3+XKYKrq7IBiv7bP/qTPEZrHz4fYIXbLhgyDOlhHO
+F6Egr9O4YAQAI1EdpqOXuOo1q/TMoTUsjU/4iIG/rjuKAbktt3mjVAd6EJ8ScLxI
+NPb8/O22Fz2LO4c2CRGqGhsJQPg1Uj5eEa0TargNQdzCKsShByeMAPURHQD+xBQf
+/loxx0CC8Bgv7asKyeQvgFLIjIsSJpdnkkD7cmWSlNrHQPDOZw9rgHL6Niu+AmOF
+trH68/vqweVCMgf0iacCAwEAAaOCAlkwggJVMA4GA1UdDwEB/wQEAwIFoDAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4E
+FgQUheVlWeV1jIPuBvskqFFFWyEP3YMwHwYDVR0jBBgwFoAUFC6zF7dYVsuuUAlA
+5h+vnYsUwsYwVQYIKwYBBQUHAQEESTBHMCEGCCsGAQUFBzABhhVodHRwOi8vcjMu
+by5sZW5jci5vcmcwIgYIKwYBBQUHMAKGFmh0dHA6Ly9yMy5pLmxlbmNyLm9yZy8w
+KQYDVR0RBCIwIIIMam1haW5ndXkuY29tghB3d3cuam1haW5ndXkuY29tMEwGA1Ud
+IARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0
+dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDw
+AHUAfT7y+I//iFVoJMLAyp5SiXkrxQ54CX8uapdomX4i8NcAAAF2O8miawAABAMA
+RjBEAiANPSszNirQn07BVsBz5kv94x5vIy8bDnioEnfZnpbFRwIgQ9Sw2cyywx9Y
+Xk1arMTL6p3+7PhIvrIBBnc9lDWd4wgAdwBc3EOS/uarRUSxXprUVuYQN/vV+kfc
+oXOUsl7m9scOygAAAXY7yaOPAAAEAwBIMEYCIQCeQhYGsJC7NHKDl+RyGmSOM03M
+1a1Zgr6hBlYTX+lJ3AIhAKjCSyTb6SRspohdiINNAf3NyGpJ84KYGrcSmHUDPvFZ
+MA0GCSqGSIb3DQEBCwUAA4IBAQB6bZIorXiQf9iXL/FdJDW4eAze6tI+YLX53e6j
+3Zwg+/qGFaFabO7ntGXfgOSeGNjiHgUpJ7qYyczA+QeOy9jOp83ISLLlHqZCAh4s
+oaGme0tYmOIVwB+5fBelgFSQLuLWSpFYa186fES47H95ruBEbF4V4QrwVWnzsiQF
++reI4r+pfhgwQslbkIaOzTRWpCoQz4Pf/wiSox03gXAc3uNwAkYBSS8piriOuR2Z
+C44FijW0IzJibf5QQeJRkhf2Lh8GVeqEm4YmRqD11h7SnCBobaDxsXM038oV8am8
+g4bU2W9RWwNwmwYqyRzNuq9qTuUPSTivZcYhLLySb8cdcVXH
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFow
+MjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMT
+AlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLs
+jVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKp
+Tm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnB
+U840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7
+gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel
+/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1R
+oYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E
+BAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5p
+ZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTE
+p7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEE
+AYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2Vu
+Y3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0
+LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYf
+r52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
+AQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kH
+ejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8
+S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfL
+qjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9p
+O5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2Tw
+UdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg==
+-----END CERTIFICATE-----

main.go

@@ -0,0 +1,69 @@
+package main
+
+import (
+	"bytes"
+	"crypto/tls"
+	"encoding/pem"
+	"flag"
+	"fmt"
+	"io/ioutil"
+	"os/exec"
+)
+
+// https://stackoverflow.com/a/46735876
+func getCertificatesPEM(address string) ([]byte, error) {
+	conn, err := tls.Dial("tcp", address, &tls.Config{
+		InsecureSkipVerify: true,
+	})
+	if err != nil {
+		return []byte(""), err
+	}
+	defer conn.Close()
+	var b bytes.Buffer
+	for _, cert := range conn.ConnectionState().PeerCertificates {
+		err := pem.Encode(&b, &pem.Block{
+			Type:  "CERTIFICATE",
+			Bytes: cert.Raw,
+		})
+		if err != nil {
+			return []byte(""), err
+		}
+	}
+	certs := b.Bytes()
+	return certs, nil
+}
+
+func updateFedora(certs []byte) {
+	err := ioutil.WriteFile("/etc/pki/ca-trust/source/anchors/insecure.pem", certs, 0644)
+	if err != nil {
+		fmt.Println(err)
+	}
+	cmd := exec.Command("update-ca-trust")
+
+	err = cmd.Run()
+
+	if err != nil {
+		fmt.Println(err)
+	}
+}
+
+func main() {
+	uriPtr := flag.String("uri", "jmainguy.com:443", "A hostname and port, jmainguy.com:443 for example")
+	pemPtr := flag.String("pem", "insecure.pem", "pem file to write to, insecure.pem by default")
+	updateFedoraPtr := flag.Bool("updateFedora", false, "write pem to /etc/pki/ca-trust/source/anchors and run update-ca-trust")
+
+	flag.Parse()
+
+	certs, err := getCertificatesPEM(*uriPtr)
+	if err != nil {
+		fmt.Println(err)
+	}
+	if *updateFedoraPtr {
+		updateFedora(certs)
+	} else {
+		err = ioutil.WriteFile(*pemPtr, certs, 0644)
+		if err != nil {
+			fmt.Println(err)
+		}
+	}
+}

tests/fmtlint.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+FormatCheck=$(gofmt -l *.go | wc -l)
+if [ $FormatCheck -gt 0 ]; then
+    gofmt -l *.go
+    echo "gofmt -w *.go your code please."
+    exit 1
+fi
+## Run golint
+golint -set_exit_status
+if [ $? -gt 0 ]; then
+    exit 1
+fi