project init#1
Conversation
There was a problem hiding this comment.
Pull request overview
Initial project setup for a cross-platform “install CA cert” utility, including Linux (Bash) + Windows (PowerShell) installers and CI-backed test suites.
Changes:
- Add Linux (
install-ca-cert.sh) and Windows (install-ca-cert.ps1) CA installation scripts with browser trust-store handling. - Add containerized BATS tests for Linux and Pester tests for Windows, plus a GitHub Actions workflow to run them.
- Add test fixtures (certs/keys) and Docker build setup for Debian/Ubuntu test images.
Reviewed changes
Copilot reviewed 16 out of 16 changed files in this pull request and generated 14 comments.
Show a summary per file
| File | Description |
|---|---|
| install-ca-cert.sh | Linux CA install script with system + NSS DB updates |
| install-ca-cert.ps1 | Windows CA install script with Windows store + Firefox handling |
| tests/linux.bats | BATS test suite covering Linux system + browser trust behavior |
| tests/entrypoint.linux.sh | Starts local HTTPS server and runs BATS in container |
| tests/docker-linux-setup.sh | Provisions container dependencies + multiple browsers |
| tests/Dockerfile.ubuntu | Ubuntu-based test image build |
| tests/Dockerfile.debian | Debian-based test image build |
| tests/windows.ps1 | Pester tests with Read-Host mocking via child pwsh process |
| tests/run-tests.sh | Local runner to build/run Linux test images |
| tests/fixtures/test-ca.crt | Test CA certificate fixture |
| tests/fixtures/https-ca.crt | HTTPS CA certificate fixture |
| tests/fixtures/https-ca.key | HTTPS CA private key fixture (used by tests) |
| tests/fixtures/https-server.crt | HTTPS server certificate fixture |
| tests/fixtures/https-server.key | HTTPS server private key fixture (used by tests) |
| .github/workflows/test.yml | CI workflow running Linux (Docker+BATS) and Windows (Pester) tests |
| README.md | Project documentation and usage overview |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Agent-Logs-Url: https://github.com/IlmLV/install-ca-cert/sessions/8eacd854-f59c-4c77-bd9f-640977183f61 Co-authored-by: IlmLV <1309998+IlmLV@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Agent-Logs-Url: https://github.com/IlmLV/install-ca-cert/sessions/7b4b31b1-1c30-432b-b0f8-abe024ee0d51 Co-authored-by: IlmLV <1309998+IlmLV@users.noreply.github.com>
…parate gen scripts Agent-Logs-Url: https://github.com/IlmLV/install-ca-cert/sessions/7b4b31b1-1c30-432b-b0f8-abe024ee0d51 Co-authored-by: IlmLV <1309998+IlmLV@users.noreply.github.com>
…dows.ps1 Agent-Logs-Url: https://github.com/IlmLV/install-ca-cert/sessions/f5dd164f-c35a-424b-8e59-03646433fff4 Co-authored-by: IlmLV <1309998+IlmLV@users.noreply.github.com>
Two root causes were identified and both are now fixed: Linux BATS hang (primary issue): Fixed in
Windows Pester failure: Fixed in commit |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Two root-cause fixes: 1. Windows – MissingEndCurlyBrace parse error (all 10 Pester tests) Commit cc3d34d removed the UTF-8 BOM from install-ca.ps1. PowerShell 5.1 then reads the file with the system default encoding (Windows-1252). The UTF-8 em-dash E2 80 94 puts byte 0x94 at an offset that Windows-1252 maps to U+201D (right double quotation mark). PS 5.1 treats that codepoint as a string terminator, so every double-quoted string containing an em-dash is prematurely closed, producing cascading MissingEndCurlyBrace errors. Fix: re-add the UTF-8 BOM (EF BB BF) to install-ca.ps1 and tests/generate-certs.ps1 so PS 5.1 reads them as UTF-8. 2. Linux – "Bad file descriptor" for HTTPS_STDIN_KEEPALIVE (all BATS) The coproc approach added in d0932f7 fails in Docker because the coproc file descriptor is not accessible for redirection inside the container. openssl s_server in -www mode does not read from stdin, so giving it </dev/null (immediate EOF) is safe and portable. Fix: remove coproc, redirect openssl stdin from /dev/null, update the EXIT trap accordingly. Agent-Logs-Url: https://github.com/IlmLV/install-ca/sessions/fc153165-2d3d-4e64-a7fb-11bb123372d1 Co-authored-by: IlmLV <1309998+IlmLV@users.noreply.github.com>
The test "oneliner: Install with no args fails with error" expected
ExitCode=1 but got 0.
Root cause: Invoke-Oneliner built a -Command string ending with just
"Install". PowerShell's -Command mode sets process exit code to 1 only
for terminating errors, not for a function's return value. When Install
returns 1 (No CA source provided), the process exited with 0.
Fix: capture the return value and exit with it explicitly:
$__ec = Install ...; if ($null -ne $__ec) { exit [int]$__ec }
This mirrors what the -File path already does at the bottom of
install-ca.ps1 (lines 552-561).
Agent-Logs-Url: https://github.com/IlmLV/install-ca/sessions/0b54461e-3148-441f-a154-3426d018d6eb
Co-authored-by: IlmLV <1309998+IlmLV@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 6 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 17 out of 17 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
install-ca is a cross-platform tool that installs a custom CA certificate into all system and browser trust stores in a single run — on Linux (Debian/Ubuntu) via Bash, and on Windows via PowerShell.
What this PR adds
install-ca.sh— Bash script for Linux: installs the CA into the system store (/usr/local/share/ca-certificates/) viaupdate-ca-certificates, and into NSS databases for Chrome, Chromium, Edge, Brave, and Firefox viacertutilinstall-ca.ps1— PowerShell script for Windows: installs the CA intoLocalMachine\Root(covering all Chromium-based browsers) and into Firefox profiles viacertutil.exe-yto suppress), and support force-reinstall (-f)✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.