upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-04 22:33:00 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 5
certbot/certbot-ci/certbot_integration_tests/utils/certbot_call.py

162 lines
7 KiB
Python
Raw Permalink Normal View History

Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
#!/usr/bin/env python
"""Module to call certbot in test mode"""
Reorganize imports (#7616) * Isort execution * Fix pylint, adapt coverage * New isort * Fix magic_typing lint * Second round * Fix pylint * Third round. Store isort configuration * Fix latest mistakes * Other fixes * Add newline * Fix lint errors
2019-12-09 15:50:20 -05:00
import os
Add Python 3.10 support and tests (#9077) Fixes https://github.com/certbot/certbot/issues/9058. The changes to the CI config are equivalent to the ones made in https://github.com/certbot/certbot/pull/8460. Other than ignoring some warnings raised by botocore, the main additional work that had to be done here was switching away from using `distutils.version.LooseVersion` since the entire `distutils` module was deprecated in Python 3.10. To do that, I took a few different approaches: * If the version strings being parsed are from Python packages such as Certbot or setuptools, I switched to using [pkg_resources.parse_version](https://setuptools.pypa.io/en/latest/pkg_resources.html#parsing-utilities) from `setuptools`. This functionality has been available since [setuptools 8.0 from 2014](https://setuptools.pypa.io/en/latest/history.html#id865). * If the version strings being parsed are not from Python packages, I added code equivalent to `distutils.version.LooseVersion` in `certbot.util.parse_loose_version`. * The code for `CERTBOT_PIP_NO_BINARY` can be completely removed since that variable isn't used or referenced anywhere in this repo. * add python 3.10 support * make some version changes * don't use looseversion in setup.py * switch to pkg_resources * deprecate get_strict_version * fix route53 tests * remove unused CERTBOT_PIP_NO_BINARY code * stop using distutils in letstest * add unit tests * more changelog entries
2021-11-08 18:55:32 -05:00
import pkg_resources
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
import subprocess
import sys
Fully type certbot-ci module (#9120) * Fully type certbot-ci module * Fix lint, focus lint * Add trailing comma * Remove unused private function * Type properly for future usages * Update certbot-ci/certbot_integration_tests/utils/acme_server.py Co-authored-by: alexzorin <alex@zor.io> * Cleanup files * Fix import * Fix mypy and lint Co-authored-by: alexzorin <alex@zor.io>
2021-11-29 16:24:39 -05:00
from typing import Dict
from typing import List
from typing import Mapping
from typing import Tuple
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
Fix PYTHONPATH in integration tests (#7357) This PR supersedes #7353. It fixes the execution of nginx oldest tests when these tests are executed on top of the modifications made in #7337. This execution failure revealed the fact that in some cases, the wrong version of certbot logic was used during integration tests (namely the logic lying in the codebase of the branch built, instead of the logic from the version of certbot declared by certbot-nginx for instance). I let you appreciate my inline comment for the explanation and the workaround. Thanks a lot to @bmw who found this python/pytest madness. You can see the oldest tests succeeding with the logic of #7337 + this PR here: https://travis-ci.com/certbot/certbot/builds/124816254 * Remove certbot root from PYTHONPATH during integration tests * Add a biiiiig comment.
2019-08-27 19:25:31 -04:00
import certbot_integration_tests
Added certbot-ci to lint section. Silenced and fixed linting warnings. (#8450)
2020-12-16 14:34:12 -05:00
# pylint: disable=wildcard-import,unused-wildcard-import
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
from certbot_integration_tests.utils.constants import *
Fully type certbot apache (#9177) * Work in progress * Work in progress * Work in progress * Work in progress * Fix issues around nullability of VirtualHost.path, may discuss that during review * Work in progress * Fix remaining types * Various lint fixes * Reconfigure tox and mypy to disallow untyped defs globally * Cleanup compatibility tests * Use cast for unused v2 logic * Improve types * Remove unused comment * Fix coverage * Better types * Fix another type * Update certbot-apache/certbot_apache/_internal/apacheparser.py Co-authored-by: alexzorin <alex@zor.io> * Update certbot-apache/certbot_apache/_internal/assertions.py Co-authored-by: alexzorin <alex@zor.io> * Fix type * Various fixes * Refactor imports * Keep naming convention consistent on TypeVars * Improve types * Improve types * Remove remaining Sequence[str] in the project Co-authored-by: alexzorin <alex@zor.io>
2022-01-31 03:17:40 -05:00
def certbot_test(certbot_args: List[str], directory_url: str, http_01_port: int,
Fully type certbot-ci module (#9120) * Fully type certbot-ci module * Fix lint, focus lint * Add trailing comma * Remove unused private function * Type properly for future usages * Update certbot-ci/certbot_integration_tests/utils/acme_server.py Co-authored-by: alexzorin <alex@zor.io> * Cleanup files * Fix import * Fix mypy and lint Co-authored-by: alexzorin <alex@zor.io>
2021-11-29 16:24:39 -05:00
tls_alpn_01_port: int, config_dir: str, workspace: str,
force_renew: bool = True) -> Tuple[str, str]:
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
"""
Invoke the certbot executable available in PATH in a test context for the given args.
The test context consists in running certbot in debug mode, with various flags suitable
for tests (eg. no ssl check, customizable ACME challenge ports and config directory ...).
Update coverage and pytest (#8875) * unpin pytest and update pinnings * ignore external mock warnings * fix assertion * fix test_revoke_mutual_exclusive_flags * fix output count * capture stdout and stderr separately * undouble counts * rename variable * don't use capture_output * fix leaky test * update coverage
2021-05-31 03:01:01 -04:00
This command captures both stdout and stderr and returns it to the caller.
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
:param list certbot_args: the arguments to pass to the certbot executable
:param str directory_url: URL of the ACME directory server to use
:param int http_01_port: port for the HTTP-01 challenges
:param int tls_alpn_01_port: port for the TLS-ALPN-01 challenges
:param str config_dir: certbot configuration directory to use
:param str workspace: certbot current directory to use
:param bool force_renew: set False to not force renew existing certificates (default: True)
Update coverage and pytest (#8875) * unpin pytest and update pinnings * ignore external mock warnings * fix assertion * fix test_revoke_mutual_exclusive_flags * fix output count * capture stdout and stderr separately * undouble counts * rename variable * don't use capture_output * fix leaky test * update coverage
2021-05-31 03:01:01 -04:00
:return: stdout and stderr as strings
:rtype: `tuple` of `str`
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
"""
command, env = _prepare_args_env(certbot_args, directory_url, http_01_port, tls_alpn_01_port,
config_dir, workspace, force_renew)
Update coverage and pytest (#8875) * unpin pytest and update pinnings * ignore external mock warnings * fix assertion * fix test_revoke_mutual_exclusive_flags * fix output count * capture stdout and stderr separately * undouble counts * rename variable * don't use capture_output * fix leaky test * update coverage
2021-05-31 03:01:01 -04:00
proc = subprocess.run(command, stdout=subprocess.PIPE,
stderr=subprocess.PIPE, check=False, universal_newlines=True,
cwd=workspace, env=env)
print('--> Certbot log output was:')
print(proc.stderr)
proc.check_returncode()
return proc.stdout, proc.stderr
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
Fully type certbot-ci module (#9120) * Fully type certbot-ci module * Fix lint, focus lint * Add trailing comma * Remove unused private function * Type properly for future usages * Update certbot-ci/certbot_integration_tests/utils/acme_server.py Co-authored-by: alexzorin <alex@zor.io> * Cleanup files * Fix import * Fix mypy and lint Co-authored-by: alexzorin <alex@zor.io>
2021-11-29 16:24:39 -05:00
def _prepare_environ(workspace: str) -> Dict[str, str]:
Added certbot-ci to lint section. Silenced and fixed linting warnings. (#8450)
2020-12-16 14:34:12 -05:00
# pylint: disable=missing-function-docstring
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
new_environ = os.environ.copy()
new_environ['TMPDIR'] = workspace
Fix PYTHONPATH in integration tests (#7357) This PR supersedes #7353. It fixes the execution of nginx oldest tests when these tests are executed on top of the modifications made in #7337. This execution failure revealed the fact that in some cases, the wrong version of certbot logic was used during integration tests (namely the logic lying in the codebase of the branch built, instead of the logic from the version of certbot declared by certbot-nginx for instance). I let you appreciate my inline comment for the explanation and the workaround. Thanks a lot to @bmw who found this python/pytest madness. You can see the oldest tests succeeding with the logic of #7337 + this PR here: https://travis-ci.com/certbot/certbot/builds/124816254 * Remove certbot root from PYTHONPATH during integration tests * Add a biiiiig comment.
2019-08-27 19:25:31 -04:00
# So, pytest is nice, and a little too nice for our usage.
# In order to help user to call seamlessly any piece of python code without requiring to
# install it as a full-fledged setuptools distribution for instance, it may inject the path
# to the test files into the PYTHONPATH. This allows the python interpreter to import
# as modules any python file available at this path.
# See https://docs.pytest.org/en/3.2.5/pythonpath.html for the explanation and description.
# However this behavior is not good in integration tests, in particular the nginx oldest ones.
# Indeed during these kind of tests certbot is installed as a transitive dependency to
# certbot-nginx. Here is the trick: this certbot version is not necessarily the same as
# the certbot codebase lying in current working directory. For instance in oldest tests
# certbot==0.36.0 may be installed while the codebase corresponds to certbot==0.37.0.dev0.
# Then during a pytest run, PYTHONPATH contains the path to the Certbot codebase, so invoking
# certbot will import the modules from the codebase (0.37.0.dev0), not from the
# required/installed version (0.36.0).
# This will lead to funny and totally incomprehensible errors. To avoid that, we ensure that
# if PYTHONPATH is set, it does not contain the path to the root of the codebase.
if new_environ.get('PYTHONPATH'):
# certbot_integration_tests.__file__ is:
# '/path/to/certbot/certbot-ci/certbot_integration_tests/__init__.pyc'
# ... and we want '/path/to/certbot'
Added certbot-ci to lint section. Silenced and fixed linting warnings. (#8450)
2020-12-16 14:34:12 -05:00
certbot_root = os.path.dirname(os.path.dirname(
os.path.dirname(certbot_integration_tests.__file__))
)
python_paths = [
path for path in new_environ['PYTHONPATH'].split(':')
if path != certbot_root
]
Fix PYTHONPATH in integration tests (#7357) This PR supersedes #7353. It fixes the execution of nginx oldest tests when these tests are executed on top of the modifications made in #7337. This execution failure revealed the fact that in some cases, the wrong version of certbot logic was used during integration tests (namely the logic lying in the codebase of the branch built, instead of the logic from the version of certbot declared by certbot-nginx for instance). I let you appreciate my inline comment for the explanation and the workaround. Thanks a lot to @bmw who found this python/pytest madness. You can see the oldest tests succeeding with the logic of #7337 + this PR here: https://travis-ci.com/certbot/certbot/builds/124816254 * Remove certbot root from PYTHONPATH during integration tests * Add a biiiiig comment.
2019-08-27 19:25:31 -04:00
new_environ['PYTHONPATH'] = ':'.join(python_paths)
return new_environ
Fully type certbot-ci module (#9120) * Fully type certbot-ci module * Fix lint, focus lint * Add trailing comma * Remove unused private function * Type properly for future usages * Update certbot-ci/certbot_integration_tests/utils/acme_server.py Co-authored-by: alexzorin <alex@zor.io> * Cleanup files * Fix import * Fix mypy and lint Co-authored-by: alexzorin <alex@zor.io>
2021-11-29 16:24:39 -05:00
def _compute_additional_args(workspace: str, environ: Mapping[str, str],
force_renew: bool) -> List[str]:
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
additional_args = []
Fix PYTHONPATH in integration tests (#7357) This PR supersedes #7353. It fixes the execution of nginx oldest tests when these tests are executed on top of the modifications made in #7337. This execution failure revealed the fact that in some cases, the wrong version of certbot logic was used during integration tests (namely the logic lying in the codebase of the branch built, instead of the logic from the version of certbot declared by certbot-nginx for instance). I let you appreciate my inline comment for the explanation and the workaround. Thanks a lot to @bmw who found this python/pytest madness. You can see the oldest tests succeeding with the logic of #7337 + this PR here: https://travis-ci.com/certbot/certbot/builds/124816254 * Remove certbot root from PYTHONPATH during integration tests * Add a biiiiig comment.
2019-08-27 19:25:31 -04:00
output = subprocess.check_output(['certbot', '--version'],
universal_newlines=True, stderr=subprocess.STDOUT,
cwd=workspace, env=environ)
Added certbot-ci to lint section. Silenced and fixed linting warnings. (#8450)
2020-12-16 14:34:12 -05:00
# Typical response is: output = 'certbot 0.31.0.dev0'
version_str = output.split(' ')[1].strip()
Add Python 3.10 support and tests (#9077) Fixes https://github.com/certbot/certbot/issues/9058. The changes to the CI config are equivalent to the ones made in https://github.com/certbot/certbot/pull/8460. Other than ignoring some warnings raised by botocore, the main additional work that had to be done here was switching away from using `distutils.version.LooseVersion` since the entire `distutils` module was deprecated in Python 3.10. To do that, I took a few different approaches: * If the version strings being parsed are from Python packages such as Certbot or setuptools, I switched to using [pkg_resources.parse_version](https://setuptools.pypa.io/en/latest/pkg_resources.html#parsing-utilities) from `setuptools`. This functionality has been available since [setuptools 8.0 from 2014](https://setuptools.pypa.io/en/latest/history.html#id865). * If the version strings being parsed are not from Python packages, I added code equivalent to `distutils.version.LooseVersion` in `certbot.util.parse_loose_version`. * The code for `CERTBOT_PIP_NO_BINARY` can be completely removed since that variable isn't used or referenced anywhere in this repo. * add python 3.10 support * make some version changes * don't use looseversion in setup.py * switch to pkg_resources * deprecate get_strict_version * fix route53 tests * remove unused CERTBOT_PIP_NO_BINARY code * stop using distutils in letstest * add unit tests * more changelog entries
2021-11-08 18:55:32 -05:00
if pkg_resources.parse_version(version_str) >= pkg_resources.parse_version('0.30.0'):
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
additional_args.append('--no-random-sleep-on-renew')
if force_renew:
additional_args.append('--renew-by-default')
Fix PYTHONPATH in integration tests (#7357) This PR supersedes #7353. It fixes the execution of nginx oldest tests when these tests are executed on top of the modifications made in #7337. This execution failure revealed the fact that in some cases, the wrong version of certbot logic was used during integration tests (namely the logic lying in the codebase of the branch built, instead of the logic from the version of certbot declared by certbot-nginx for instance). I let you appreciate my inline comment for the explanation and the workaround. Thanks a lot to @bmw who found this python/pytest madness. You can see the oldest tests succeeding with the logic of #7337 + this PR here: https://travis-ci.com/certbot/certbot/builds/124816254 * Remove certbot root from PYTHONPATH during integration tests * Add a biiiiig comment.
2019-08-27 19:25:31 -04:00
return additional_args
Fully type certbot apache (#9177) * Work in progress * Work in progress * Work in progress * Work in progress * Fix issues around nullability of VirtualHost.path, may discuss that during review * Work in progress * Fix remaining types * Various lint fixes * Reconfigure tox and mypy to disallow untyped defs globally * Cleanup compatibility tests * Use cast for unused v2 logic * Improve types * Remove unused comment * Fix coverage * Better types * Fix another type * Update certbot-apache/certbot_apache/_internal/apacheparser.py Co-authored-by: alexzorin <alex@zor.io> * Update certbot-apache/certbot_apache/_internal/assertions.py Co-authored-by: alexzorin <alex@zor.io> * Fix type * Various fixes * Refactor imports * Keep naming convention consistent on TypeVars * Improve types * Improve types * Remove remaining Sequence[str] in the project Co-authored-by: alexzorin <alex@zor.io>
2022-01-31 03:17:40 -05:00
def _prepare_args_env(certbot_args: List[str], directory_url: str, http_01_port: int,
Fully type certbot-ci module (#9120) * Fully type certbot-ci module * Fix lint, focus lint * Add trailing comma * Remove unused private function * Type properly for future usages * Update certbot-ci/certbot_integration_tests/utils/acme_server.py Co-authored-by: alexzorin <alex@zor.io> * Cleanup files * Fix import * Fix mypy and lint Co-authored-by: alexzorin <alex@zor.io>
2021-11-29 16:24:39 -05:00
tls_alpn_01_port: int, config_dir: str, workspace: str,
force_renew: bool) -> Tuple[List[str], Dict[str, str]]:
Fix PYTHONPATH in integration tests (#7357) This PR supersedes #7353. It fixes the execution of nginx oldest tests when these tests are executed on top of the modifications made in #7337. This execution failure revealed the fact that in some cases, the wrong version of certbot logic was used during integration tests (namely the logic lying in the codebase of the branch built, instead of the logic from the version of certbot declared by certbot-nginx for instance). I let you appreciate my inline comment for the explanation and the workaround. Thanks a lot to @bmw who found this python/pytest madness. You can see the oldest tests succeeding with the logic of #7337 + this PR here: https://travis-ci.com/certbot/certbot/builds/124816254 * Remove certbot root from PYTHONPATH during integration tests * Add a biiiiig comment.
2019-08-27 19:25:31 -04:00
new_environ = _prepare_environ(workspace)
additional_args = _compute_additional_args(workspace, new_environ, force_renew)
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
command = [
'certbot',
'--server', directory_url,
'--no-verify-ssl',
'--http-01-port', str(http_01_port),
'--https-port', str(tls_alpn_01_port),
Fix add deprecated argument (#8500) Fixes https://github.com/certbot/certbot/issues/8495. To further explain the problem here, `modify_kwargs_for_default_detection` as called in `add` is simplistic and doesn't always work. See https://github.com/certbot/certbot/issues/6164 for one other example. In this case, were bitten by the code https://github.com/certbot/certbot/blob/d1e7404358c05734aaf436ef3c9d709029d62b09/certbot/certbot/_internal/cli/helpful.py#L393-L395 The action used for deprecated arguments isn't in `ZERO_ARG_ACTIONS` so it assumes that all deprecated flags take one parameter. Rather than trying to fix this function (which I think can only realistically be fixed by https://github.com/certbot/certbot/issues/4493), I took the approach that was previously used in `HelpfulArgumentParser.add_deprecated_argument` of bypassing this extra logic entirely. I adapted that function to now call `HelpfulArgumentParser.add` as well for consistency and to make testing easier. * Rename deprecated arg action class * Skip extra parsing for deprecated arguments * Add back test of --manual-public-ip-logging-ok * Add changelog entry
2020-12-02 18:08:07 -05:00
'--manual-public-ip-logging-ok',
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
'--config-dir', config_dir,
'--work-dir', os.path.join(workspace, 'work'),
'--logs-dir', os.path.join(workspace, 'logs'),
'--non-interactive',
'--no-redirect',
'--agree-tos',
'--register-unsafely-without-email',
'--debug',
'-vv'
]
command.extend(certbot_args)
command.extend(additional_args)
print('--> Invoke command:\n=====\n{0}\n====='.format(subprocess.list2cmdline(command)))
return command, new_environ
Fully type certbot-ci module (#9120) * Fully type certbot-ci module * Fix lint, focus lint * Add trailing comma * Remove unused private function * Type properly for future usages * Update certbot-ci/certbot_integration_tests/utils/acme_server.py Co-authored-by: alexzorin <alex@zor.io> * Cleanup files * Fix import * Fix mypy and lint Co-authored-by: alexzorin <alex@zor.io>
2021-11-29 16:24:39 -05:00
def main() -> None:
Added certbot-ci to lint section. Silenced and fixed linting warnings. (#8450)
2020-12-16 14:34:12 -05:00
# pylint: disable=missing-function-docstring
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
args = sys.argv[1:]
# Default config is pebble
directory_url = os.environ.get('SERVER', PEBBLE_DIRECTORY_URL)
Fix test farm tests by using a local Pebble instance (#8561) [As discussed in Mattermost](https://opensource.eff.org/eff-open-source/pl/yhtp4qu4zpfczm5wxmzxhndrto), our Apache test farm tests are failing because the CA certificate in the old version of boulder we have pinned expired over the weekend. This PR fixes that by running a local Pebble instance instead of an external boulder instance. * switch from external boulder to local pebble * add --http-01-port to run_acme_server
2020-12-22 13:24:20 -05:00
http_01_port = int(os.environ.get('HTTP_01_PORT', DEFAULT_HTTP_01_PORT))
Add executable scripts to start certbot and acme server in certbot-ci (#7073) During review of #6989, we saw that some of our test bash scripts were still used in the Boulder project in particular. It is about `tests/integration/_common.sh` in particular, to expose the `certbot_test` bash function, that is an appropriate way to execute a local version of certbot in test mode: define a custom server, remove several checks, full log and so on. This PR is an attempt to assert this goal: exposing a new `certbot_test` executable for test purpose. More generally, this PR is about giving well suited scripts to quickly make manual tests against certbot without launching the full automated pytest suite. The idea here is to leverage the existing logic in certbot-ci, and expose it as executable scripts. This is done thanks to the `console_scripts` entry of setuptools entrypoint feature, that install scripts in the `PATH`, when `pip install` is invoked, that delegate to specific functions in the installed packages. Two scripts are defined this way: * `certbot_test`: it executes certbot in test mode in a very similar way than the original `certbot_test` in `_common.sh`, by delegating to `certbot_integration_tests.utils.certbot_call:main`. By default this execution will target a pebble directory url started locally. The url, and also http-01/tls-alpn-01 challenge ports can be configured using ad-hoc environment variables. All arguments passed to `certbot_test` are transferred to the underlying certbot command. * `acme_server`: it set up a fully running instance of an ACME server, ready for tests (in particular, all FQDN resolves to localhost in order to target a locally running `certbot_test` command) by delegating to `certbot_integration_tests.utils.acme_server:main`. The choice of the ACME server is given by the first parameter passed to `acme_server`, it can be `pebble`, `boulder-v1` or `boulder-v2`. The command keeps running on foreground, displaying the logs of the ACME server on stdout/stderr. The server is shut down and resources cleaned upon entering CTRL+C. This two commands can be run also through the underlying python modules, that are executable. Finally, a typical workflow on certbot side to run manual tests would be: ``` cd certbot tools/venv.py source venv/bin/activate acme_server pebble & certbot_test certonly --standalone -d test.example.com ``` On boulder side it could be: ``` # Follow certbot dev environment setup instructions, then ... cd boulder docker-compose run --use-aliases -e FAKE_DNS=172.17.0.1 --service-ports boulder ./start.py SERVER=http://localhost:4001/directory certbot_test certonly --standalone -d test.example.com ``` * Configure certbot-ci to expose a certbot_test console script calling certbot in test mode against a local pebble instance * Add a command to start pebble/boulder * Use explicit start * Add execution permission to acme_server * Add a docstring to certbot_test function * Change executable name * Increase sleep to 3600s * Implement a context manager to handle the acme server * Add certbot_test workspace in .gitignore * Add documentation * Remove one function in context, split logic of certbot_test towards capturing non capturing * Use an explicit an properly configured ACMEServer as handler. * Add doc. Put constants.
2019-06-12 20:19:23 -04:00
tls_alpn_01_port = int(os.environ.get('TLS_ALPN_01_PORT', TLS_ALPN_01_PORT))
# Execution of certbot in a self-contained workspace
workspace = os.environ.get('WORKSPACE', os.path.join(os.getcwd(), '.certbot_test_workspace'))
if not os.path.exists(workspace):
print('--> Creating a workspace for certbot_test: {0}'.format(workspace))
os.mkdir(workspace)
else:
print('--> Using an existing workspace for certbot_test: {0}'.format(workspace))
config_dir = os.path.join(workspace, 'conf')
# Invoke certbot in test mode, without capturing output so users see directly the outcome.
command, env = _prepare_args_env(args, directory_url, http_01_port, tls_alpn_01_port,
config_dir, workspace, True)
subprocess.check_call(command, universal_newlines=True, cwd=workspace, env=env)
if __name__ == '__main__':
main()
Reference in a new issue Copy permalink