[Unix] Create a framework for certbot integration tests: PART 3a (#6946)

Following #6821, this PR continues to convert certbot integration tests into certbot-ci. This PR add tests covering on L185-222 in tests/certbot-boulder-integration.sh. * Add tests * Correct some assertions
2026-06-09 08:42:57 -04:00 · 2019-04-15 23:59:45 +02:00 · 2019-04-15 23:59:45 +02:00 · 3f0dc7c81c
commit 3f0dc7c81c
parent d7610c1ae7
2 changed files with 78 additions and 12 deletions
--- a/certbot-ci/certbot_integration_tests/certbot_tests/assertions.py
+++ b/certbot-ci/certbot_integration_tests/certbot_tests/assertions.py
@ -15,13 +15,14 @@ def assert_hook_execution(probe_path, probe_content):
    assert '{0}{1}'.format(probe_content, os.linesep) in lines


-def assert_save_renew_hook(config_dir, lineage):
+def assert_saved_renew_hook(config_dir, lineage):
    """
    Assert that the renew hook configuration of a lineage has been saved.
    :param config_dir: location of the certbot configuration
    :param lineage: lineage domain name
    """
-    assert os.path.isfile(os.path.join(config_dir, 'renewal/{0}.conf'.format(lineage)))
+    with open(os.path.join(config_dir, 'renewal', '{0}.conf'.format(lineage))) as file_h:
+        assert 'renew_hook' in file_h.read()


 def assert_cert_count_for_lineage(config_dir, lineage, count):
--- a/certbot-ci/certbot_integration_tests/certbot_tests/test_main.py
+++ b/certbot-ci/certbot_integration_tests/certbot_tests/test_main.py
@ -1,13 +1,14 @@
 """Module executing integration tests against certbot core."""
 from __future__ import print_function
+
 import os
-import shutil
+import subprocess
 from os.path import join

 import pytest
 from certbot_integration_tests.certbot_tests import context as certbot_context
 from certbot_integration_tests.certbot_tests.assertions import (
-    assert_hook_execution, assert_save_renew_hook, assert_cert_count_for_lineage,
+    assert_hook_execution, assert_saved_renew_hook, assert_cert_count_for_lineage,
    assert_world_permissions, assert_equals_group_owner, assert_equals_permissions,
 )
 from certbot_integration_tests.utils import misc
@ -23,6 +24,72 @@ def context(request):
        integration_test_context.cleanup()


+def test_basic_commands(context):
+    """Test simple commands on Certbot CLI."""
+    # TMPDIR env variable is set to workspace for the certbot subprocess.
+    # So tempdir module will create any temporary files/dirs in workspace,
+    # and its content can be tested to check correct certbot cleanup.
+    initial_count_tmpfiles = len(os.listdir(context.workspace))
+
+    context.certbot(['--help'])
+    context.certbot(['--help', 'all'])
+    context.certbot(['--version'])
+
+    with pytest.raises(subprocess.CalledProcessError):
+        context.certbot(['--csr'])
+
+    new_count_tmpfiles = len(os.listdir(context.workspace))
+    assert initial_count_tmpfiles == new_count_tmpfiles
+
+
+def test_hook_dirs_creation(context):
+    """Test all hooks directory are created during Certbot startup."""
+    context.certbot(['register'])
+
+    for hook_dir in misc.list_renewal_hooks_dirs(context.config_dir):
+        assert os.path.isdir(hook_dir)
+
+
+def test_registration_override(context):
+    """Test correct register/unregister, and registration override."""
+    context.certbot(['register'])
+    context.certbot(['unregister'])
+    context.certbot(['register', '--email', 'ex1@domain.org,ex2@domain.org'])
+
+    # TODO: When `certbot register --update-registration` is fully deprecated,
+    #  delete the two following deprecated uses
+    context.certbot(['register', '--update-registration', '--email', 'ex1@domain.org'])
+    context.certbot(['register', '--update-registration', '--email', 'ex1@domain.org,ex2@domain.org'])
+
+    context.certbot(['update_account', '--email', 'example@domain.org'])
+    context.certbot(['update_account', '--email', 'ex1@domain.org,ex2@domain.org'])
+
+
+def test_prepare_plugins(context):
+    """Test that plugins are correctly instantiated and displayed."""
+    output = context.certbot(['plugins', '--init', '--prepare'])
+
+    assert 'webroot' in output
+
+
+def test_http_01(context):
+    """Test the HTTP-01 challenge using standalone plugin."""
+    # We start a server listening on the port for the
+    # TLS-SNI challenge to prevent regressions in #3601.
+    with misc.create_http_server(context.tls_alpn_01_port):
+        certname = context.get_domain('le2')
+        context.certbot([
+            '--domains', certname, '--preferred-challenges', 'http-01', 'run',
+            '--cert-name', certname,
+            '--pre-hook', 'echo wtf.pre >> "{0}"'.format(context.hook_probe),
+            '--post-hook', 'echo wtf.post >> "{0}"'.format(context.hook_probe),
+            '--deploy-hook', 'echo deploy >> "{0}"'.format(context.hook_probe)
+        ])
+
+    assert_hook_execution(context.hook_probe, 'deploy')
+    assert_saved_renew_hook(context.config_dir, certname)
+
+
 def test_manual_http_auth(context):
    """Test the HTTP-01 challenge using manual plugin."""
    with misc.create_http_server(context.http_01_port) as webroot,\
@ -36,11 +103,12 @@ def test_manual_http_auth(context):
            '--manual-cleanup-hook', scripts[1],
            '--pre-hook', 'echo wtf.pre >> "{0}"'.format(context.hook_probe),
            '--post-hook', 'echo wtf.post >> "{0}"'.format(context.hook_probe),
-            '--deploy-hook', 'echo deploy >> "{0}"'.format(context.hook_probe)
+            '--renew-hook', 'echo renew >> "{0}"'.format(context.hook_probe)
        ])

-    assert_hook_execution(context.hook_probe, 'deploy')
-    assert_save_renew_hook(context.config_dir, certname)
+    with pytest.raises(AssertionError):
+        assert_hook_execution(context.hook_probe, 'renew')
+    assert_saved_renew_hook(context.config_dir, certname)


 def test_manual_dns_auth(context):
@ -58,11 +126,11 @@ def test_manual_dns_auth(context):

    with pytest.raises(AssertionError):
        assert_hook_execution(context.hook_probe, 'renew')
-    assert_save_renew_hook(context.config_dir, certname)
+    assert_saved_renew_hook(context.config_dir, certname)


 def test_renew_files_permissions(context):
-    """Test certificate file permissions upon renewal"""
+    """Test proper certificate file permissions upon renewal"""
    certname = context.get_domain('renew')
    context.certbot(['-d', certname])

@ -70,8 +138,6 @@ def test_renew_files_permissions(context):
    assert_world_permissions(
        join(context.config_dir, 'archive', certname, 'privkey1.pem'), 0)

-    # Force renew. Assert certificate renewal and proper permissions.
-    # We assert certificate renewal and proper permissions.
    context.certbot(['renew'])

    assert_cert_count_for_lineage(context.config_dir, certname, 2)
@ -92,7 +158,6 @@ def test_renew_with_hook_scripts(context):

    assert_cert_count_for_lineage(context.config_dir, certname, 1)

-    # Force renew. Assert certificate renewal and hook scripts execution.
    misc.generate_test_file_hooks(context.config_dir, context.hook_probe)
    context.certbot(['renew'])