From 3f0dc7c81c60aa204e50fad3e415843829539121 Mon Sep 17 00:00:00 2001
From: Adrien Ferrand <adferrand@users.noreply.github.com>
Date: Mon, 15 Apr 2019 23:59:45 +0200
Subject: [PATCH] [Unix] Create a framework for certbot integration tests: PART
 3a (#6946)

Following #6821, this PR continues to convert certbot integration tests into certbot-ci.

This PR add tests covering on L185-222 in tests/certbot-boulder-integration.sh.

* Add tests

* Correct some assertions
---
 .../certbot_tests/assertions.py               |  5 +-
 .../certbot_tests/test_main.py                | 85 ++++++++++++++++---
 2 files changed, 78 insertions(+), 12 deletions(-)

diff --git a/certbot-ci/certbot_integration_tests/certbot_tests/assertions.py b/certbot-ci/certbot_integration_tests/certbot_tests/assertions.py
index cf1a4792d..b82c0b5f0 100644
--- a/certbot-ci/certbot_integration_tests/certbot_tests/assertions.py
+++ b/certbot-ci/certbot_integration_tests/certbot_tests/assertions.py
@@ -15,13 +15,14 @@ def assert_hook_execution(probe_path, probe_content):
     assert '{0}{1}'.format(probe_content, os.linesep) in lines
 
 
-def assert_save_renew_hook(config_dir, lineage):
+def assert_saved_renew_hook(config_dir, lineage):
     """
     Assert that the renew hook configuration of a lineage has been saved.
     :param config_dir: location of the certbot configuration
     :param lineage: lineage domain name
     """
-    assert os.path.isfile(os.path.join(config_dir, 'renewal/{0}.conf'.format(lineage)))
+    with open(os.path.join(config_dir, 'renewal', '{0}.conf'.format(lineage))) as file_h:
+        assert 'renew_hook' in file_h.read()
 
 
 def assert_cert_count_for_lineage(config_dir, lineage, count):
diff --git a/certbot-ci/certbot_integration_tests/certbot_tests/test_main.py b/certbot-ci/certbot_integration_tests/certbot_tests/test_main.py
index 7320128de..4c7d77a6d 100644
--- a/certbot-ci/certbot_integration_tests/certbot_tests/test_main.py
+++ b/certbot-ci/certbot_integration_tests/certbot_tests/test_main.py
@@ -1,13 +1,14 @@
 """Module executing integration tests against certbot core."""
 from __future__ import print_function
+
 import os
-import shutil
+import subprocess
 from os.path import join
 
 import pytest
 from certbot_integration_tests.certbot_tests import context as certbot_context
 from certbot_integration_tests.certbot_tests.assertions import (
-    assert_hook_execution, assert_save_renew_hook, assert_cert_count_for_lineage,
+    assert_hook_execution, assert_saved_renew_hook, assert_cert_count_for_lineage,
     assert_world_permissions, assert_equals_group_owner, assert_equals_permissions,
 )
 from certbot_integration_tests.utils import misc
@@ -23,6 +24,72 @@ def context(request):
         integration_test_context.cleanup()
 
 
+def test_basic_commands(context):
+    """Test simple commands on Certbot CLI."""
+    # TMPDIR env variable is set to workspace for the certbot subprocess.
+    # So tempdir module will create any temporary files/dirs in workspace,
+    # and its content can be tested to check correct certbot cleanup.
+    initial_count_tmpfiles = len(os.listdir(context.workspace))
+
+    context.certbot(['--help'])
+    context.certbot(['--help', 'all'])
+    context.certbot(['--version'])
+
+    with pytest.raises(subprocess.CalledProcessError):
+        context.certbot(['--csr'])
+
+    new_count_tmpfiles = len(os.listdir(context.workspace))
+    assert initial_count_tmpfiles == new_count_tmpfiles
+
+
+def test_hook_dirs_creation(context):
+    """Test all hooks directory are created during Certbot startup."""
+    context.certbot(['register'])
+
+    for hook_dir in misc.list_renewal_hooks_dirs(context.config_dir):
+        assert os.path.isdir(hook_dir)
+
+
+def test_registration_override(context):
+    """Test correct register/unregister, and registration override."""
+    context.certbot(['register'])
+    context.certbot(['unregister'])
+    context.certbot(['register', '--email', 'ex1@domain.org,ex2@domain.org'])
+
+    # TODO: When `certbot register --update-registration` is fully deprecated,
+    #  delete the two following deprecated uses
+    context.certbot(['register', '--update-registration', '--email', 'ex1@domain.org'])
+    context.certbot(['register', '--update-registration', '--email', 'ex1@domain.org,ex2@domain.org'])
+
+    context.certbot(['update_account', '--email', 'example@domain.org'])
+    context.certbot(['update_account', '--email', 'ex1@domain.org,ex2@domain.org'])
+
+
+def test_prepare_plugins(context):
+    """Test that plugins are correctly instantiated and displayed."""
+    output = context.certbot(['plugins', '--init', '--prepare'])
+
+    assert 'webroot' in output
+
+
+def test_http_01(context):
+    """Test the HTTP-01 challenge using standalone plugin."""
+    # We start a server listening on the port for the
+    # TLS-SNI challenge to prevent regressions in #3601.
+    with misc.create_http_server(context.tls_alpn_01_port):
+        certname = context.get_domain('le2')
+        context.certbot([
+            '--domains', certname, '--preferred-challenges', 'http-01', 'run',
+            '--cert-name', certname,
+            '--pre-hook', 'echo wtf.pre >> "{0}"'.format(context.hook_probe),
+            '--post-hook', 'echo wtf.post >> "{0}"'.format(context.hook_probe),
+            '--deploy-hook', 'echo deploy >> "{0}"'.format(context.hook_probe)
+        ])
+
+    assert_hook_execution(context.hook_probe, 'deploy')
+    assert_saved_renew_hook(context.config_dir, certname)
+
+
 def test_manual_http_auth(context):
     """Test the HTTP-01 challenge using manual plugin."""
     with misc.create_http_server(context.http_01_port) as webroot,\
@@ -36,11 +103,12 @@ def test_manual_http_auth(context):
             '--manual-cleanup-hook', scripts[1],
             '--pre-hook', 'echo wtf.pre >> "{0}"'.format(context.hook_probe),
             '--post-hook', 'echo wtf.post >> "{0}"'.format(context.hook_probe),
-            '--deploy-hook', 'echo deploy >> "{0}"'.format(context.hook_probe)
+            '--renew-hook', 'echo renew >> "{0}"'.format(context.hook_probe)
         ])
 
-    assert_hook_execution(context.hook_probe, 'deploy')
-    assert_save_renew_hook(context.config_dir, certname)
+    with pytest.raises(AssertionError):
+        assert_hook_execution(context.hook_probe, 'renew')
+    assert_saved_renew_hook(context.config_dir, certname)
 
 
 def test_manual_dns_auth(context):
@@ -58,11 +126,11 @@ def test_manual_dns_auth(context):
 
     with pytest.raises(AssertionError):
         assert_hook_execution(context.hook_probe, 'renew')
-    assert_save_renew_hook(context.config_dir, certname)
+    assert_saved_renew_hook(context.config_dir, certname)
 
 
 def test_renew_files_permissions(context):
-    """Test certificate file permissions upon renewal"""
+    """Test proper certificate file permissions upon renewal"""
     certname = context.get_domain('renew')
     context.certbot(['-d', certname])
 
@@ -70,8 +138,6 @@ def test_renew_files_permissions(context):
     assert_world_permissions(
         join(context.config_dir, 'archive', certname, 'privkey1.pem'), 0)
 
-    # Force renew. Assert certificate renewal and proper permissions.
-    # We assert certificate renewal and proper permissions.
     context.certbot(['renew'])
 
     assert_cert_count_for_lineage(context.config_dir, certname, 2)
@@ -92,7 +158,6 @@ def test_renew_with_hook_scripts(context):
 
     assert_cert_count_for_lineage(context.config_dir, certname, 1)
 
-    # Force renew. Assert certificate renewal and hook scripts execution.
     misc.generate_test_file_hooks(context.config_dir, context.hook_probe)
     context.certbot(['renew'])