upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-03-28 13:23:09 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Move constants.py to _internal (#7534)

Browse source 
* Don't call core constants from nginx plugin

* Move constants.py to _internal/

* Move ENHANCEMENTS from now-internal constants to public plugins.enhancements

* Update display.enhancements.ask from its 2015 comment
This commit is contained in:
ohemorange 2019-11-11 15:41:40 -08:00 committed by Brad Warren
parent 08c1de34bd
commit 4792e1ee21
30 changed files with 47 additions and 73 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
certbot-apache/certbot_apache/configurator.py
View file

@ -1612,9 +1612,9 @@ class ApacheConfigurator(common.Installer):
:param str domain: domain to enhance
:param str enhancement: enhancement type defined in
:const:`~certbot.constants.ENHANCEMENTS`
:const:`~certbot.plugins.enhancements.ENHANCEMENTS`
:param options: options for the enhancement
See :const:`~certbot.constants.ENHANCEMENTS`
See :const:`~certbot.plugins.enhancements.ENHANCEMENTS`
documentation for appropriate parameter.
:raises .errors.PluginError: If Enhancement is not supported, or if

2
certbot-compatibility-test/certbot_compatibility_test/configurators/common.py
View file

@ -4,7 +4,7 @@ import os
import shutil
import tempfile
from certbot import constants
from certbot._internal import constants
from certbot_compatibility_test import errors
from certbot_compatibility_test import util

2
certbot-compatibility-test/certbot_compatibility_test/util.py
View file

@ -9,7 +9,7 @@ import tarfile
import josepy as jose
from certbot.tests import util as test_util
from certbot import constants
from certbot._internal import constants
from certbot_compatibility_test import errors

20
certbot-nginx/certbot_nginx/configurator.py
View file

@ -17,7 +17,6 @@ from acme import challenges
from acme import crypto_util as acme_crypto_util
from acme.magic_typing import List, Dict, Set # pylint: disable=unused-import, no-name-in-module
from certbot import constants as core_constants
from certbot import crypto_util
from certbot import errors
from certbot import interfaces
@ -101,9 +100,6 @@ class NginxConfigurator(common.Installer):
openssl_version = kwargs.pop("openssl_version", None)
super(NginxConfigurator, self).__init__(*args, **kwargs)
# Verify that all directories and files exist with proper permissions
self._verify_setup()
# Files to save
self.save_notes = ""
@ -708,9 +704,9 @@ class NginxConfigurator(common.Installer):
:param str domain: domain to enhance
:param str enhancement: enhancement type defined in
:const:`~certbot.constants.ENHANCEMENTS`
:const:`~certbot.plugins.enhancements.ENHANCEMENTS`
:param options: options for the enhancement
See :const:`~certbot.constants.ENHANCEMENTS`
See :const:`~certbot.plugins.enhancements.ENHANCEMENTS`
documentation for appropriate parameter.
"""
@ -929,18 +925,6 @@ class NginxConfigurator(common.Installer):
except errors.SubprocessError as err:
raise errors.MisconfigurationError(str(err))
def _verify_setup(self):
"""Verify the setup to ensure safe operating environment.
Make sure that files/directories are setup with appropriate permissions
Aim for defensive coding... make sure all input files
have permissions of root.
"""
util.make_or_verify_dir(self.config.work_dir, core_constants.CONFIG_DIRS_MODE)
util.make_or_verify_dir(self.config.backup_dir, core_constants.CONFIG_DIRS_MODE)
util.make_or_verify_dir(self.config.config_dir, core_constants.CONFIG_DIRS_MODE)
def _nginx_version(self):
"""Return results of nginx -V

2
certbot/_internal/account.py
View file

@ -16,7 +16,7 @@ from cryptography.hazmat.primitives import serialization
from acme import fields as acme_fields
from acme import messages
from certbot import constants
from certbot._internal import constants
from certbot import errors
from certbot import interfaces
from certbot import util

2
certbot/_internal/client.py
View file

@ -21,7 +21,7 @@ import certbot
from certbot._internal import account
from certbot._internal import auth_handler
from certbot import cli
from certbot import constants
from certbot._internal import constants
from certbot import crypto_util
from certbot._internal import eff
from certbot._internal import error_handler

12
certbot/constants.py → certbot/_internal/constants.py
View file

@ -147,18 +147,6 @@ RENEWER_DEFAULTS = dict(
)
"""Defaults for renewer script."""
ENHANCEMENTS = ["redirect", "ensure-http-header", "ocsp-stapling"]
"""List of possible :class:`certbot.interfaces.IInstaller`
enhancements.
List of expected options parameters:
- redirect: None
- ensure-http-header: name of header (i.e. Strict-Transport-Security)
- ocsp-stapling: certificate chain file path
"""
ARCHIVE_DIR = "archive"
"""Archive directory, relative to `IConfig.config_dir`."""

2
certbot/_internal/display/enhancements.py
View file

@ -18,7 +18,7 @@ def ask(enhancement):
"""Display the enhancement to the user.
:param str enhancement: One of the
:class:`certbot.CONFIG.ENHANCEMENTS` enhancements
:const:`~certbot.plugins.enhancements.ENHANCEMENTS` enhancements
:returns: True if feature is desired, False otherwise
:rtype: bool

2
certbot/_internal/eff.py
View file

@ -4,7 +4,7 @@ import logging
import requests
import zope.component
from certbot import constants
from certbot._internal import constants
from certbot import interfaces

4
certbot/_internal/log.py
View file

@ -24,7 +24,7 @@ import traceback
from acme import messages
from certbot import constants
from certbot._internal import constants
from certbot import errors
from certbot import util
from certbot.compat import os
@ -41,7 +41,7 @@ def pre_arg_parse_setup():
"""Setup logging before command line arguments are parsed.
Terminal logging is setup using
`certbot.constants.QUIET_LOGGING_LEVEL` so Certbot is as quiet as
`certbot._internal.constants.QUIET_LOGGING_LEVEL` so Certbot is as quiet as
possible. File logging is setup so that logging messages are
buffered in memory. If Certbot exits before `post_arg_parse_setup`
is called, these buffered messages are written to a temporary file.

2
certbot/_internal/main.py
View file

@ -19,7 +19,7 @@ from certbot._internal import cert_manager
from certbot import cli
from certbot._internal import client
from certbot import configuration
from certbot import constants
from certbot._internal import constants
from certbot import crypto_util
from certbot._internal import eff
from certbot import errors

2
certbot/_internal/plugins/disco.py
View file

@ -10,7 +10,7 @@ import zope.interface
import zope.interface.verify
from acme.magic_typing import Dict # pylint: disable=unused-import, no-name-in-module
from certbot import constants
from certbot._internal import constants
from certbot import errors
from certbot import interfaces

2
certbot/_internal/storage.py
View file

@ -13,7 +13,7 @@ import six
import certbot
from certbot import cli
from certbot import constants
from certbot._internal import constants
from certbot import crypto_util
from certbot._internal import error_handler
from certbot import errors

2
certbot/cli.py
View file

@ -22,7 +22,7 @@ from acme.magic_typing import Any, Dict, Optional
import certbot
import certbot.plugins.enhancements as enhancements
import certbot._internal.plugins.selection as plugin_selection
from certbot import constants
from certbot._internal import constants
from certbot import crypto_util
from certbot import errors
from certbot import hooks

6
certbot/configuration.py
View file

@ -4,7 +4,7 @@ import copy
import zope.interface
from six.moves.urllib import parse # pylint: disable=relative-import
from certbot import constants
from certbot._internal import constants
from certbot import errors
from certbot import interfaces
from certbot import util
@ -20,7 +20,7 @@ class NamespaceConfig(object):
:class:`certbot.interfaces.IConfig`. However, note that
the following attributes are dynamically resolved using
:attr:`~certbot.interfaces.IConfig.work_dir` and relative
paths defined in :py:mod:`certbot.constants`:
paths defined in :py:mod:`certbot._internal.constants`:
- `accounts_dir`
- `csr_dir`
@ -30,7 +30,7 @@ class NamespaceConfig(object):
And the following paths are dynamically resolved using
:attr:`~certbot.interfaces.IConfig.config_dir` and relative
paths defined in :py:mod:`certbot.constants`:
paths defined in :py:mod:`certbot._internal.constants`:
- `default_archive_dir`
- `live_dir`

2
certbot/display/util.py
View file

@ -5,7 +5,7 @@ import textwrap
import zope.interface
from certbot import constants
from certbot._internal import constants
from certbot import errors
from certbot import interfaces
from certbot.compat import misc

6
certbot/interfaces.py
View file

@ -295,10 +295,10 @@ class IInstaller(IPlugin):
:param str domain: domain for which to provide enhancement
:param str enhancement: An enhancement as defined in
:const:`~certbot.constants.ENHANCEMENTS`
:const:`~certbot.plugins.enhancements.ENHANCEMENTS`
:param options: Flexible options parameter for enhancement.
Check documentation of
:const:`~certbot.constants.ENHANCEMENTS`
:const:`~certbot.plugins.enhancements.ENHANCEMENTS`
for expected options for each enhancement.
:raises .PluginError: If Enhancement is not supported, or if
@ -310,7 +310,7 @@ class IInstaller(IPlugin):
"""Returns a `collections.Iterable` of supported enhancements.
:returns: supported enhancements which should be a subset of
:const:`~certbot.constants.ENHANCEMENTS`
:const:`~certbot.plugins.enhancements.ENHANCEMENTS`
:rtype: :class:`collections.Iterable` of :class:`str`
"""

2
certbot/plugins/common.py
View file

@ -14,7 +14,7 @@ from josepy import util as jose_util
from acme.magic_typing import List # pylint: disable=unused-import, no-name-in-module
from certbot import achallenges # pylint: disable=unused-import
from certbot import constants
from certbot._internal import constants
from certbot import crypto_util
from certbot import errors
from certbot import interfaces

4
certbot/plugins/common_test.py
View file

@ -167,11 +167,11 @@ class InstallerTest(test_util.ConfigTestCase):
self.assertTrue(os.path.isfile(self.installer.ssl_dhparams))
def _current_ssl_dhparams_hash(self):
from certbot.constants import SSL_DHPARAMS_SRC
from certbot._internal.constants import SSL_DHPARAMS_SRC
return crypto_util.sha256sum(SSL_DHPARAMS_SRC)
def test_current_file_hash_in_all_hashes(self):
from certbot.constants import ALL_SSL_DHPARAMS_HASHES
from certbot._internal.constants import ALL_SSL_DHPARAMS_HASHES
self.assertTrue(self._current_ssl_dhparams_hash() in ALL_SSL_DHPARAMS_HASHES,
"Constants.ALL_SSL_DHPARAMS_HASHES must be appended"
" with the sha256 hash of self.config.ssl_dhparams when it is updated.")

13
certbot/plugins/enhancements.py
View file

@ -2,10 +2,21 @@
import abc
import six
from certbot import constants
from certbot._internal import constants
from acme.magic_typing import Dict, List, Any # pylint: disable=unused-import, no-name-in-module
ENHANCEMENTS = ["redirect", "ensure-http-header", "ocsp-stapling"]
"""List of possible :class:`certbot.interfaces.IInstaller`
enhancements.
List of expected options parameters:
- redirect: None
- ensure-http-header: name of header (i.e. Strict-Transport-Security)
- ocsp-stapling: certificate chain file path
"""
def enabled_enhancements(config):
"""
Generator to yield the enabled new style enhancements.

2
certbot/reverter.py
View file

@ -9,7 +9,7 @@ import traceback
import six
from certbot import constants
from certbot._internal import constants
from certbot import errors
from certbot import util
from certbot.compat import os

2
certbot/tests/account_test.py
View file

@ -278,7 +278,7 @@ class AccountFileStorageTest(test_util.ConfigTestCase):
self._set_server('https://acme-staging.api.letsencrypt.org/directory')
self.storage.save(self.acc, self.mock_client)
# ensure v2 isn't already linked to it
with mock.patch('certbot.constants.LE_REUSE_SERVERS', {}):
with mock.patch('certbot._internal.constants.LE_REUSE_SERVERS', {}):
self._set_server('https://acme-staging-v02.api.letsencrypt.org/directory')
self.assertRaises(errors.AccountNotFound, self.storage.load, self.acc.id)

2
certbot/tests/cli_test.py
View file

@ -12,7 +12,7 @@ from acme import challenges
import certbot.tests.util as test_util
from certbot import cli
from certbot import constants
from certbot._internal import constants
from certbot import errors
from certbot.compat import os
from certbot.compat import filesystem

2
certbot/tests/configuration_test.py
View file

@ -3,7 +3,7 @@ import unittest
import mock
from certbot import constants
from certbot._internal import constants
from certbot import errors
from certbot.compat import misc
from certbot.compat import os

2
certbot/tests/eff_test.py
View file

@ -4,7 +4,7 @@ import unittest
import mock
import requests
from certbot import constants
from certbot._internal import constants
import certbot.tests.util as test_util

2
certbot/tests/log_test.py
View file

@ -11,7 +11,7 @@ import six
from acme import messages
from acme.magic_typing import Optional # pylint: disable=unused-import, no-name-in-module
from certbot import constants
from certbot._internal import constants
from certbot import errors
from certbot import util
from certbot.compat import filesystem

2
certbot/tests/main_test.py
View file

@ -24,7 +24,7 @@ import certbot.tests.util as test_util
from certbot._internal import account
from certbot import cli
from certbot import configuration
from certbot import constants
from certbot._internal import constants
from certbot import crypto_util
from certbot import errors
from certbot import interfaces # pylint: disable=unused-import

2
certbot/tests/util.py
View file

@ -20,7 +20,7 @@ from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from certbot import configuration
from certbot import constants
from certbot._internal import constants
from certbot import interfaces
from certbot._internal import lock
from certbot._internal import storage

2
certbot/util.py
View file

@ -19,7 +19,7 @@ import six
from acme.magic_typing import Tuple, Union # pylint: disable=unused-import, no-name-in-module
from certbot import constants
from certbot._internal import constants
from certbot import errors
from certbot._internal import lock
from certbot.compat import os

9
docs/api/constants.rst
View file

@ -1,9 +0,0 @@
:mod:`certbot.constants`
-----------------------------------
.. automodule:: certbot.constants
:members:
:exclude-members: SSL_DHPARAMS_SRC
.. autodata:: SSL_DHPARAMS_SRC
:annotation: = '/path/to/certbot/ssl-dhparams.pem'