From fd9f68b93b354310324d1cbfbea9abdac3473c56 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Tue, 11 Aug 2020 16:35:42 -0700 Subject: [PATCH 01/19] Create bootstrap script --- tests/letstest/auto_targets.yaml | 89 ++++ .../letstest/scripts/bootstrap_os_packages.sh | 405 ++++++++++++++++++ 2 files changed, 494 insertions(+) create mode 100644 tests/letstest/auto_targets.yaml create mode 100644 tests/letstest/scripts/bootstrap_os_packages.sh diff --git a/tests/letstest/auto_targets.yaml b/tests/letstest/auto_targets.yaml new file mode 100644 index 000000000..9daba3910 --- /dev/null +++ b/tests/letstest/auto_targets.yaml @@ -0,0 +1,89 @@ +# These images are located in us-east-1. + +targets: + #----------------------------------------------------------------------------- + #Ubuntu + - ami: ami-0545f7036167eb3aa + name: ubuntu19.10 + type: ubuntu + virt: hvm + user: ubuntu + - ami: ami-095192256fe1477ad + name: ubuntu18.04LTS + type: ubuntu + virt: hvm + user: ubuntu + - ami: ami-09677e0a6b14905b0 + name: ubuntu16.04LTS + type: ubuntu + virt: hvm + user: ubuntu + #----------------------------------------------------------------------------- + # Debian + - ami: ami-01db78123b2b99496 + name: debian10 + type: ubuntu + virt: hvm + user: admin + - ami: ami-003f19e0e687de1cd + name: debian9 + type: ubuntu + virt: hvm + user: admin + - ami: ami-0ed54dd1b25657636 + name: debian9_arm64 + type: ubuntu + virt: hvm + user: admin + machine_type: a1.medium + # userdata: | + # #cloud-init + # runcmd: + # - [ apt-get, install, -y, curl ] + #----------------------------------------------------------------------------- + # Other Redhat Distros + - ami: ami-0916c408cb02e310b + name: RHEL7 + type: centos + virt: hvm + user: ec2-user + - ami: ami-0c322300a1dd5dc79 + name: RHEL8 + type: centos + virt: hvm + user: ec2-user + - ami: ami-0fcbe88944a53b4c8 + name: fedora31 + type: centos + virt: hvm + user: fedora + - ami: ami-00bbc6858140f19ed + name: fedora30 + type: centos + virt: hvm + user: fedora + #----------------------------------------------------------------------------- + # CentOS + # These Marketplace AMIs must, irritatingly, have their terms manually + # agreed to on the AWS marketplace site for any new AWS account using them... + - ami: ami-9887c6e7 + name: centos7 + type: centos + virt: hvm + user: centos + # centos6 requires EPEL repo added + - ami: ami-1585c46a + name: centos6 + type: centos + virt: hvm + user: centos + userdata: | + #cloud-config + runcmd: + - yum install -y epel-release + - iptables -F + - ami: ami-01ca03df4a6012157 + name: centos8 + type: centos + virt: hvm + user: centos diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh new file mode 100644 index 000000000..6f4444cdc --- /dev/null +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -0,0 +1,405 @@ +#!/bin/sh +# +# Download and run the latest release version of the Certbot client. + +set -e # Work even if somebody does "sh thisscript.sh". + +error() { + echo "$@" +} + +MIN_PYTHON_2_VERSION="2.7" +MIN_PYVER2=$(echo "$MIN_PYTHON_2_VERSION" | sed 's/\.//') +MIN_PYTHON_3_VERSION="3.5" +MIN_PYVER3=$(echo "$MIN_PYTHON_3_VERSION" | sed 's/\.//') +# Sets LE_PYTHON to Python version string and PYVER to the first two +# digits of the python version. +# MIN_PYVER and MIN_PYTHON_VERSION are also set by this function, and their +# values depend on if we try to use Python 3 or Python 2. +DeterminePythonVersion() { + # Arguments: "NOCRASH" if we shouldn't crash if we don't find a good python + # + # If no Python is found, PYVER is set to 0. + if [ "$USE_PYTHON_3" = 1 ]; then + MIN_PYVER=$MIN_PYVER3 + MIN_PYTHON_VERSION=$MIN_PYTHON_3_VERSION + for LE_PYTHON in "$LE_PYTHON" python3; do + # Break (while keeping the LE_PYTHON value) if found. + $EXISTS "$LE_PYTHON" > /dev/null && break + done + else + MIN_PYVER=$MIN_PYVER2 + MIN_PYTHON_VERSION=$MIN_PYTHON_2_VERSION + for LE_PYTHON in "$LE_PYTHON" python2.7 python27 python2 python; do + # Break (while keeping the LE_PYTHON value) if found. + $EXISTS "$LE_PYTHON" > /dev/null && break + done + fi + if [ "$?" != "0" ]; then + if [ "$1" != "NOCRASH" ]; then + error "Cannot find any Pythons; please install one!" + exit 1 + else + PYVER=0 + return 0 + fi + fi + + PYVER=$("$LE_PYTHON" -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') + if [ "$PYVER" -lt "$MIN_PYVER" ]; then + if [ "$1" != "NOCRASH" ]; then + error "You have an ancient version of Python entombed in your operating system..." + error "This isn't going to work; you'll need at least version $MIN_PYTHON_VERSION." + exit 1 + fi + fi +} + +BootstrapDebCommon() { + # Current version tested with: + # + # - Ubuntu + # - 14.04 (x64) + # - 15.04 (x64) + # - Debian + # - 7.9 "wheezy" (x64) + # - sid (2015-10-21) (x64) + + # Past versions tested with: + # + # - Debian 8.0 "jessie" (x64) + # - Raspbian 7.8 (armhf) + + # Believed not to work: + # + # - Debian 6.0.10 "squeeze" (x64) + + if [ "$QUIET" = 1 ]; then + QUIET_FLAG='-qq' + fi + + apt-get $QUIET_FLAG update || error apt-get update hit problems but continuing anyway... + + # virtualenv binary can be found in different packages depending on + # distro version (#346) + + virtualenv= + # virtual env is known to apt and is installable + if apt-cache show virtualenv > /dev/null 2>&1 ; then + if ! LC_ALL=C apt-cache --quiet=0 show virtualenv 2>&1 | grep -q 'No packages found'; then + virtualenv="virtualenv" + fi + fi + + if apt-cache show python-virtualenv > /dev/null 2>&1; then + virtualenv="$virtualenv python-virtualenv" + fi + + augeas_pkg="libaugeas0 augeas-lenses" + + if [ "$ASSUME_YES" = 1 ]; then + YES_FLAG="-y" + fi + + apt-get install $QUIET_FLAG $YES_FLAG --no-install-recommends \ + python \ + python-dev \ + $virtualenv \ + gcc \ + $augeas_pkg \ + libssl-dev \ + openssl \ + libffi-dev \ + ca-certificates \ + + + if ! $EXISTS virtualenv > /dev/null ; then + error Failed to install a working \"virtualenv\" command, exiting + exit 1 + fi +} + +# If new packages are installed by BootstrapRpmCommonBase below, version +# numbers in rpm_common.sh and rpm_python3.sh must be increased. + +# Sets TOOL to the name of the package manager +# Sets appropriate values for YES_FLAG and QUIET_FLAG based on $ASSUME_YES and $QUIET_FLAG. +# Note: this function is called both while selecting the bootstrap scripts and +# during the actual bootstrap. Some things like prompting to user can be done in the latter +# case, but not in the former one. +InitializeRPMCommonBase() { + if type dnf 2>/dev/null + then + TOOL=dnf + elif type yum 2>/dev/null + then + TOOL=yum + + else + error "Neither yum nor dnf found. Aborting bootstrap!" + exit 1 + fi + + if [ "$ASSUME_YES" = 1 ]; then + YES_FLAG="-y" + fi + if [ "$QUIET" = 1 ]; then + QUIET_FLAG='--quiet' + fi +} + +BootstrapRpmCommonBase() { + # Arguments: whitespace-delimited python packages to install + + InitializeRPMCommonBase # This call is superfluous in practice + + pkgs=" + gcc + augeas-libs + openssl + openssl-devel + libffi-devel + redhat-rpm-config + ca-certificates + " + + # Add the python packages + pkgs="$pkgs + $1 + " + + if $TOOL list installed "httpd" >/dev/null 2>&1; then + pkgs="$pkgs + mod_ssl + " + fi + + if ! $TOOL install $YES_FLAG $QUIET_FLAG $pkgs; then + error "Could not install OS dependencies. Aborting bootstrap!" + exit 1 + fi +} + +# If new packages are installed by BootstrapRpmCommon below, this version +# number must be increased. +BOOTSTRAP_RPM_COMMON_VERSION=1 + +BootstrapRpmCommon() { + # Tested with: + # - Fedora 20, 21, 22, 23 (x64) + # - Centos 7 (x64: on DigitalOcean droplet) + # - CentOS 7 Minimal install in a Hyper-V VM + # - CentOS 6 + + InitializeRPMCommonBase + + # Most RPM distros use the "python" or "python-" naming convention. Let's try that first. + if $TOOL list python >/dev/null 2>&1; then + python_pkgs="$python + python-devel + python-virtualenv + python-tools + python-pip + " + # Fedora 26 starts to use the prefix python2 for python2 based packages. + # this elseif is theoretically for any Fedora over version 26: + elif $TOOL list python2 >/dev/null 2>&1; then + python_pkgs="$python2 + python2-libs + python2-setuptools + python2-devel + python2-virtualenv + python2-tools + python2-pip + " + # Some distros and older versions of current distros use a "python27" + # instead of the "python" or "python-" naming convention. + else + python_pkgs="$python27 + python27-devel + python27-virtualenv + python27-tools + python27-pip + " + fi + + BootstrapRpmCommonBase "$python_pkgs" +} + +# If new packages are installed by BootstrapRpmPython3 below, this version +# number must be increased. +BOOTSTRAP_RPM_PYTHON3_LEGACY_VERSION=1 + +# Checks if rh-python36 can be installed. +Python36SclIsAvailable() { + InitializeRPMCommonBase >/dev/null 2>&1; + + if "${TOOL}" list rh-python36 >/dev/null 2>&1; then + return 0 + fi + if "${TOOL}" list centos-release-scl >/dev/null 2>&1; then + return 0 + fi + return 1 +} + +# Try to enable rh-python36 from SCL if it is necessary and possible. +EnablePython36SCL() { + if "$EXISTS" python3.6 > /dev/null 2> /dev/null; then + return 0 + fi + if [ ! -f /opt/rh/rh-python36/enable ]; then + return 0 + fi + set +e + if ! . /opt/rh/rh-python36/enable; then + error 'Unable to enable rh-python36!' + exit 1 + fi + set -e +} + +# This bootstrap concerns old RedHat-based distributions that do not ship by default +# with Python 2.7, but only Python 2.6. We bootstrap them by enabling SCL and installing +# Python 3.6. Some of these distributions are: CentOS/RHEL/OL/SL 6. +BootstrapRpmPython3Legacy() { + # Tested with: + # - CentOS 6 + + InitializeRPMCommonBase + + if ! "${TOOL}" list rh-python36 >/dev/null 2>&1; then + echo "To use Certbot on this operating system, packages from the SCL repository need to be installed." + if ! "${TOOL}" list centos-release-scl >/dev/null 2>&1; then + error "Enable the SCL repository and try running Certbot again." + exit 1 + fi + if [ "${ASSUME_YES}" = 1 ]; then + /bin/echo -n "Enabling the SCL repository in 3 seconds... (Press Ctrl-C to cancel)" + sleep 1s + /bin/echo -ne "\e[0K\rEnabling the SCL repository in 2 seconds... (Press Ctrl-C to cancel)" + sleep 1s + /bin/echo -e "\e[0K\rEnabling the SCL repository in 1 second... (Press Ctrl-C to cancel)" + sleep 1s + fi + if ! "${TOOL}" install "${YES_FLAG}" "${QUIET_FLAG}" centos-release-scl; then + error "Could not enable SCL. Aborting bootstrap!" + exit 1 + fi + fi + + # CentOS 6 must use rh-python36 from SCL + if "${TOOL}" list rh-python36 >/dev/null 2>&1; then + python_pkgs="rh-python36-python + rh-python36-python-virtualenv + rh-python36-python-devel + " + else + error "No supported Python package available to install. Aborting bootstrap!" + exit 1 + fi + + BootstrapRpmCommonBase "${python_pkgs}" + + # Enable SCL rh-python36 after bootstrapping. + EnablePython36SCL +} + +# If new packages are installed by BootstrapRpmPython3 below, this version +# number must be increased. +BOOTSTRAP_RPM_PYTHON3_VERSION=1 + +BootstrapRpmPython3() { + # Tested with: + # - Fedora 29 + + InitializeRPMCommonBase + + # Fedora 29 must use python3-virtualenv + if $TOOL list python3-virtualenv >/dev/null 2>&1; then + python_pkgs="python3 + python3-virtualenv + python3-devel + " + else + error "No supported Python package available to install. Aborting bootstrap!" + exit 1 + fi + + BootstrapRpmCommonBase "$python_pkgs" +} + +# Set Bootstrap to the function that installs OS dependencies on this system. +if [ -f /etc/debian_version ]; then + Bootstrap() { + BootstrapMessage "Debian-based OSes" + BootstrapDebCommon + } +elif [ -f /etc/redhat-release ]; then + # Run DeterminePythonVersion to decide on the basis of available Python versions + # whether to use 2.x or 3.x on RedHat-like systems. + # Then, revert LE_PYTHON to its previous state. + prev_le_python="$LE_PYTHON" + unset LE_PYTHON + DeterminePythonVersion "NOCRASH" + + RPM_DIST_NAME=`(. /etc/os-release 2> /dev/null && echo $ID) || echo "unknown"` + + # Set RPM_DIST_VERSION to VERSION_ID from /etc/os-release after splitting on + # '.' characters (e.g. "8.0" becomes "8"). If the command exits with an + # error, RPM_DIST_VERSION is set to "unknown". + RPM_DIST_VERSION=$( (. /etc/os-release 2> /dev/null && echo "$VERSION_ID") | cut -d '.' -f1 || echo "unknown") + + # If RPM_DIST_VERSION is an empty string or it contains any nonnumeric + # characters, the value is unexpected so we set RPM_DIST_VERSION to 0. + if [ -z "$RPM_DIST_VERSION" ] || [ -n "$(echo "$RPM_DIST_VERSION" | tr -d '[0-9]')" ]; then + RPM_DIST_VERSION=0 + fi + + # Handle legacy RPM distributions + if [ "$PYVER" -eq 26 ]; then + # Check if an automated bootstrap can be achieved on this system. + if ! Python36SclIsAvailable; then + INTERACTIVE_BOOTSTRAP=1 + fi + + Bootstrap() { + BootstrapMessage "Legacy RedHat-based OSes that will use Python3" + BootstrapRpmPython3Legacy + } + USE_PYTHON_3=1 + + # Try now to enable SCL rh-python36 for systems already bootstrapped + # NB: EnablePython36SCL has been defined along with BootstrapRpmPython3Legacy in certbot-auto + EnablePython36SCL + else + # Starting to Fedora 29, python2 is on a deprecation path. Let's move to python3 then. + # RHEL 8 also uses python3 by default. + if [ "$RPM_DIST_NAME" = "fedora" -a "$RPM_DIST_VERSION" -ge 29 ]; then + RPM_USE_PYTHON_3=1 + elif [ "$RPM_DIST_NAME" = "rhel" -a "$RPM_DIST_VERSION" -ge 8 ]; then + RPM_USE_PYTHON_3=1 + elif [ "$RPM_DIST_NAME" = "centos" -a "$RPM_DIST_VERSION" -ge 8 ]; then + RPM_USE_PYTHON_3=1 + else + RPM_USE_PYTHON_3=0 + fi + + if [ "$RPM_USE_PYTHON_3" = 1 ]; then + Bootstrap() { + BootstrapMessage "RedHat-based OSes that will use Python3" + BootstrapRpmPython3 + } + USE_PYTHON_3=1 + else + Bootstrap() { + BootstrapMessage "RedHat-based OSes" + BootstrapRpmCommon + } + fi + fi + + LE_PYTHON="$prev_le_python" +fi + +Bootstrap From 83365a5f5d48301f3f2bf51c03895e830bc2fc29 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Tue, 11 Aug 2020 18:54:22 -0700 Subject: [PATCH 02/19] Delete a whole bunch of the bootstrap script --- .../letstest/scripts/bootstrap_os_packages.sh | 246 ++---------------- 1 file changed, 15 insertions(+), 231 deletions(-) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index 6f4444cdc..a38e8a4ec 100644 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -8,122 +8,38 @@ error() { echo "$@" } -MIN_PYTHON_2_VERSION="2.7" -MIN_PYVER2=$(echo "$MIN_PYTHON_2_VERSION" | sed 's/\.//') -MIN_PYTHON_3_VERSION="3.5" -MIN_PYVER3=$(echo "$MIN_PYTHON_3_VERSION" | sed 's/\.//') # Sets LE_PYTHON to Python version string and PYVER to the first two # digits of the python version. -# MIN_PYVER and MIN_PYTHON_VERSION are also set by this function, and their -# values depend on if we try to use Python 3 or Python 2. DeterminePythonVersion() { - # Arguments: "NOCRASH" if we shouldn't crash if we don't find a good python - # # If no Python is found, PYVER is set to 0. - if [ "$USE_PYTHON_3" = 1 ]; then - MIN_PYVER=$MIN_PYVER3 - MIN_PYTHON_VERSION=$MIN_PYTHON_3_VERSION - for LE_PYTHON in "$LE_PYTHON" python3; do - # Break (while keeping the LE_PYTHON value) if found. - $EXISTS "$LE_PYTHON" > /dev/null && break - done - else - MIN_PYVER=$MIN_PYVER2 - MIN_PYTHON_VERSION=$MIN_PYTHON_2_VERSION - for LE_PYTHON in "$LE_PYTHON" python2.7 python27 python2 python; do - # Break (while keeping the LE_PYTHON value) if found. - $EXISTS "$LE_PYTHON" > /dev/null && break - done - fi - if [ "$?" != "0" ]; then - if [ "$1" != "NOCRASH" ]; then - error "Cannot find any Pythons; please install one!" - exit 1 - else - PYVER=0 - return 0 - fi - fi + for LE_PYTHON in "$LE_PYTHON" python3; do + # Break (while keeping the LE_PYTHON value) if found. + $EXISTS "$LE_PYTHON" > /dev/null && break + done PYVER=$("$LE_PYTHON" -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') - if [ "$PYVER" -lt "$MIN_PYVER" ]; then - if [ "$1" != "NOCRASH" ]; then - error "You have an ancient version of Python entombed in your operating system..." - error "This isn't going to work; you'll need at least version $MIN_PYTHON_VERSION." - exit 1 - fi - fi } BootstrapDebCommon() { - # Current version tested with: - # - # - Ubuntu - # - 14.04 (x64) - # - 15.04 (x64) - # - Debian - # - 7.9 "wheezy" (x64) - # - sid (2015-10-21) (x64) + apt-get update || error apt-get update hit problems but continuing anyway... - # Past versions tested with: - # - # - Debian 8.0 "jessie" (x64) - # - Raspbian 7.8 (armhf) - - # Believed not to work: - # - # - Debian 6.0.10 "squeeze" (x64) - - if [ "$QUIET" = 1 ]; then - QUIET_FLAG='-qq' - fi - - apt-get $QUIET_FLAG update || error apt-get update hit problems but continuing anyway... - - # virtualenv binary can be found in different packages depending on - # distro version (#346) - - virtualenv= - # virtual env is known to apt and is installable - if apt-cache show virtualenv > /dev/null 2>&1 ; then - if ! LC_ALL=C apt-cache --quiet=0 show virtualenv 2>&1 | grep -q 'No packages found'; then - virtualenv="virtualenv" - fi - fi - - if apt-cache show python-virtualenv > /dev/null 2>&1; then - virtualenv="$virtualenv python-virtualenv" - fi - - augeas_pkg="libaugeas0 augeas-lenses" - - if [ "$ASSUME_YES" = 1 ]; then - YES_FLAG="-y" - fi - - apt-get install $QUIET_FLAG $YES_FLAG --no-install-recommends \ - python \ - python-dev \ - $virtualenv \ + apt-get install -y --no-install-recommends \ + python3 \ + python3-dev \ + python3-venv \ gcc \ - $augeas_pkg \ + libaugeas0 \ libssl-dev \ openssl \ libffi-dev \ ca-certificates \ - - if ! $EXISTS virtualenv > /dev/null ; then - error Failed to install a working \"virtualenv\" command, exiting - exit 1 - fi } # If new packages are installed by BootstrapRpmCommonBase below, version # numbers in rpm_common.sh and rpm_python3.sh must be increased. # Sets TOOL to the name of the package manager -# Sets appropriate values for YES_FLAG and QUIET_FLAG based on $ASSUME_YES and $QUIET_FLAG. # Note: this function is called both while selecting the bootstrap scripts and # during the actual bootstrap. Some things like prompting to user can be done in the latter # case, but not in the former one. @@ -140,12 +56,6 @@ InitializeRPMCommonBase() { exit 1 fi - if [ "$ASSUME_YES" = 1 ]; then - YES_FLAG="-y" - fi - if [ "$QUIET" = 1 ]; then - QUIET_FLAG='--quiet' - fi } BootstrapRpmCommonBase() { @@ -174,75 +84,12 @@ BootstrapRpmCommonBase() { " fi - if ! $TOOL install $YES_FLAG $QUIET_FLAG $pkgs; then + if ! $TOOL install -y $pkgs; then error "Could not install OS dependencies. Aborting bootstrap!" exit 1 fi } -# If new packages are installed by BootstrapRpmCommon below, this version -# number must be increased. -BOOTSTRAP_RPM_COMMON_VERSION=1 - -BootstrapRpmCommon() { - # Tested with: - # - Fedora 20, 21, 22, 23 (x64) - # - Centos 7 (x64: on DigitalOcean droplet) - # - CentOS 7 Minimal install in a Hyper-V VM - # - CentOS 6 - - InitializeRPMCommonBase - - # Most RPM distros use the "python" or "python-" naming convention. Let's try that first. - if $TOOL list python >/dev/null 2>&1; then - python_pkgs="$python - python-devel - python-virtualenv - python-tools - python-pip - " - # Fedora 26 starts to use the prefix python2 for python2 based packages. - # this elseif is theoretically for any Fedora over version 26: - elif $TOOL list python2 >/dev/null 2>&1; then - python_pkgs="$python2 - python2-libs - python2-setuptools - python2-devel - python2-virtualenv - python2-tools - python2-pip - " - # Some distros and older versions of current distros use a "python27" - # instead of the "python" or "python-" naming convention. - else - python_pkgs="$python27 - python27-devel - python27-virtualenv - python27-tools - python27-pip - " - fi - - BootstrapRpmCommonBase "$python_pkgs" -} - -# If new packages are installed by BootstrapRpmPython3 below, this version -# number must be increased. -BOOTSTRAP_RPM_PYTHON3_LEGACY_VERSION=1 - -# Checks if rh-python36 can be installed. -Python36SclIsAvailable() { - InitializeRPMCommonBase >/dev/null 2>&1; - - if "${TOOL}" list rh-python36 >/dev/null 2>&1; then - return 0 - fi - if "${TOOL}" list centos-release-scl >/dev/null 2>&1; then - return 0 - fi - return 1 -} - # Try to enable rh-python36 from SCL if it is necessary and possible. EnablePython36SCL() { if "$EXISTS" python3.6 > /dev/null 2> /dev/null; then @@ -274,15 +121,7 @@ BootstrapRpmPython3Legacy() { error "Enable the SCL repository and try running Certbot again." exit 1 fi - if [ "${ASSUME_YES}" = 1 ]; then - /bin/echo -n "Enabling the SCL repository in 3 seconds... (Press Ctrl-C to cancel)" - sleep 1s - /bin/echo -ne "\e[0K\rEnabling the SCL repository in 2 seconds... (Press Ctrl-C to cancel)" - sleep 1s - /bin/echo -e "\e[0K\rEnabling the SCL repository in 1 second... (Press Ctrl-C to cancel)" - sleep 1s - fi - if ! "${TOOL}" install "${YES_FLAG}" "${QUIET_FLAG}" centos-release-scl; then + if ! "${TOOL}" install -y centos-release-scl; then error "Could not enable SCL. Aborting bootstrap!" exit 1 fi @@ -305,10 +144,6 @@ BootstrapRpmPython3Legacy() { EnablePython36SCL } -# If new packages are installed by BootstrapRpmPython3 below, this version -# number must be increased. -BOOTSTRAP_RPM_PYTHON3_VERSION=1 - BootstrapRpmPython3() { # Tested with: # - Fedora 29 @@ -332,74 +167,23 @@ BootstrapRpmPython3() { # Set Bootstrap to the function that installs OS dependencies on this system. if [ -f /etc/debian_version ]; then Bootstrap() { - BootstrapMessage "Debian-based OSes" BootstrapDebCommon } elif [ -f /etc/redhat-release ]; then - # Run DeterminePythonVersion to decide on the basis of available Python versions - # whether to use 2.x or 3.x on RedHat-like systems. - # Then, revert LE_PYTHON to its previous state. - prev_le_python="$LE_PYTHON" - unset LE_PYTHON - DeterminePythonVersion "NOCRASH" - - RPM_DIST_NAME=`(. /etc/os-release 2> /dev/null && echo $ID) || echo "unknown"` - - # Set RPM_DIST_VERSION to VERSION_ID from /etc/os-release after splitting on - # '.' characters (e.g. "8.0" becomes "8"). If the command exits with an - # error, RPM_DIST_VERSION is set to "unknown". - RPM_DIST_VERSION=$( (. /etc/os-release 2> /dev/null && echo "$VERSION_ID") | cut -d '.' -f1 || echo "unknown") - - # If RPM_DIST_VERSION is an empty string or it contains any nonnumeric - # characters, the value is unexpected so we set RPM_DIST_VERSION to 0. - if [ -z "$RPM_DIST_VERSION" ] || [ -n "$(echo "$RPM_DIST_VERSION" | tr -d '[0-9]')" ]; then - RPM_DIST_VERSION=0 - fi - # Handle legacy RPM distributions if [ "$PYVER" -eq 26 ]; then - # Check if an automated bootstrap can be achieved on this system. - if ! Python36SclIsAvailable; then - INTERACTIVE_BOOTSTRAP=1 - fi - Bootstrap() { - BootstrapMessage "Legacy RedHat-based OSes that will use Python3" BootstrapRpmPython3Legacy } - USE_PYTHON_3=1 - # Try now to enable SCL rh-python36 for systems already bootstrapped # NB: EnablePython36SCL has been defined along with BootstrapRpmPython3Legacy in certbot-auto EnablePython36SCL else - # Starting to Fedora 29, python2 is on a deprecation path. Let's move to python3 then. - # RHEL 8 also uses python3 by default. - if [ "$RPM_DIST_NAME" = "fedora" -a "$RPM_DIST_VERSION" -ge 29 ]; then - RPM_USE_PYTHON_3=1 - elif [ "$RPM_DIST_NAME" = "rhel" -a "$RPM_DIST_VERSION" -ge 8 ]; then - RPM_USE_PYTHON_3=1 - elif [ "$RPM_DIST_NAME" = "centos" -a "$RPM_DIST_VERSION" -ge 8 ]; then - RPM_USE_PYTHON_3=1 - else - RPM_USE_PYTHON_3=0 - fi - - if [ "$RPM_USE_PYTHON_3" = 1 ]; then - Bootstrap() { - BootstrapMessage "RedHat-based OSes that will use Python3" - BootstrapRpmPython3 - } - USE_PYTHON_3=1 - else - Bootstrap() { - BootstrapMessage "RedHat-based OSes" - BootstrapRpmCommon - } - fi + Bootstrap() { + BootstrapRpmPython3 + } fi - LE_PYTHON="$prev_le_python" fi Bootstrap From 93af46953593eae7cfcb02e91b818c28721e8c8e Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Tue, 11 Aug 2020 18:59:39 -0700 Subject: [PATCH 03/19] modify test_tests to use new script --- tests/letstest/scripts/bootstrap_os_packages.sh | 0 tests/letstest/scripts/test_tests.sh | 16 ++++++++++------ 2 files changed, 10 insertions(+), 6 deletions(-) mode change 100644 => 100755 tests/letstest/scripts/bootstrap_os_packages.sh diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh old mode 100644 new mode 100755 diff --git a/tests/letstest/scripts/test_tests.sh b/tests/letstest/scripts/test_tests.sh index fb86ce4cd..6d640e040 100755 --- a/tests/letstest/scripts/test_tests.sh +++ b/tests/letstest/scripts/test_tests.sh @@ -8,12 +8,17 @@ REPO_ROOT="letsencrypt" LE_AUTO="$REPO_ROOT/letsencrypt-auto-source/letsencrypt-auto" LE_AUTO="$LE_AUTO --debug --no-self-upgrade --non-interactive" MODULES="acme certbot certbot-apache certbot-nginx" -PIP_INSTALL="$REPO_ROOT/tools/pip_install.py" -VENV_NAME=venv +PIP_INSTALL="tools/pip_install.py" +VENV_NAME=venv3 +BOOTSTRAP_SCRIPT="$REPO_ROOT/tests/letstest/scripts/bootstrap_os_packages.sh" +VENV_SCRIPT="tools/venv3.py" -# *-auto respects VENV_PATH -$LE_AUTO --os-packages-only -LE_AUTO_SUDO="" VENV_PATH="$VENV_NAME" $LE_AUTO --no-bootstrap --version +sudo $BOOTSTRAP_SCRIPT + +cd $REPO_ROOT + + +$VENV_SCRIPT . $VENV_NAME/bin/activate "$PIP_INSTALL" pytest @@ -21,7 +26,6 @@ LE_AUTO_SUDO="" VENV_PATH="$VENV_NAME" $LE_AUTO --no-bootstrap --version # from the repo root. The directory structure should still # cause the installed packages to be tested while using # the tests available in the subdirectories. -cd $REPO_ROOT for module in $MODULES ; do echo testing $module From 4c8f662d8568b5476d212e484bd186e2e2d8c3f7 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 13:36:50 -0700 Subject: [PATCH 04/19] put python version checking in back in --- tests/letstest/scripts/bootstrap_os_packages.sh | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index a38e8a4ec..af0c8b44b 100755 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -8,14 +8,27 @@ error() { echo "$@" } +if command -v command > /dev/null 2>&1 ; then + export EXISTS="command -v" +elif which which > /dev/null 2>&1 ; then + export EXISTS="which" +else + error "Cannot find command nor which... please install one!" + exit 1 +fi + # Sets LE_PYTHON to Python version string and PYVER to the first two # digits of the python version. DeterminePythonVersion() { # If no Python is found, PYVER is set to 0. - for LE_PYTHON in "$LE_PYTHON" python3; do + for LE_PYTHON in python3 python2.7 python27 python2 python; do # Break (while keeping the LE_PYTHON value) if found. $EXISTS "$LE_PYTHON" > /dev/null && break done + if [ "$?" != "0" ]; then + PYVER=0 + return 0 + fi PYVER=$("$LE_PYTHON" -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') } @@ -170,6 +183,7 @@ if [ -f /etc/debian_version ]; then BootstrapDebCommon } elif [ -f /etc/redhat-release ]; then + DeterminePythonVersion # Handle legacy RPM distributions if [ "$PYVER" -eq 26 ]; then Bootstrap() { From 7b94ca2e9849345e49ff4005affea379c9a6dffc Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 13:51:55 -0700 Subject: [PATCH 05/19] add x --- .../letstest/scripts/bootstrap_os_packages.sh | 2 +- tests/letstest/scripts/test_apache2.sh | 13 +- tests/letstest/targets.yaml | 148 +++++++++--------- 3 files changed, 80 insertions(+), 83 deletions(-) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index af0c8b44b..85c581192 100755 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -2,7 +2,7 @@ # # Download and run the latest release version of the Certbot client. -set -e # Work even if somebody does "sh thisscript.sh". +set -ex # Work even if somebody does "sh thisscript.sh". error() { echo "$@" diff --git a/tests/letstest/scripts/test_apache2.sh b/tests/letstest/scripts/test_apache2.sh index 9c3b95a31..078b3f52c 100755 --- a/tests/letstest/scripts/test_apache2.sh +++ b/tests/letstest/scripts/test_apache2.sh @@ -40,18 +40,15 @@ fi cd letsencrypt echo "Bootstrapping dependencies..." -letsencrypt-auto-source/letsencrypt-auto --os-packages-only +sudo tests/letstest/scripts/bootstrap_os_packages.sh if [ $? -ne 0 ] ; then exit 1 fi -# This script sets the environment variables PYTHON_NAME, VENV_PATH, and -# VENV_SCRIPT based on the version of Python available on the system. For -# instance, Fedora uses Python 3 and Python 2 is not installed. . tests/letstest/scripts/set_python_envvars.sh -"$VENV_SCRIPT" -e acme[dev] -e certbot[dev,docs] -e certbot-apache -sudo "$VENV_PATH/bin/certbot" -v --debug --text --agree-tos \ +tools/venv3.py -e acme[dev] -e certbot[dev,docs] -e certbot-apache +sudo "venv3/bin/certbot" -v --debug --text --agree-tos \ --renew-by-default --redirect --register-unsafely-without-email \ --domain $PUBLIC_HOSTNAME --server $BOULDER_URL if [ $? -ne 0 ] ; then @@ -68,7 +65,7 @@ elif [ "$OS_TYPE" = "centos" ]; then fi OPENSSL_VERSION=$(strings "$MOD_SSL_LOCATION" | egrep -o -m1 '^OpenSSL ([0-9]\.[^ ]+) ' | tail -c +9) APACHE_VERSION=$(sudo $APACHE_NAME -v | egrep -o 'Apache/([0-9]\.[^ ]+)' | tail -c +8) -"$PYTHON_NAME" tests/letstest/scripts/test_openssl_version.py "$OPENSSL_VERSION" "$APACHE_VERSION" +"venv3/bin/python" tests/letstest/scripts/test_openssl_version.py "$OPENSSL_VERSION" "$APACHE_VERSION" if [ $? -ne 0 ] ; then FAIL=1 fi @@ -76,7 +73,7 @@ fi if [ "$OS_TYPE" = "ubuntu" ] ; then export SERVER="$BOULDER_URL" - "$VENV_PATH/bin/tox" -e apacheconftest + "$venv3/bin/tox" -e apacheconftest else echo Not running hackish apache tests on $OS_TYPE fi diff --git a/tests/letstest/targets.yaml b/tests/letstest/targets.yaml index 9daba3910..ab7150ac5 100644 --- a/tests/letstest/targets.yaml +++ b/tests/letstest/targets.yaml @@ -2,75 +2,75 @@ targets: #----------------------------------------------------------------------------- - #Ubuntu - - ami: ami-0545f7036167eb3aa - name: ubuntu19.10 - type: ubuntu - virt: hvm - user: ubuntu - - ami: ami-095192256fe1477ad - name: ubuntu18.04LTS - type: ubuntu - virt: hvm - user: ubuntu - - ami: ami-09677e0a6b14905b0 - name: ubuntu16.04LTS - type: ubuntu - virt: hvm - user: ubuntu - #----------------------------------------------------------------------------- - # Debian - - ami: ami-01db78123b2b99496 - name: debian10 - type: ubuntu - virt: hvm - user: admin - - ami: ami-003f19e0e687de1cd - name: debian9 - type: ubuntu - virt: hvm - user: admin - - ami: ami-0ed54dd1b25657636 - name: debian9_arm64 - type: ubuntu - virt: hvm - user: admin - machine_type: a1.medium - # userdata: | - # #cloud-init - # runcmd: - # - [ apt-get, install, -y, curl ] - #----------------------------------------------------------------------------- - # Other Redhat Distros - - ami: ami-0916c408cb02e310b - name: RHEL7 - type: centos - virt: hvm - user: ec2-user - - ami: ami-0c322300a1dd5dc79 - name: RHEL8 - type: centos - virt: hvm - user: ec2-user - - ami: ami-0fcbe88944a53b4c8 - name: fedora31 - type: centos - virt: hvm - user: fedora - - ami: ami-00bbc6858140f19ed - name: fedora30 - type: centos - virt: hvm - user: fedora - #----------------------------------------------------------------------------- - # CentOS - # These Marketplace AMIs must, irritatingly, have their terms manually - # agreed to on the AWS marketplace site for any new AWS account using them... - - ami: ami-9887c6e7 - name: centos7 - type: centos - virt: hvm - user: centos + # #Ubuntu + # - ami: ami-0545f7036167eb3aa + # name: ubuntu19.10 + # type: ubuntu + # virt: hvm + # user: ubuntu + # - ami: ami-095192256fe1477ad + # name: ubuntu18.04LTS + # type: ubuntu + # virt: hvm + # user: ubuntu + # - ami: ami-09677e0a6b14905b0 + # name: ubuntu16.04LTS + # type: ubuntu + # virt: hvm + # user: ubuntu + # #----------------------------------------------------------------------------- + # # Debian + # - ami: ami-01db78123b2b99496 + # name: debian10 + # type: ubuntu + # virt: hvm + # user: admin + # - ami: ami-003f19e0e687de1cd + # name: debian9 + # type: ubuntu + # virt: hvm + # user: admin + # - ami: ami-0ed54dd1b25657636 + # name: debian9_arm64 + # type: ubuntu + # virt: hvm + # user: admin + # machine_type: a1.medium + # # userdata: | + # # #cloud-init + # # runcmd: + # # - [ apt-get, install, -y, curl ] + # #----------------------------------------------------------------------------- + # # Other Redhat Distros + # - ami: ami-0916c408cb02e310b + # name: RHEL7 + # type: centos + # virt: hvm + # user: ec2-user + # - ami: ami-0c322300a1dd5dc79 + # name: RHEL8 + # type: centos + # virt: hvm + # user: ec2-user + # - ami: ami-0fcbe88944a53b4c8 + # name: fedora31 + # type: centos + # virt: hvm + # user: fedora + # - ami: ami-00bbc6858140f19ed + # name: fedora30 + # type: centos + # virt: hvm + # user: fedora + # #----------------------------------------------------------------------------- + # # CentOS + # # These Marketplace AMIs must, irritatingly, have their terms manually + # # agreed to on the AWS marketplace site for any new AWS account using them... + # - ami: ami-9887c6e7 + # name: centos7 + # type: centos + # virt: hvm + # user: centos # centos6 requires EPEL repo added - ami: ami-1585c46a name: centos6 @@ -82,8 +82,8 @@ targets: runcmd: - yum install -y epel-release - iptables -F - - ami: ami-01ca03df4a6012157 - name: centos8 - type: centos - virt: hvm - user: centos + # - ami: ami-01ca03df4a6012157 + # name: centos8 + # type: centos + # virt: hvm + # user: centos From 799ecba8f95b64387f997744ae8e90a89cedd0f2 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 14:00:16 -0700 Subject: [PATCH 06/19] call the venv creation from inside the bootstrap --- tests/letstest/scripts/bootstrap_os_packages.sh | 3 +++ tests/letstest/scripts/test_tests.sh | 5 +---- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index 85c581192..9e827913c 100755 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -201,3 +201,6 @@ elif [ -f /etc/redhat-release ]; then fi Bootstrap + +cd $1 +$2 diff --git a/tests/letstest/scripts/test_tests.sh b/tests/letstest/scripts/test_tests.sh index 6d640e040..3be9e8ace 100755 --- a/tests/letstest/scripts/test_tests.sh +++ b/tests/letstest/scripts/test_tests.sh @@ -13,12 +13,9 @@ VENV_NAME=venv3 BOOTSTRAP_SCRIPT="$REPO_ROOT/tests/letstest/scripts/bootstrap_os_packages.sh" VENV_SCRIPT="tools/venv3.py" -sudo $BOOTSTRAP_SCRIPT +sudo $BOOTSTRAP_SCRIPT $REPO_ROOT $VENV_SCRIPT cd $REPO_ROOT - - -$VENV_SCRIPT . $VENV_NAME/bin/activate "$PIP_INSTALL" pytest From efac74bdadcbb96e5f59e6e7d65cbcb543ab77a3 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 14:25:39 -0700 Subject: [PATCH 07/19] add targets back --- tests/letstest/targets.yaml | 138 ++++++++++++++++++------------------ 1 file changed, 69 insertions(+), 69 deletions(-) diff --git a/tests/letstest/targets.yaml b/tests/letstest/targets.yaml index ab7150ac5..325e15ef5 100644 --- a/tests/letstest/targets.yaml +++ b/tests/letstest/targets.yaml @@ -2,75 +2,75 @@ targets: #----------------------------------------------------------------------------- - # #Ubuntu - # - ami: ami-0545f7036167eb3aa - # name: ubuntu19.10 - # type: ubuntu - # virt: hvm - # user: ubuntu - # - ami: ami-095192256fe1477ad - # name: ubuntu18.04LTS - # type: ubuntu - # virt: hvm - # user: ubuntu - # - ami: ami-09677e0a6b14905b0 - # name: ubuntu16.04LTS - # type: ubuntu - # virt: hvm - # user: ubuntu - # #----------------------------------------------------------------------------- - # # Debian - # - ami: ami-01db78123b2b99496 - # name: debian10 - # type: ubuntu - # virt: hvm - # user: admin - # - ami: ami-003f19e0e687de1cd - # name: debian9 - # type: ubuntu - # virt: hvm - # user: admin - # - ami: ami-0ed54dd1b25657636 - # name: debian9_arm64 - # type: ubuntu - # virt: hvm - # user: admin - # machine_type: a1.medium - # # userdata: | - # # #cloud-init - # # runcmd: - # # - [ apt-get, install, -y, curl ] - # #----------------------------------------------------------------------------- - # # Other Redhat Distros - # - ami: ami-0916c408cb02e310b - # name: RHEL7 - # type: centos - # virt: hvm - # user: ec2-user - # - ami: ami-0c322300a1dd5dc79 - # name: RHEL8 - # type: centos - # virt: hvm - # user: ec2-user - # - ami: ami-0fcbe88944a53b4c8 - # name: fedora31 - # type: centos - # virt: hvm - # user: fedora - # - ami: ami-00bbc6858140f19ed - # name: fedora30 - # type: centos - # virt: hvm - # user: fedora - # #----------------------------------------------------------------------------- - # # CentOS - # # These Marketplace AMIs must, irritatingly, have their terms manually - # # agreed to on the AWS marketplace site for any new AWS account using them... - # - ami: ami-9887c6e7 - # name: centos7 - # type: centos - # virt: hvm - # user: centos + #Ubuntu + - ami: ami-0545f7036167eb3aa + name: ubuntu19.10 + type: ubuntu + virt: hvm + user: ubuntu + - ami: ami-095192256fe1477ad + name: ubuntu18.04LTS + type: ubuntu + virt: hvm + user: ubuntu + - ami: ami-09677e0a6b14905b0 + name: ubuntu16.04LTS + type: ubuntu + virt: hvm + user: ubuntu + #----------------------------------------------------------------------------- + # Debian + - ami: ami-01db78123b2b99496 + name: debian10 + type: ubuntu + virt: hvm + user: admin + - ami: ami-003f19e0e687de1cd + name: debian9 + type: ubuntu + virt: hvm + user: admin + - ami: ami-0ed54dd1b25657636 + name: debian9_arm64 + type: ubuntu + virt: hvm + user: admin + machine_type: a1.medium + # userdata: | + # #cloud-init + # runcmd: + # - [ apt-get, install, -y, curl ] + #----------------------------------------------------------------------------- + # Other Redhat Distros + - ami: ami-0916c408cb02e310b + name: RHEL7 + type: centos + virt: hvm + user: ec2-user + - ami: ami-0c322300a1dd5dc79 + name: RHEL8 + type: centos + virt: hvm + user: ec2-user + - ami: ami-0fcbe88944a53b4c8 + name: fedora31 + type: centos + virt: hvm + user: fedora + - ami: ami-00bbc6858140f19ed + name: fedora30 + type: centos + virt: hvm + user: fedora + #----------------------------------------------------------------------------- + # CentOS + # These Marketplace AMIs must, irritatingly, have their terms manually + # agreed to on the AWS marketplace site for any new AWS account using them... + - ami: ami-9887c6e7 + name: centos7 + type: centos + virt: hvm + user: centos # centos6 requires EPEL repo added - ami: ami-1585c46a name: centos6 From 1dfc73150a6c1e5d50fb0cc079a5faa25d33c35e Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 14:25:55 -0700 Subject: [PATCH 08/19] modify test_apache2 to use new format --- tests/letstest/scripts/bootstrap_os_packages.sh | 1 + tests/letstest/scripts/test_apache2.sh | 5 +---- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index 9e827913c..3adc2810c 100755 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -46,6 +46,7 @@ BootstrapDebCommon() { openssl \ libffi-dev \ ca-certificates \ + make # needed on debian 9 arm64 which doesn't have a python3 pynacl wheel } diff --git a/tests/letstest/scripts/test_apache2.sh b/tests/letstest/scripts/test_apache2.sh index 078b3f52c..82c7fe1f2 100755 --- a/tests/letstest/scripts/test_apache2.sh +++ b/tests/letstest/scripts/test_apache2.sh @@ -40,14 +40,11 @@ fi cd letsencrypt echo "Bootstrapping dependencies..." -sudo tests/letstest/scripts/bootstrap_os_packages.sh +sudo tests/letstest/scripts/bootstrap_os_packages.sh . "tools/venv3.py -e acme[dev] -e certbot[dev,docs] -e certbot-apache" if [ $? -ne 0 ] ; then exit 1 fi -. tests/letstest/scripts/set_python_envvars.sh - -tools/venv3.py -e acme[dev] -e certbot[dev,docs] -e certbot-apache sudo "venv3/bin/certbot" -v --debug --text --agree-tos \ --renew-by-default --redirect --register-unsafely-without-email \ --domain $PUBLIC_HOSTNAME --server $BOULDER_URL From cac8fa4eedb6f9e174f4238c10ec90f014872ba3 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 17:29:44 -0700 Subject: [PATCH 09/19] shouldn't need virtualenv on rhel --- tests/letstest/scripts/bootstrap_os_packages.sh | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index 3adc2810c..d30027e40 100755 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -159,21 +159,11 @@ BootstrapRpmPython3Legacy() { } BootstrapRpmPython3() { - # Tested with: - # - Fedora 29 - InitializeRPMCommonBase - # Fedora 29 must use python3-virtualenv - if $TOOL list python3-virtualenv >/dev/null 2>&1; then - python_pkgs="python3 - python3-virtualenv - python3-devel - " - else - error "No supported Python package available to install. Aborting bootstrap!" - exit 1 - fi + python_pkgs="python3 + python3-devel + " BootstrapRpmCommonBase "$python_pkgs" } From 474f23d4021478e028ab668271e68ff89f75fb68 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 17:47:21 -0700 Subject: [PATCH 10/19] readd targets --- tests/letstest/targets.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/letstest/targets.yaml b/tests/letstest/targets.yaml index 325e15ef5..9daba3910 100644 --- a/tests/letstest/targets.yaml +++ b/tests/letstest/targets.yaml @@ -82,8 +82,8 @@ targets: runcmd: - yum install -y epel-release - iptables -F - # - ami: ami-01ca03df4a6012157 - # name: centos8 - # type: centos - # virt: hvm - # user: centos + - ami: ami-01ca03df4a6012157 + name: centos8 + type: centos + virt: hvm + user: centos From f880d917dde5ecce1e669e9a253639ba3cdc7174 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 17:56:21 -0700 Subject: [PATCH 11/19] Update test_sdists to use new script --- .../letstest/scripts/bootstrap_os_packages.sh | 4 +- tests/letstest/scripts/test_apache2.sh | 2 +- tests/letstest/scripts/test_sdists.sh | 39 ++++--------------- 3 files changed, 10 insertions(+), 35 deletions(-) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index d30027e40..20691a670 100755 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -193,5 +193,5 @@ fi Bootstrap -cd $1 -$2 +cd $1 # REPO_ROOT +$2 # Call the venv setup script here so we don't have to activate Python36SCL in the parent diff --git a/tests/letstest/scripts/test_apache2.sh b/tests/letstest/scripts/test_apache2.sh index 82c7fe1f2..c14d7d1b2 100755 --- a/tests/letstest/scripts/test_apache2.sh +++ b/tests/letstest/scripts/test_apache2.sh @@ -70,7 +70,7 @@ fi if [ "$OS_TYPE" = "ubuntu" ] ; then export SERVER="$BOULDER_URL" - "$venv3/bin/tox" -e apacheconftest + "venv3/bin/tox" -e apacheconftest else echo Not running hackish apache tests on $OS_TYPE fi diff --git a/tests/letstest/scripts/test_sdists.sh b/tests/letstest/scripts/test_sdists.sh index 338569e6d..53a783bb6 100755 --- a/tests/letstest/scripts/test_sdists.sh +++ b/tests/letstest/scripts/test_sdists.sh @@ -2,43 +2,18 @@ cd letsencrypt -# If we're on a RHEL 6 based system, we can be confident Python is already -# installed because the package manager is written in Python. -if command -v python && [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') -eq 26 ]; then - # RHEL/CentOS 6 will need a special treatment, so we need to detect that environment - RUN_RHEL6_TESTS=1 -fi +BOOTSTRAP_SCRIPT="tests/letstest/scripts/bootstrap_os_packages.sh" +VENV_PATH=venv3 -letsencrypt-auto-source/letsencrypt-auto --install-only -n --debug - -if [ "$RUN_RHEL6_TESTS" = 1 ]; then - # Enable the SCL Python 3.6 installed by letsencrypt-auto bootstrap - PATH="/opt/rh/rh-python36/root/usr/bin:$PATH" -fi - -PLUGINS="certbot-apache certbot-nginx" -PYTHON_MAJOR_VERSION=$(/opt/eff.org/certbot/venv/bin/python --version 2>&1 | cut -d" " -f 2 | cut -d. -f1) -TEMP_DIR=$(mktemp -d) - -if [ "$PYTHON_MAJOR_VERSION" = "3" ]; then - # Some distros like Fedora may only have an executable named python3 installed. - PYTHON_NAME="python3" - VENV_PATH="venv3" - VENV_SCRIPT="tools/venv3.py" -else - PYTHON_NAME="python" - VENV_SCRIPT="tools/venv.py" - VENV_PATH="venv" -fi - -VERSION=$("$PYTHON_NAME" letsencrypt-auto-source/version.py) - -# setup venv -CERTBOT_PIP_NO_BINARY=":all:" "$VENV_SCRIPT" --requirement letsencrypt-auto-source/pieces/dependency-requirements.txt +# bootstrap and setup venv +sudo $BOOTSTRAP_SCRIPT . "CERTBOT_PIP_NO_BINARY=:all: $VENV_SCRIPT --requirement letsencrypt-auto-source/pieces/dependency-requirements.txt" . "$VENV_PATH/bin/activate" # pytest is needed to run tests on some of our packages so we install a pinned version here. tools/pip_install.py pytest +PLUGINS="certbot-apache certbot-nginx" +TEMP_DIR=$(mktemp -d) + # build sdists for pkg_dir in acme certbot $PLUGINS; do cd $pkg_dir From af6c168789ef8a316d46ced87b9e4737a968f656 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 18:49:26 -0700 Subject: [PATCH 12/19] move setting up venv back out of script so it's not run with sudo --- tests/letstest/scripts/bootstrap_os_packages.sh | 3 --- tests/letstest/scripts/test_apache2.sh | 10 +++++++++- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index 20691a670..d123c5def 100755 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -192,6 +192,3 @@ elif [ -f /etc/redhat-release ]; then fi Bootstrap - -cd $1 # REPO_ROOT -$2 # Call the venv setup script here so we don't have to activate Python36SCL in the parent diff --git a/tests/letstest/scripts/test_apache2.sh b/tests/letstest/scripts/test_apache2.sh index c14d7d1b2..6b065b099 100755 --- a/tests/letstest/scripts/test_apache2.sh +++ b/tests/letstest/scripts/test_apache2.sh @@ -40,11 +40,19 @@ fi cd letsencrypt echo "Bootstrapping dependencies..." -sudo tests/letstest/scripts/bootstrap_os_packages.sh . "tools/venv3.py -e acme[dev] -e certbot[dev,docs] -e certbot-apache" +sudo tests/letstest/scripts/bootstrap_os_packages.sh if [ $? -ne 0 ] ; then exit 1 fi +if command -v python && [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') -eq 26 ]; then + # RHEL/CentOS 6 will need a special treatment, so we need to detect that environment + # Enable the SCL Python 3.6 installed by letsencrypt-auto bootstrap + PATH="/opt/rh/rh-python36/root/usr/bin:$PATH" +fi + +tools/venv3.py -e acme[dev] -e certbot[dev,docs] -e certbot-apache + sudo "venv3/bin/certbot" -v --debug --text --agree-tos \ --renew-by-default --redirect --register-unsafely-without-email \ --domain $PUBLIC_HOSTNAME --server $BOULDER_URL From c903bcec464e8976672a77af93697c2fa2183680 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 18:59:37 -0700 Subject: [PATCH 13/19] take venv3.py call out of bootstrap in all scripts --- tests/letstest/scripts/test_sdists.sh | 10 +++++++++- tests/letstest/scripts/test_tests.sh | 9 ++++++++- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/tests/letstest/scripts/test_sdists.sh b/tests/letstest/scripts/test_sdists.sh index 53a783bb6..55ff85d5a 100755 --- a/tests/letstest/scripts/test_sdists.sh +++ b/tests/letstest/scripts/test_sdists.sh @@ -6,7 +6,15 @@ BOOTSTRAP_SCRIPT="tests/letstest/scripts/bootstrap_os_packages.sh" VENV_PATH=venv3 # bootstrap and setup venv -sudo $BOOTSTRAP_SCRIPT . "CERTBOT_PIP_NO_BINARY=:all: $VENV_SCRIPT --requirement letsencrypt-auto-source/pieces/dependency-requirements.txt" +sudo $BOOTSTRAP_SCRIPT +CERTBOT_PIP_NO_BINARY=:all: tools/venv3.py --requirement letsencrypt-auto-source/pieces/dependency-requirements.txt + +if command -v python && [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') -eq 26 ]; then + # RHEL/CentOS 6 will need a special treatment, so we need to detect that environment + # Enable the SCL Python 3.6 installed by letsencrypt-auto bootstrap + PATH="/opt/rh/rh-python36/root/usr/bin:$PATH" +fi + . "$VENV_PATH/bin/activate" # pytest is needed to run tests on some of our packages so we install a pinned version here. tools/pip_install.py pytest diff --git a/tests/letstest/scripts/test_tests.sh b/tests/letstest/scripts/test_tests.sh index 3be9e8ace..f62584709 100755 --- a/tests/letstest/scripts/test_tests.sh +++ b/tests/letstest/scripts/test_tests.sh @@ -13,9 +13,16 @@ VENV_NAME=venv3 BOOTSTRAP_SCRIPT="$REPO_ROOT/tests/letstest/scripts/bootstrap_os_packages.sh" VENV_SCRIPT="tools/venv3.py" -sudo $BOOTSTRAP_SCRIPT $REPO_ROOT $VENV_SCRIPT +sudo $BOOTSTRAP_SCRIPT + +if command -v python && [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') -eq 26 ]; then + # RHEL/CentOS 6 will need a special treatment, so we need to detect that environment + # Enable the SCL Python 3.6 installed by letsencrypt-auto bootstrap + PATH="/opt/rh/rh-python36/root/usr/bin:$PATH" +fi cd $REPO_ROOT +$VENV_SCRIPT . $VENV_NAME/bin/activate "$PIP_INSTALL" pytest From ef8a3ae63c681dbb2b85f553a1c22a9487a57d9e Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 21:30:51 -0700 Subject: [PATCH 14/19] add additional python3-devel pkg name --- tests/letstest/scripts/bootstrap_os_packages.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index d123c5def..e3dfb28df 100755 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -163,6 +163,7 @@ BootstrapRpmPython3() { python_pkgs="python3 python3-devel + python3-devel.x86_64 " BootstrapRpmCommonBase "$python_pkgs" From 9e06e6571483da3385ab28f0cbda40608e7ed0c8 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Wed, 12 Aug 2020 21:38:00 -0700 Subject: [PATCH 15/19] fix test_sdists --- tests/letstest/scripts/test_sdists.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/letstest/scripts/test_sdists.sh b/tests/letstest/scripts/test_sdists.sh index 55ff85d5a..5c17556f5 100755 --- a/tests/letstest/scripts/test_sdists.sh +++ b/tests/letstest/scripts/test_sdists.sh @@ -7,7 +7,6 @@ VENV_PATH=venv3 # bootstrap and setup venv sudo $BOOTSTRAP_SCRIPT -CERTBOT_PIP_NO_BINARY=:all: tools/venv3.py --requirement letsencrypt-auto-source/pieces/dependency-requirements.txt if command -v python && [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') -eq 26 ]; then # RHEL/CentOS 6 will need a special treatment, so we need to detect that environment @@ -15,6 +14,7 @@ if command -v python && [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | se PATH="/opt/rh/rh-python36/root/usr/bin:$PATH" fi +CERTBOT_PIP_NO_BINARY=:all: tools/venv3.py --requirement letsencrypt-auto-source/pieces/dependency-requirements.txt . "$VENV_PATH/bin/activate" # pytest is needed to run tests on some of our packages so we install a pinned version here. tools/pip_install.py pytest @@ -32,6 +32,7 @@ for pkg_dir in acme certbot $PLUGINS; do cd - done +VERSION=$(python letsencrypt-auto-source/version.py) # test sdists cd $TEMP_DIR for pkg in acme certbot $PLUGINS; do From 3076b6eb7c89de8fb20ba7e57375cb5835fa6848 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Thu, 13 Aug 2020 12:42:48 -0700 Subject: [PATCH 16/19] enable additional rhel7 repos --- tests/letstest/targets.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/letstest/targets.yaml b/tests/letstest/targets.yaml index 9daba3910..481d0f0ef 100644 --- a/tests/letstest/targets.yaml +++ b/tests/letstest/targets.yaml @@ -47,6 +47,10 @@ targets: type: centos virt: hvm user: ec2-user + userdata: | + #cloud-config + runcmd: + - yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional - ami: ami-0c322300a1dd5dc79 name: RHEL8 type: centos From f3fdf2f4a5d14b6a047352d5548cdc63c56efee0 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Thu, 13 Aug 2020 13:50:43 -0700 Subject: [PATCH 17/19] clean up code and comments --- .../letstest/scripts/bootstrap_os_packages.sh | 32 ++----------------- tests/letstest/scripts/test_sdists.sh | 3 +- 2 files changed, 4 insertions(+), 31 deletions(-) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index e3dfb28df..9b6bf4ceb 100755 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Download and run the latest release version of the Certbot client. +# Install OS dependencies for test farm tests. set -ex # Work even if somebody does "sh thisscript.sh". @@ -50,13 +50,7 @@ BootstrapDebCommon() { } -# If new packages are installed by BootstrapRpmCommonBase below, version -# numbers in rpm_common.sh and rpm_python3.sh must be increased. - # Sets TOOL to the name of the package manager -# Note: this function is called both while selecting the bootstrap scripts and -# during the actual bootstrap. Some things like prompting to user can be done in the latter -# case, but not in the former one. InitializeRPMCommonBase() { if type dnf 2>/dev/null then @@ -75,7 +69,7 @@ InitializeRPMCommonBase() { BootstrapRpmCommonBase() { # Arguments: whitespace-delimited python packages to install - InitializeRPMCommonBase # This call is superfluous in practice + InitializeRPMCommonBase pkgs=" gcc @@ -104,22 +98,6 @@ BootstrapRpmCommonBase() { fi } -# Try to enable rh-python36 from SCL if it is necessary and possible. -EnablePython36SCL() { - if "$EXISTS" python3.6 > /dev/null 2> /dev/null; then - return 0 - fi - if [ ! -f /opt/rh/rh-python36/enable ]; then - return 0 - fi - set +e - if ! . /opt/rh/rh-python36/enable; then - error 'Unable to enable rh-python36!' - exit 1 - fi - set -e -} - # This bootstrap concerns old RedHat-based distributions that do not ship by default # with Python 2.7, but only Python 2.6. We bootstrap them by enabling SCL and installing # Python 3.6. Some of these distributions are: CentOS/RHEL/OL/SL 6. @@ -153,9 +131,6 @@ BootstrapRpmPython3Legacy() { fi BootstrapRpmCommonBase "${python_pkgs}" - - # Enable SCL rh-python36 after bootstrapping. - EnablePython36SCL } BootstrapRpmPython3() { @@ -181,9 +156,6 @@ elif [ -f /etc/redhat-release ]; then Bootstrap() { BootstrapRpmPython3Legacy } - # Try now to enable SCL rh-python36 for systems already bootstrapped - # NB: EnablePython36SCL has been defined along with BootstrapRpmPython3Legacy in certbot-auto - EnablePython36SCL else Bootstrap() { BootstrapRpmPython3 diff --git a/tests/letstest/scripts/test_sdists.sh b/tests/letstest/scripts/test_sdists.sh index 5c17556f5..05afb63dc 100755 --- a/tests/letstest/scripts/test_sdists.sh +++ b/tests/letstest/scripts/test_sdists.sh @@ -5,7 +5,7 @@ cd letsencrypt BOOTSTRAP_SCRIPT="tests/letstest/scripts/bootstrap_os_packages.sh" VENV_PATH=venv3 -# bootstrap and setup venv +# install OS packages sudo $BOOTSTRAP_SCRIPT if command -v python && [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') -eq 26 ]; then @@ -14,6 +14,7 @@ if command -v python && [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | se PATH="/opt/rh/rh-python36/root/usr/bin:$PATH" fi +# setup venv CERTBOT_PIP_NO_BINARY=:all: tools/venv3.py --requirement letsencrypt-auto-source/pieces/dependency-requirements.txt . "$VENV_PATH/bin/activate" # pytest is needed to run tests on some of our packages so we install a pinned version here. From 2492d42483816da5a966c4d3e91ce8736252dfdd Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Thu, 13 Aug 2020 13:55:29 -0700 Subject: [PATCH 18/19] Update tests and instructions to use auto_targets.yaml with test_leauto_upgrades.sh and test_letsencrypt_auto_certonly_standalone.sh --- tools/_release.sh | 4 ++-- tox.ini | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/_release.sh b/tools/_release.sh index 7e483905e..e17332f30 100755 --- a/tools/_release.sh +++ b/tools/_release.sh @@ -278,8 +278,8 @@ git commit -m "Add contents to certbot/CHANGELOG.md for next version" echo "New root: $root" echo "Test commands (in the letstest repo):" -echo 'python multitester.py targets.yaml $AWS_KEY $USERNAME scripts/test_leauto_upgrades.sh --alt_pip $YOUR_PIP_REPO --branch public-beta' -echo 'python multitester.py targets.yaml $AWK_KEY $USERNAME scripts/test_letsencrypt_auto_certonly_standalone.sh --branch candidate-0.1.1' +echo 'python multitester.py auto_targets.yaml $AWS_KEY $USERNAME scripts/test_leauto_upgrades.sh --alt_pip $YOUR_PIP_REPO --branch public-beta' +echo 'python multitester.py auto_targets.yaml $AWK_KEY $USERNAME scripts/test_letsencrypt_auto_certonly_standalone.sh --branch candidate-0.1.1' echo 'python multitester.py --saveinstances targets.yaml $AWS_KEY $USERNAME scripts/test_apache2.sh' echo "In order to upload packages run the following command:" echo twine upload "$root/dist.$version/*/*" diff --git a/tox.ini b/tox.ini index c61379b94..0336a57df 100644 --- a/tox.ini +++ b/tox.ini @@ -290,14 +290,14 @@ setenv = {[testenv:test-farm-tests-base]setenv} [testenv:test-farm-leauto-upgrades] changedir = {[testenv:test-farm-tests-base]changedir} -commands = python multitester.py targets.yaml {env:AWS_EC2_PEM_FILE} SET_BY_ENV scripts/test_leauto_upgrades.sh --repo {toxinidir} +commands = python multitester.py auto_targets.yaml {env:AWS_EC2_PEM_FILE} SET_BY_ENV scripts/test_leauto_upgrades.sh --repo {toxinidir} deps = {[testenv:test-farm-tests-base]deps} passenv = {[testenv:test-farm-tests-base]passenv} setenv = {[testenv:test-farm-tests-base]setenv} [testenv:test-farm-certonly-standalone] changedir = {[testenv:test-farm-tests-base]changedir} -commands = python multitester.py targets.yaml {env:AWS_EC2_PEM_FILE} SET_BY_ENV scripts/test_letsencrypt_auto_certonly_standalone.sh --repo {toxinidir} +commands = python multitester.py auto_targets.yaml {env:AWS_EC2_PEM_FILE} SET_BY_ENV scripts/test_letsencrypt_auto_certonly_standalone.sh --repo {toxinidir} deps = {[testenv:test-farm-tests-base]deps} passenv = {[testenv:test-farm-tests-base]passenv} setenv = {[testenv:test-farm-tests-base]setenv} From 92f38e0485ecf23cf9b69aa408bd6cb9a1304103 Mon Sep 17 00:00:00 2001 From: Erica Portnoy Date: Thu, 13 Aug 2020 14:34:55 -0700 Subject: [PATCH 19/19] only install python3-devel.x86_64 for rhel7 --- tests/letstest/scripts/bootstrap_os_packages.sh | 1 - tests/letstest/targets.yaml | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/letstest/scripts/bootstrap_os_packages.sh b/tests/letstest/scripts/bootstrap_os_packages.sh index 9b6bf4ceb..90e8216b5 100755 --- a/tests/letstest/scripts/bootstrap_os_packages.sh +++ b/tests/letstest/scripts/bootstrap_os_packages.sh @@ -138,7 +138,6 @@ BootstrapRpmPython3() { python_pkgs="python3 python3-devel - python3-devel.x86_64 " BootstrapRpmCommonBase "$python_pkgs" diff --git a/tests/letstest/targets.yaml b/tests/letstest/targets.yaml index 481d0f0ef..7e2d8ce2a 100644 --- a/tests/letstest/targets.yaml +++ b/tests/letstest/targets.yaml @@ -51,6 +51,7 @@ targets: #cloud-config runcmd: - yum-config-manager --enable rhui-REGION-rhel-server-extras rhui-REGION-rhel-server-optional + - yum install -y python3-devel.x86_64 - ami: ami-0c322300a1dd5dc79 name: RHEL8 type: centos