Merge branch 'master' into candidate-0.34.2

2026-06-04 22:33:00 -04:00 · 2019-05-07 14:51:17 -07:00 · 2019-05-07 14:51:17 -07:00 · 60bf8edc79
commit 60bf8edc79
parent ccedde088d a754a90940
5 changed files with 26 additions and 23 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -60,12 +60,7 @@ matrix:
      env: TOXENV=mypy
      <<: *not-on-master
    - python: "2.7"
-      env: TOXENV='py27-{acme,apache,certbot,nginx,postfix}-oldest'
-      sudo: required
-      services: docker
-      <<: *not-on-master
-    - python: "2.7"
-      env: TOXENV='py27-dns-oldest'
+      env: TOXENV='py27-{acme,apache,certbot,dns,nginx,postfix}-oldest'
      sudo: required
      services: docker
      <<: *not-on-master
--- a/certbot/compat/misc.py
+++ b/certbot/compat/misc.py
@ -31,7 +31,7 @@ def raise_for_non_administrative_windows_rights(subcommand):
    # Because windll exists only on a Windows runtime, and static code analysis engines
    # do not like at all non existent objects when run from Linux (even if we handle properly
    # all the cases in the code).
-    # So we access windll only by reflection to trick theses engines.
+    # So we access windll only by reflection to trick these engines.
    if hasattr(ctypes, 'windll') and subcommand not in UNPRIVILEGED_SUBCOMMANDS_ALLOWED:
        windll = getattr(ctypes, 'windll')
        if windll.shell32.IsUserAnAdmin() == 0:
@ -73,7 +73,7 @@ def os_rename(src, dst):
            raise
        if not hasattr(os, 'replace'):  # pragma: no cover
            # We should never go on this line. Either we are on Linux and os.rename has succeeded,
-            # either we are on Windows, and only Python >= 3.4 is supported where os.replace is
+            # or we are on Windows, and only Python >= 3.4 is supported where os.replace is
            # available.
            raise RuntimeError('Error: tried to run os_rename on Python < 3.3. '
                               'Certbot supports only Python 3.4 >= on Windows.')
--- a/certbot/compat/os.py
+++ b/certbot/compat/os.py
@ -1,6 +1,6 @@
 """
 This compat modules is a wrapper of the core os module that forbids usage of specific operations
-(eg. chown, chmod, getuid) that would be harmful to the Windows file security model of Certbot.
+(e.g. chown, chmod, getuid) that would be harmful to the Windows file security model of Certbot.
 This module is intended to replace standard os module throughout certbot projects (except acme).
 """
 from __future__ import absolute_import
--- a/tests/letstest/scripts/test_leauto_upgrades.sh
+++ b/tests/letstest/scripts/test_leauto_upgrades.sh
@ -15,8 +15,17 @@ if ! command -v git ; then
        exit 1
    fi
 fi
-# 0.33.x is the oldest version of letsencrypt-auto that works on Fedora 29+.
-INITIAL_VERSION="0.33.1"
+# If we're on a RHEL 6 based system, we can be confident Python is already
+# installed because the package manager is written in Python.
+if command -v python && [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') -eq 26 ]; then
+    # 0.20.0 is the latest version of letsencrypt-auto that doesn't install
+    # Python 3 on RHEL 6.
+    INITIAL_VERSION="0.20.0"
+    RUN_PYTHON3_TESTS=1
+else
+    # 0.33.x is the oldest version of letsencrypt-auto that works on Fedora 29+.
+    INITIAL_VERSION="0.33.1"
+fi
 git checkout -f "v$INITIAL_VERSION" letsencrypt-auto
 if ! ./letsencrypt-auto -v --debug --version --no-self-upgrade 2>&1 | tail -n1 | grep "^certbot $INITIAL_VERSION$" ; then
    echo initial installation appeared to fail
@ -63,8 +72,7 @@ iQIDAQAB
 -----END PUBLIC KEY-----
 "

-if [ $(python -V 2>&1 | cut -d" " -f 2 | cut -d. -f1,2 | sed 's/\.//') -eq 26 ]; then
-    RUN_PYTHON3_TESTS=1
+if [ "$RUN_PYTHON3_TESTS" = 1 ]; then
    if command -v python3; then
        echo "Didn't expect Python 3 to be installed!"
        exit 1
--- a/tools/pip_install.py
+++ b/tools/pip_install.py
@ -99,25 +99,25 @@ def main(args):
        else:
            # Otherwise, we merge requirements to build the constraints and pin dependencies
            requirements = None
-            reinstall = False
            if os.environ.get('CERTBOT_OLDEST') == '1':
                requirements = certbot_oldest_processing(tools_path, args, test_constraints)
-                # We need to --force-reinstall the tested distribution when using oldest
-                # requirements because of an error in these tests in particular situations
-                # described in https://github.com/certbot/certbot/issues/7014.
-                # However this slows down considerably the oldest tests (5 min -> 10 min),
-                # so we need to find a better mitigation in the future.
-                reinstall = True
            else:
                certbot_normal_processing(tools_path, test_constraints)

            merge_requirements(tools_path, requirements, test_constraints, all_constraints)
-            if requirements:
+            if requirements:  # This branch is executed during the oldest tests
+                # First step, install the transitive dependencies of oldest requirements
+                # in respect with oldest constraints.
                pip_install_with_print('--constraint "{0}" --requirement "{1}"'
                                       .format(all_constraints, requirements))
+                # Second step, ensure that oldest requirements themselves are effectively
+                # installed using --force-reinstall, and avoid corner cases like the one described
+                # in https://github.com/certbot/certbot/issues/7014.
+                pip_install_with_print('--force-reinstall --no-deps --requirement "{0}"'
+                                       .format(requirements))

-            pip_install_with_print('--constraint "{0}" {1} {2}'.format(
-                all_constraints, '--force-reinstall' if reinstall else '', ' '.join(args)))
+            pip_install_with_print('--constraint "{0}" {1}'.format(
+                all_constraints, ' '.join(args)))
    finally:
        if os.environ.get('TRAVIS'):
            print('travis_fold:end:install_certbot_deps')