From c54f154ea61cc5ada3cc8d1497da676a125d7be9 Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Thu, 25 Jun 2015 18:12:45 -0700 Subject: [PATCH 1/3] Try to renew certs before trying to deploy them --- letsencrypt/renewer.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/letsencrypt/renewer.py b/letsencrypt/renewer.py index d2c0b8e7d..3c6fbc971 100644 --- a/letsencrypt/renewer.py +++ b/letsencrypt/renewer.py @@ -166,11 +166,6 @@ def main(config=None, args=sys.argv[1:]): # user about the existence of an invalid or corrupt renewal # config rather than simply ignoring it. continue - if cert.should_autodeploy(): - cert.update_all_links_to(cert.latest_common_version()) - # TODO: restart web server (invoke IInstaller.restart() method) - notify.notify("Autodeployed a cert!!!", "root", "It worked!") - # TODO: explain what happened if cert.should_autorenew(): # Note: not cert.current_version() because the basis for # the renewal is the latest version, even if it hasn't been @@ -179,3 +174,8 @@ def main(config=None, args=sys.argv[1:]): renew(cert, old_version) notify.notify("Autorenewed a cert!!!", "root", "It worked!") # TODO: explain what happened + if cert.should_autodeploy(): + cert.update_all_links_to(cert.latest_common_version()) + # TODO: restart web server (invoke IInstaller.restart() method) + notify.notify("Autodeployed a cert!!!", "root", "It worked!") + # TODO: explain what happened From fbb0058bcd855a6cca687e9a6cacf79097d3fd98 Mon Sep 17 00:00:00 2001 From: Seth Schoen Date: Thu, 25 Jun 2015 18:15:59 -0700 Subject: [PATCH 2/3] Enable renewer test that was failing --- tests/boulder-integration.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/boulder-integration.sh b/tests/boulder-integration.sh index c3cc49c70..655d7f476 100755 --- a/tests/boulder-integration.sh +++ b/tests/boulder-integration.sh @@ -43,5 +43,5 @@ for x in cert chain fullchain privkey; do latest="$(ls -1t $dir/ | grep -e "^${x}" | head -n1)" live="$(readlink -f "$root/conf/live/le.wtf/${x}.pem")" - #[ "${dir}/${latest}" = "$live" ] # renewer fails this test + [ "${dir}/${latest}" = "$live" ] done From 3383dedbcfc48d839900fbef5455361760936967 Mon Sep 17 00:00:00 2001 From: Jakub Warmuz Date: Fri, 26 Jun 2015 07:20:01 +0000 Subject: [PATCH 3/3] boulder-integration.sh: SERVER env variable Blocks https://github.com/letsencrypt/boulder/pull/416 --- tests/boulder-integration.sh | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tests/boulder-integration.sh b/tests/boulder-integration.sh index 32255039b..75fa76f6e 100755 --- a/tests/boulder-integration.sh +++ b/tests/boulder-integration.sh @@ -1,7 +1,14 @@ #!/bin/sh -xe -# Simple integration test, make sure to activate virtualenv beforehand +# Simple integration test. Make sure to activate virtualenv beforehand # (source venv/bin/activate) and that you are running Boulder test # instance (see ./boulder-start.sh). +# +# Environment variables: +# SERVER: Passed as "letsencrypt --server" argument. Boulder +# monolithic defaults to :4000, AMQP defaults to :4300. This +# script defaults to monolithic. +# +# Note: this script is called by Boulder integration test suite! root="$(mktemp -d)" echo "\nRoot integration tests directory: $root" @@ -11,7 +18,7 @@ store_flags="$store_flags --logs-dir $root/logs" common() { # first three flags required, rest is handy defaults letsencrypt \ - --server http://localhost:4000/acme/new-reg \ + --server "${SERVER:-http://localhost:4000/acme/new-reg}" \ --no-verify-ssl \ --dvsni-port 5001 \ $store_flags \