From b3342ebdfe2ab5e6ec8d142db1b949ba2ab4069e Mon Sep 17 00:00:00 2001
From: Adrien Ferrand <adrien.ferrand@eff.org>
Date: Fri, 4 Oct 2019 23:02:56 +0200
Subject: [PATCH] Add letsencrypt-auto tests for oraclelinux6

---
 .travis.yml                                   |  3 +
 ...{Dockerfile.centos6 => Dockerfile.redhat6} | 13 ++-
 .../tests/oraclelinux6_tests.sh               | 81 +++++++++++++++++++
 tox.ini                                       | 12 ++-
 4 files changed, 104 insertions(+), 5 deletions(-)
 rename letsencrypt-auto-source/{Dockerfile.centos6 => Dockerfile.redhat6} (71%)
 create mode 100644 letsencrypt-auto-source/tests/oraclelinux6_tests.sh

diff --git a/.travis.yml b/.travis.yml
index 4d4ea5f55..b3e26fc79 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -234,6 +234,9 @@ matrix:
     - sudo: required
       env: TOXENV=le_auto_centos6
       services: docker
+    - sudo: required
+      env: TOXENV=le_auto_oraclelinux6
+      services: docker
       <<: *extended-test-suite
     - sudo: required
       env: TOXENV=docker_dev
diff --git a/letsencrypt-auto-source/Dockerfile.centos6 b/letsencrypt-auto-source/Dockerfile.redhat6
similarity index 71%
rename from letsencrypt-auto-source/Dockerfile.centos6
rename to letsencrypt-auto-source/Dockerfile.redhat6
index fe77b12c1..b062422b6 100644
--- a/letsencrypt-auto-source/Dockerfile.centos6
+++ b/letsencrypt-auto-source/Dockerfile.redhat6
@@ -1,9 +1,13 @@
 # For running tests, build a docker image with a passwordless sudo and a trust
 # store we can manipulate.
 
-FROM centos:6
+ARG REDHAT_DIST_FLAVOR
+FROM ${REDHAT_DIST_FLAVOR}:6
 
-RUN yum install -y epel-release
+ARG REDHAT_DIST_FLAVOR
+
+RUN curl -O https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm \
+ && rpm -ivh epel-release-latest-6.noarch.rpm
 
 # Install pip and sudo:
 RUN yum install -y python-pip sudo
@@ -35,9 +39,10 @@ RUN curl https://raw.githubusercontent.com/certbot/certbot/v0.38.0/letsencrypt-a
     -o /home/lea/certbot/letsencrypt-auto-source/letsencrypt-auto_py_34 \
  && chmod +x /home/lea/certbot/letsencrypt-auto-source/letsencrypt-auto_py_34
 
-RUN chmod +x /home/lea/certbot/letsencrypt-auto-source/tests/centos6_tests.sh
+RUN cp /home/lea/certbot/letsencrypt-auto-source/tests/${REDHAT_DIST_FLAVOR/\/sl/}6_tests.sh /home/lea/certbot/letsencrypt-auto-source/tests/redhat6_tests.sh \
+ && chmod +x /home/lea/certbot/letsencrypt-auto-source/tests/redhat6_tests.sh
 
 USER lea
 WORKDIR /home/lea
 
-CMD ["sudo", "certbot/letsencrypt-auto-source/tests/centos6_tests.sh"]
+CMD ["sudo", "certbot/letsencrypt-auto-source/tests/redhat6_tests.sh"]
diff --git a/letsencrypt-auto-source/tests/oraclelinux6_tests.sh b/letsencrypt-auto-source/tests/oraclelinux6_tests.sh
new file mode 100644
index 000000000..2f5b69d86
--- /dev/null
+++ b/letsencrypt-auto-source/tests/oraclelinux6_tests.sh
@@ -0,0 +1,81 @@
+#!/bin/bash
+# Start by making sure your system is up-to-date:
+yum update -y >/dev/null
+
+LE_AUTO_PY_34="certbot/letsencrypt-auto-source/letsencrypt-auto_py_34"
+LE_AUTO="certbot/letsencrypt-auto-source/letsencrypt-auto"
+
+# Last version of certbot-auto that was bootstraping Python 3.4 for CentOS 6 users
+INITIAL_CERTBOT_VERSION_PY34="certbot 0.38.0"
+
+# Check bootstrap from current letsencrypt-auto will fail, because SCL is not enabled.
+if ! "$LE_AUTO" 2>&1 | grep -q "Enable the SCL repository and try running Certbot again."; then
+  echo "ERROR: bootstrap was not aborted although SCL was not installed!"
+  exit 1
+fi
+
+echo "PASSED: bootstrap was aborted since SCL was not installed."
+
+# Bootstrap from the old letsencrypt-auto, Python 3.4 will be installed from EPEL.
+"$LE_AUTO_PY_34" --no-self-upgrade -n >/dev/null 2>/dev/null
+
+# Ensure Python 3.4 is installed
+python3.4 --version >/dev/null 2>/dev/null
+RESULT=$?
+if [ $RESULT -ne 0 ]; then
+  echo "ERROR: old letsencrypt-auto failed to install Python3.4 using letsencrypt-auto < 0.37.0 when only Python2.6 is present."
+  exit 1
+fi
+
+echo "PASSED: bootstrap from old letsencrypt-auto succeeded and installed Python 3.4"
+
+# Expect letsencrypt-auto to just fail to rebootstrap and start certbot in interactive
+# shell since SCL is not installed.
+if ! "$LE_AUTO" --version 2>&1 | grep -q "Enable the SCL repository and try running Certbot again."; then
+  echo "FAILED: Script letsencrypt-auto managed to start Certbot in interactive shell while SCL is not enabled!"
+  exit 1
+fi
+
+echo "PASSED: Script letsencrypt-auto did not rebootstrap and did not star Certbot."
+
+# Expect letsencrypt-auto to not update certbot, but start it anyway in non-interactive
+# shell since SCL is not installed.
+# NB: Readline has an issue on all Python versions for CentOS 6, making `certbot --version`
+# output an unprintable ASCII character on a new line at the end.
+# So we take the second last line of the output.
+version=$($LE_AUTO --version 2>/dev/null | tail -2 | head -1)
+
+if [ -z "$version" ]; then
+  echo "ERROR: Script letsencrypt-auto failed to start certbot in a non-interactive shell while SCL was not enabled."
+  exit 1
+fi
+
+if [ "$version" != "$INITIAL_CERTBOT_VERSION_PY34" ]; then
+  echo "ERROR: Script letsencrypt-auto upgraded certbot in a non-interactive shell while SCL was not enabled."
+  exit 1
+fi
+
+echo "PASSED: Script letsencrypt-auto did not upgraded certbot but started it successfully while SCL was not enabled."
+
+# Enable SCL
+yum install -y oracle-softwarecollection-release-el6 >/dev/null
+
+# Following test is exectued in a subshell, to not leak any environment variable
+(
+  export VENV_PATH=$(mktemp -d)
+
+  # Expect letsencrypt-auto to bootstrap successfully since SCL is available
+  "$LE_AUTO" -n >/dev/null 2>/dev/null
+
+  if [ "$($VENV_PATH/bin/python -V 2>&1 | cut -d" " -f2 | cut -d. -f1-2)" != "3.6" ]; then
+    echo "ERROR: Script letsencrypt-auto failed to bootstrap and install Python 3.6 while SCL is available."
+    exit 1
+  fi
+
+  if ! $VENV_PATH/bin/certbot --version > /dev/null 2> /dev/null; then
+    echo "ERROR: Script letsencrypt-auto did not install certbot correctly while SCL is enabled."
+    exit 1
+  fi
+)
+
+echo "PASSED: Script letsencrypt-auto correctly bootstraped Certbot using rh-python36 when SCL is available."
\ No newline at end of file
diff --git a/tox.ini b/tox.ini
index 763f786fa..68ba91555 100644
--- a/tox.ini
+++ b/tox.ini
@@ -206,7 +206,17 @@ passenv = DOCKER_*
 # At the moment, this tests under Python 2.6 only, as only that version is
 # readily available on the CentOS 6 Docker image.
 commands =
-    docker build -f letsencrypt-auto-source/Dockerfile.centos6 -t lea letsencrypt-auto-source
+    docker build -f letsencrypt-auto-source/Dockerfile.redhat6 --build-arg REDHAT_DIST_FLAVOR=centos -t lea letsencrypt-auto-source
+    docker run --rm -t -i lea
+whitelist_externals =
+    docker
+passenv = DOCKER_*
+
+[testenv:le_auto_oraclelinux6]
+# At the moment, this tests under Python 2.6 only, as only that version is
+# readily available on the CentOS 6 Docker image.
+commands =
+    docker build -f letsencrypt-auto-source/Dockerfile.redhat6 --build-arg REDHAT_DIST_FLAVOR=oraclelinux -t lea letsencrypt-auto-source
     docker run --rm -t -i lea
 whitelist_externals =
     docker