Merge branch 'master' into poetry-pinning

certbot/certbot/_internal/cli/__init__.py

@@ -14,9 +14,6 @@ from certbot._internal.cli.cli_constants import COMMAND_OVERVIEW
 from certbot._internal.cli.cli_constants import DEPRECATED_OPTIONS
 from certbot._internal.cli.cli_constants import EXIT_ACTIONS
 from certbot._internal.cli.cli_constants import HELP_AND_VERSION_USAGE
-from certbot._internal.cli.cli_constants import LEAUTO
-from certbot._internal.cli.cli_constants import new_path_prefix
-from certbot._internal.cli.cli_constants import old_path_fragment
 from certbot._internal.cli.cli_constants import SHORT_USAGE
 from certbot._internal.cli.cli_constants import VAR_MODIFIERS
 from certbot._internal.cli.cli_constants import ZERO_ARG_ACTIONS

certbot/certbot/_internal/cli/cli_constants.py

@@ -1,29 +1,5 @@
 """Certbot command line constants"""
-import sys
-
-from certbot.compat import os
-
-# For help strings, figure out how the user ran us.
-# When invoked from letsencrypt-auto, sys.argv[0] is something like:
-# "/home/user/.local/share/certbot/bin/certbot"
-# Note that this won't work if the user set VENV_PATH or XDG_DATA_HOME before
-# running letsencrypt-auto (and sudo stops us from seeing if they did), so it
-# should only be used for purposes where inability to detect letsencrypt-auto
-# fails safely
-
-LEAUTO = "letsencrypt-auto"
-if "CERTBOT_AUTO" in os.environ:
-    # if we're here, this is probably going to be certbot-auto, unless the
-    # user saved the script under a different name
-    LEAUTO = os.path.basename(os.environ["CERTBOT_AUTO"])
-
-old_path_fragment = os.path.join(".local", "share", "letsencrypt")
-new_path_prefix = os.path.abspath(os.path.join(os.sep, "opt",
-                                               "eff.org", "certbot", "venv"))
-if old_path_fragment in sys.argv[0] or sys.argv[0].startswith(new_path_prefix):
-    cli_command = LEAUTO
-else:
-    cli_command = "certbot"
+cli_command = "certbot"
 
 
 # Argparse's help formatting has a lot of unhelpful peculiarities, so we want

certbot/certbot/_internal/plugins/selection.py

@@ -134,19 +134,10 @@ def choose_plugin(prepared, question):
     opts = [plugin_ep.description_with_name +
             (" [Misconfigured]" if plugin_ep.misconfigured else "")
             for plugin_ep in prepared]
-    names = set(plugin_ep.name for plugin_ep in prepared)
 
     while True:
         disp = z_util(interfaces.IDisplay)
-        if "CERTBOT_AUTO" in os.environ and names == {"apache", "nginx"}:
-            # The possibility of being offered exactly apache and nginx here
-            # is new interactivity brought by https://github.com/certbot/certbot/issues/4079,
-            # so set apache as a default for those kinds of non-interactive use
-            # (the user will get a warning to set --non-interactive or --force-interactive)
-            apache_idx = [n for n, p in enumerate(prepared) if p.name == "apache"][0]
-            code, index = disp.menu(question, opts, default=apache_idx)
-        else:
-            code, index = disp.menu(question, opts, force_interactive=True)
+        code, index = disp.menu(question, opts, force_interactive=True)
 
         if code == display_util.OK:
             plugin_ep = prepared[index]

certbot/docs/contributing.rst

@@ -222,8 +222,6 @@ certbot-apache and certbot-nginx
   client code to configure specific web servers
 certbot-dns-*
   client code to configure DNS providers
-certbot-auto and letsencrypt-auto
-  shell scripts to install Certbot and its dependencies on UNIX systems
 windows installer
   Installs Certbot on Windows and is built using the files in windows-installer/
 
@@ -548,53 +546,6 @@ Instructions for how to manually build and run the Certbot snap and the external
 snapped DNS plugins that the Certbot project supplies are located in the README
 file at https://github.com/certbot/certbot/tree/master/tools/snap.
 
-Updating certbot-auto and letsencrypt-auto
-==========================================
-
-.. note:: We are currently only accepting changes to certbot-auto that fix
-  regressions on platforms where certbot-auto is the recommended installation
-  method at https://certbot.eff.org/instructions. If you are unsure if a change
-  you want to make qualifies, don't hesitate to `ask for help`_!
-
-Updating the scripts
---------------------
-Developers should *not* modify the ``certbot-auto`` and ``letsencrypt-auto`` files
-in the root directory of the repository.  Rather, modify the
-``letsencrypt-auto.template`` and associated platform-specific shell scripts in
-the ``letsencrypt-auto-source`` and
-``letsencrypt-auto-source/pieces/bootstrappers`` directory, respectively.
-
-Building letsencrypt-auto-source/letsencrypt-auto
--------------------------------------------------
-Once changes to any of the aforementioned files have been made, the
-``letsencrypt-auto-source/letsencrypt-auto`` script should be updated.  In lieu of
-manually updating this script, run the build script, which lives at
-``letsencrypt-auto-source/build.py``:
-
-.. code-block:: shell
-
-   python letsencrypt-auto-source/build.py
-
-Running ``build.py`` will update the ``letsencrypt-auto-source/letsencrypt-auto``
-script.  Note that the ``certbot-auto`` and ``letsencrypt-auto`` scripts in the root
-directory of the repository will remain **unchanged** after this script is run.
-Your changes will be propagated to these files during the next release of
-Certbot.
-
-Opening a PR
-------------
-When opening a PR, ensure that the following files are committed:
-
-1. ``letsencrypt-auto-source/letsencrypt-auto.template`` and
-   ``letsencrypt-auto-source/pieces/bootstrappers/*``
-2. ``letsencrypt-auto-source/letsencrypt-auto`` (generated by ``build.py``)
-
-It might also be a good idea to double check that **no** changes were
-inadvertently made to the ``certbot-auto`` or ``letsencrypt-auto`` scripts in the
-root of the repository.  These scripts will be updated by the core developers
-during the next release.
-
-
 Updating the documentation
 ==========================
 

certbot/docs/install.rst

@@ -251,25 +251,6 @@ Certbot on UNIX operating systems, however, this script is no longer supported.
 If you want to uninstall ``certbot-auto``, you can follow our instructions
 :doc:`here <uninstall>`.
 
-Problems with Python virtual environment
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-When using ``certbot-auto`` on a low memory system such as VPS with less than
-512MB of RAM, the required dependencies of Certbot may fail to build.  This can
-be identified if the pip outputs contains something like ``internal compiler
-error: Killed (program cc1)``.  You can workaround this restriction by creating
-a temporary swapfile::
-
-  user@webserver:~$ sudo fallocate -l 1G /tmp/swapfile
-  user@webserver:~$ sudo chmod 600 /tmp/swapfile
-  user@webserver:~$ sudo mkswap /tmp/swapfile
-  user@webserver:~$ sudo swapon /tmp/swapfile
-
-Disable and remove the swapfile once the virtual environment is constructed::
-
-  user@webserver:~$ sudo swapoff /tmp/swapfile
-  user@webserver:~$ sudo rm /tmp/swapfile
-
 Pip
 ---
 

certbot/docs/using.rst

@@ -14,7 +14,7 @@ obtaining, renewing, or revoking certificates. The most important
 and commonly-used commands will be discussed throughout this
 document; an exhaustive list also appears near the end of the document.
 
-The ``certbot`` script on your web server might be named ``letsencrypt`` if your system uses an older package, or ``certbot-auto`` if you used an alternate installation method. Throughout the docs, whenever you see ``certbot``, swap in the correct name as needed.
+The ``certbot`` script on your web server might be named ``letsencrypt`` if your system uses an older package, or ``certbot-auto`` if you used a now-deprecated installation method. Throughout the docs, whenever you see ``certbot``, swap in the correct name as needed.
 
 .. _plugins:
 
@@ -420,7 +420,7 @@ option to control the curve used in ECDSA certificates.
 .. warning:: If you obtain certificates using ECDSA keys, you should be careful
    not to downgrade your Certbot installation since ECDSA keys are not
    supported by older versions of Certbot. Downgrades like this are possible if
-   you switch from something like the snaps or certbot-auto to packages
+   you switch from something like the snaps or pip to packages
    provided by your operating system which often lag behind.
 
 Changing existing certificates from RSA to ECDSA

certbot/tests/cli_test.py

@@ -166,7 +166,6 @@ class ParseTest(unittest.TestCase):
         self.assertTrue("--checkpoints" not in out)
 
         out = self._help_output(['-h'])
-        self.assertTrue("letsencrypt-auto" not in out)  # test cli.cli_command
         if "nginx" in PLUGINS:
             self.assertTrue("Use the Nginx plugin" in out)
         else:

certbot/tests/plugins/selection_test.py

@@ -155,26 +155,6 @@ class ChoosePluginTest(unittest.TestCase):
         mock_util().menu.return_value = (display_util.CANCEL, 0)
         self.assertTrue(self._call() is None)
 
-    @test_util.patch_get_utility("certbot._internal.plugins.selection.z_util")
-    def test_new_interaction_avoidance(self, mock_util):
-        mock_nginx = mock.Mock(
-            description_with_name="n", misconfigured=False)
-        mock_nginx.init().more_info.return_value = "nginx plugin"
-        mock_nginx.name = "nginx"
-        self.plugins[1] = mock_nginx
-        mock_util().menu.return_value = (display_util.CANCEL, 0)
-
-        unset_cb_auto = os.environ.get("CERTBOT_AUTO") is None
-        if unset_cb_auto:
-            os.environ["CERTBOT_AUTO"] = "foo"
-        try:
-            self._call()
-        finally:
-            if unset_cb_auto:
-                del os.environ["CERTBOT_AUTO"]
-
-        self.assertTrue("default" in mock_util().menu.call_args[1])
-
 
 class GetUnpreparedInstallerTest(test_util.ConfigTestCase):
     """Tests for certbot._internal.plugins.selection.get_unprepared_installer."""

tests/letstest/multitester.py

@@ -496,12 +496,17 @@ def main():
         outputs = [outq for outq in iter(outqueue.get, SENTINEL)]
         outputs.sort(key=lambda x: x[0])
         failed = False
+        results_msg = ""
         for outq in outputs:
             ii, target, status = outq
             if status == Status.FAIL:
                 failed = True
-            print('%d %s %s'%(ii, target['name'], status))
+                with open(log_dir+'/'+'%d_%s.log'%(ii,target['name']), 'r') as f:
+                    print(target['name'] + " test failed. Test log:")
+                    print(f.read())
+            results_msg = results_msg + '%d %s %s\n'%(ii, target['name'], status)
             results_file.write('%d %s %s\n'%(ii, target['name'], status))
+        print(results_msg)
         if len(outputs) != num_processes:
             failed = True
             failure_message = 'FAILURE: Some target machines failed to run and were not tested. ' +\

tests/letstest/requirements.txt

@@ -1,23 +1,22 @@
-awscli==1.18.88
-bcrypt==3.1.7
-boto3==1.14.11
-botocore==1.17.11
-cffi==1.14.0
+awscli==1.19.36
+bcrypt==3.2.0
+boto3==1.17.36
+botocore==1.20.36
+cffi==1.14.5
 colorama==0.4.3
-cryptography==2.8
+cryptography==3.4.6
 docutils==0.15.2
-enum34==1.1.9
-fabric==2.5.0
-invoke==1.4.1
-ipaddress==1.0.23
-jmespath==0.9.5
-paramiko==2.7.1
+fabric==2.6.0
+invoke==1.5.0
+jmespath==0.10.0
+paramiko==2.7.2
+pathlib2==2.3.5
 pyasn1==0.4.8
-pycparser==2.19
-PyNaCl==1.3.0
+pycparser==2.20
+PyNaCl==1.4.0
 python-dateutil==2.8.1
-PyYAML==5.3
-rsa==3.4.2
-s3transfer==0.3.3
-six==1.14.0
-urllib3==1.25.8
+PyYAML==5.4.1
+rsa==4.5
+s3transfer==0.3.6
+six==1.15.0
+urllib3==1.26.4

tests/letstest/scripts/test_tests.sh

@@ -1,31 +0,0 @@
-#!/bin/sh -xe
-#
-# This script is useful for testing that the packages we've built for a release
-# work on a variety of systems. For an example of the kinds of problems that
-# can occur, see https://github.com/certbot/certbot/issues/3455.
-
-REPO_ROOT="letsencrypt"
-LE_AUTO="$REPO_ROOT/letsencrypt-auto-source/letsencrypt-auto"
-LE_AUTO="$LE_AUTO --debug --no-self-upgrade --non-interactive"
-MODULES="acme certbot certbot-apache certbot-nginx"
-PIP_INSTALL="tools/pip_install.py"
-VENV_NAME=venv
-BOOTSTRAP_SCRIPT="$REPO_ROOT/tests/letstest/scripts/bootstrap_os_packages.sh"
-VENV_SCRIPT="tools/venv.py"
-
-sudo $BOOTSTRAP_SCRIPT
-
-cd $REPO_ROOT
-$VENV_SCRIPT
-. $VENV_NAME/bin/activate
-"$PIP_INSTALL" pytest
-
-# To run tests that aren't packaged in modules, run pytest
-# from the repo root. The directory structure should still
-# cause the installed packages to be tested while using
-# the tests available in the subdirectories.
-
-for module in $MODULES ; do
-    echo testing $module
-    pytest -v $module
-done

tools/dev_constraints.txt

@@ -1,5 +1,5 @@
 # Specifies Python package versions for development and building Docker images.
-# It includes in particular packages not specified in letsencrypt-auto's requirements file.
+# It includes in particular packages not specified in tools/certbot_constraints.txt.
 # Some dev package versions specified here may be overridden by higher level constraints
 # files during tests (eg. tools/oldest_constraints.txt).
 alabaster==0.7.10

tools/pip_install.py

@@ -3,7 +3,7 @@
 # to 1, a combination of tools/oldest_constraints.txt,
 # tools/dev_constraints.txt, and local-oldest-requirements.txt contained in the
 # top level of the package's directory is used, otherwise, a combination of
-# certbot-auto's requirements file and tools/dev_constraints.txt is used. The
+# tools/certbot_constraints.txt and tools/dev_constraints.txt is used. The
 # other file always takes precedence over tools/dev_constraints.txt. If
 # CERTBOT_OLDEST is set, this script must be run with `-e <package-name>` and
 # no other arguments.

tools/pip_install_editable.py

@@ -1,5 +1,5 @@
 #!/usr/bin/env python
-# pip installs packages in editable mode using certbot-auto's requirements file
+# pip installs packages in editable mode using tools/certbot_constraints.txt
 # as constraints
 #
 # cryptography is currently using this script in their CI at