* Use josepy instead of acme.jose. (#5203)
* Parse variables without whitespace separator correctly in CentOS family of distributions (#5318)
* Pin josepy in letsencrypt-auto (#5321)
* pin josepy in le-auto
* Put pinned versions in sorted order
* Pin dependencies in oldest tests (#5316)
* Add tools/merge_requirements.py
* Revert "Fix oldest tests by pinning Google DNS deps (#5000)"
This reverts commit f68fba2be2.
* Add tools/oldest_constraints.txt
* Remove oldest constraints from tox.ini
* Rename dev constraints file
* Update tools/pip_install.sh
* Update install_and_test.sh
* Fix pip_install.sh
* Don't cat when you can cp
* Add ng-httpsclient to dev constraints for oldest tests
* Bump tested setuptools version
* Update dev_constraints comment
* Better document oldest dependencies
* test against oldest versions we say we require
* Update dev constraints
* Properly handle empty lines
* Update constraints gen in pip_install
* Remove duplicated zope.component
* Reduce pyasn1-modules dependency
* Remove blank line
* pin back google-api-python-client
* pin back uritemplate
* pin josepy for oldest tests
* Undo changes to install_and_test.sh
* Update install_and_test.sh description
* use split instead of partition
* More pip dependency resolution workarounds (#5339)
* remove pyopenssl and six deps
* remove outdated tox.ini dep requirement
* Fix auto_tests on systems with new bootstrappers (#5348)
* Fix pytest on macOS in Travis (#5360)
* Add tools/pytest.sh
* pass TRAVIS through in tox.ini
* Use tools/pytest.sh to run pytest
* Add quiet to pytest.ini
* ignore pytest cache
* print as a string (#5359)
* Use apache2ctl modules for Gentoo systems. (#5349)
* Do not call Apache binary for module reset in cleanup()
* Use apache2ctl modules for Gentoo
* Broader git ignore for pytest cache files (#5361)
Make gitignore take pytest cache directories in to account, even if
they reside in subdirectories.
If pytest is run for a certain module, ie. `pytest certbot-apache` the
cache directory is created under `certbot-apache` directory.
* Fix letsencrypt-auto name and long forms of -n (#5375)
* Deprecate Python2.6 by using Python3 on CentOS/RHEL 6 (#5329)
* If there's no python or there's only python2.6 on red hat systems, install python3
* Always check for python2.6
* address style, documentation, nits
* factor out all initialization code
* fix up python version return value when no python installed
* add no python error and exit
* document DeterminePythonVersion parameters
* build letsencrypt-auto
* close brace
* build leauto
* fix syntax errors
* set USE_PYTHON_3 for all cases
* rip out NOCRASH
* replace NOCRASH, update LE_PYTHON set logic
* use built-in venv for py3
* switch to LE_PYTHON not affecting bootstrap selection and not overwriting LE_PYTHON
* python3ify fetch.py
* get fetch.py working with python2 and 3
* don't verify server certificates in fetch.py HttpsGetter
* Use SSLContext and an environment variable so that our tests continue to never verify server certificates.
* typo
* build
* remove commented out code
* address review comments
* add documentation for YES_FLAG and QUIET_FLAG
* Add tests to centos6 Dockerfile to make sure we install python3 if and only if appropriate to do so.
* Allow non-interactive revocation without deleting certificates (#5386)
* Add --delete-after-revoke flags
* Use delete_after_revoke value
* Add delete_after_revoke unit tests
* Add integration tests for delete-after-revoke.
* Have letsencrypt-auto do a real upgrade in leauto-upgrades option 2 (#5390)
* Make leauto_upgrades do a real upgrade
* Cleanup vars and output
* Sleep until the server is ready
* add simple_http_server.py
* Use a randomly assigned port
* s/realpath/readlink
* wait for server before getting port
* s/localhost/all interfaces
* update Apache ciphersuites (#5383)
* Fix macOS builds for Python2.7 in Travis (#5378)
* Add OSX Python2 tests
* Make sure python2 is originating from homebrew on macOS
* Upgrade the already installed python2 instead of trying to reinstall
* Use pipstrap to install a good version of pip
* Use pytest in cb-auto tests
* Remove nose usage in auto_test.py
* remove nose dev dep
* use pytest in test_tests
* Use pytest in tox
* Update dev dependency pinnings
* remove nose multiprocess lines
* Use pytest for coverage
* Use older py and pytest for old python versions
* Add test for Error.__str__
* pin pytest in oldest test
* Fix tests for DNS-DO plugin on py26
* Work around bug for Python 3.3
* Clarify dockerfile comments
Occasionally a network error prevents Docker from starting boulder causing
Travis tests to fail like it did at
https://travis-ci.org/certbot/certbot/jobs/282923098. This works around the
problem by using travis_retry to try to start boulder again if it fails.
This also moves the logic of waiting for boulder to start into
tests/boulder-fetch.sh so people running integration tests locally can benefit.
* Switching from old branch (issue-4109) and addressing changes requested
in last iteration of review:
80aa857fd2
Requested changes that were addressed:
- fixed outdated docstring for `cert_path_to_lineage`
- removed `full_archive_dir_from_renewal_conf` amd replaced with `full_archive_path` (and `_full_archive_path` -> `full_archive_path`)
- matching on `cert` instead of `chain` in `cert_manager.cert_path_to_lineage`
- fixed the two coding wrongs make a right issue
Requested changes which were not addressed:
- moving `cert_path_to_lineage` from `cert_manager` to `storage`,
as it would introduce a hard to resolve circular dependency.
* Update integration tests to handle default deletion after revoke.
* Swapping test domains.
* Addressing PR feedback:
- calling storage.full_archive_path with a ConfigObj instead of None
- Removing lambda x: x.chain_path as an option to match against
* Addressing PR feedback: it's expected that len(pattern) is 0, so handle that case properly.
* Testing of conflicting values of --cert-name and --cert-path non-interactive mode.
* Silly test for when neither certname nor cert-path were specified.
* Changing archive_files to a private function, because mocking nested functions seems impossible.
* Tests for storage.cert_path_for_cert_name
* Splitting out _acceptable_matches
* Some tests for cert_manager.cert_path_to_lineage
* Offerings to the Lint God
* Cleaner way of dealing with files in archive dirs
* Handling the two different use cases of match_and_check_overlaps a bit better
* late night syntax errors
* Test for when multiple lineages share an archive dir
* Tests for certbot.cert_manager.match_and_check_overlaps
* Removing unneeded nesting
* Lint errors that Travis caught that didn't show up locally
* Adding two integration tests (matching & mismatched --cert-path, --cert-name) based on feedback.
* Asking the user if they want to delete in interactive mode.
* Add hook dir constants
* Add hook dir properties to configuration
* test hook dir properties
* reuse certbot.util.is_exe
* Add certbot.hooks.list_hooks
* test list_hooks
* Run pre-hooks in directory
* Run deploy-hooks in directory
* Run post-hooks in directory
* Refactor and update certbot/tests/hook_test.py
* Add integration tests for hook directories
* Have Certbot create hook directories.
* document renewal hook directories
* Add --no-directory-hooks
* Make minor note about locale independent sorting
Up until now, this test was written incorrectly. In addition, when it has
failed, it simply prints error messages rather than reporting that the test
failed. This fixes both of these problems.
* prevent regressions of #5082
* Fix test_leauto_upgrades.sh
test_leauto_upgrades.sh has been incorrectly been succeeding because while peep
doesn't work with newer versions of pip and letsencrypt-auto would crash,
the output included the version number so we reported the test as passing.
This updates letsencrypt-auto to the oldest version that still works for the
purpose of the test and sets pipefail so errors are properly reported.
* Test symlink creation in test_leauto_upgrades.sh
* Pin dependencies in test_sdists.sh.
* Fix permissions errors in test_tests.sh
The program readlink used to be used in integration tests so an environment
variable was used to handle differences in the executable on different systems.
This command is no longer used though so the variable can be removed.
Might help debug #4363.
Also:
make "bash" vs "sh" explicit
move the paranoia flags (-ex) from the shebang into the body
add -u (fail on unset variables)
change _common to work with -u
remove some env vars that were no longer used
remove shebang from _common.sh because it's meant to be sourced, not run
* lineage_for_certname should return None if there is no existing renewal file
* add unit test
* add regression test to integration test
* revent boulder-start to boulder-fetch
Recommend faster-running commands with clearer output first, building up to
slow, noisy, `tox` last.
Remove outdated Boulder testing advice, and outdated Boulder testing scripts
(Vagrantfile, mac-bootstrap.sh, boulder-start.sh). Update Boulder testing
section.
Fill out "directory structure" section of contributing guide a little better.
* add get_certbot_version.sh
* Use get_certbot_version.sh in build.py
* make test_leauto_upgrades.sh more robust
* auto upgrades break tests
* OCSP experimental is not needed anymore
* Add test_sdists.sh
* Use LE_AUTO_VERSION, not repo version
* install OS deps earlier
* use readlink not realpath
* undo changes to build.py
* Factor out version code from build.py
* Use version.py in test_sdists
* Remove get_certbot_version
* workaround setuptools breakage
* use challenge type strings, not objectS
* Factor out parse_preferred_challenges
* restore pref_challs
* save pref_challs
* Make CheckCertCount more flexible
* improve integration tests
* Make pref_challs more flexible
This includes two new tests in the integration test script to check that
boulder gets the correct code. The encoding is specified in RFC5280
5.3.1. The codes that boulder will accept are a subset of that,
specified in `boulder.revocation.reasons.go`.
