This prevents the integration tests from getting run before the boulder
processes have finished booting in most cases. There's still some small
races with debug ports going up before RPC ports, but this flushes the
big ones (specifically, the WFE ports), and the boulder devs going to
fix the rest in integration-test.py over time.
This also makes boulder-start.sh a blocking operation. Now the TravisCI
integration tests no longer requires boulder-start.sh, we can let the
other priority of being easier for users to control (that is, basically,
make it easy to Ctrl-C) take over. That plus the idea that
self-daemonizing code is tricky to get right, especially over multiple
platforms led me to not trying to get start.py to make itself
asynchronous.
Most of this change is code movement in order to allow developers to run
boulder-start.sh once and boulder-integration.sh many times while also
not duplicating that code in order to run the tests in TravisCI.
I'm not a huge fan of both the letsencrypt's shell scripts and boulder's
integration-test.py having hard-coded file dependencies in the other's
repo.
This, however, seemed like the smallest path to code that would
spuriously break less. All the designs I was able to come up that were
maybe smaller changes either had the "starts tests before the servers
are up" problem or with a "each repo uses another repo's test code file"
problem. Those problem on top of the "it's a bigger change" problem led
me here.
Rather than fetching from bitbucket and building. Bitbucket is often down, and
building from scratch is slow. Github is sometimes down, but at least now we
have our eggs in one basket.
Save accounts to:
/etc/letsencrypt/accounts/www.letsencrypt-dmeo.org/acme/new-reg/ \
kuba.le.wtf@2015-07-04T14:04:10Z/ \
{regr.json,meta.json,private_key.json}
Account now represents a combination of private key, Registration
Resource and client account metadata. `Account.id` based on the
account metadata (creation host and datetime). UI interface
(`cli._determine_account`) based on the `id`, and not on email as
previously.
Add `AccountStorage` interface and `AccountFileStorage`,
`AccountMemoryStorage` implementations (latter, in-memory, useful for
testing).
Create Account only after Registration Resource is received
(`register()` returns `Account`).
Allow `client.Client(..., acme=acme, ...)`: API client might reuse
acme.client.Client as returned by `register()`.
Move report_new_account to letsencrypt.account, client.Client.register
into client.register.
Use Registration.from_data acme API.
achallenges.AChallenge.key is now the `acme.jose.JWK`, not
`le_util.Key`. Plugins have to export PEM/DER as necessary
(c.f. `letsencrypt.plugins.common.Dvsni.get_key_path`)
Add --agree-tos, save --agree-eula to "args.eula". Prompt for EULA as
soon as client is launched, add prompt for TOS.
Remove unnecessary letsencrypt.network. Remove, now irrelevant,
`IConfig.account_keys_dir`.
Based on the draft from
https://github.com/letsencrypt/letsencrypt/pull/362#issuecomment-97946817.
Candidate issues to be addressed:
- race condition: start.sh might fail to start Boulder WFE before
./tests/boulder-integration.sh is run (unlikely, but possible,
leading to flaky tests)
- intertwined build logs (./start.sh boostraps in the background,
integration test debug logs on server and client side)
