upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-05-28 04:34:11 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
certbot/tests/letstest
History
Brad Warren 349643c9b8 Update test-everything (#5397) 
* Use josepy instead of acme.jose. (#5203)

* Parse variables without whitespace separator correctly in CentOS family of distributions (#5318)

* Pin josepy in letsencrypt-auto (#5321)

* pin josepy in le-auto

* Put pinned versions in sorted order

* Pin dependencies in oldest tests (#5316)

* Add tools/merge_requirements.py

* Revert "Fix oldest tests by pinning Google DNS deps (#5000)"

This reverts commit f68fba2be2.

* Add tools/oldest_constraints.txt

* Remove oldest constraints from tox.ini

* Rename dev constraints file

* Update tools/pip_install.sh

* Update install_and_test.sh

* Fix pip_install.sh

* Don't cat when you can cp

* Add ng-httpsclient to dev constraints for oldest tests

* Bump tested setuptools version

* Update dev_constraints comment

* Better document oldest dependencies

* test against oldest versions we say we require

* Update dev constraints

* Properly handle empty lines

* Update constraints gen in pip_install

* Remove duplicated zope.component

* Reduce pyasn1-modules dependency

* Remove blank line

* pin back google-api-python-client

* pin back uritemplate

* pin josepy for oldest tests

* Undo changes to install_and_test.sh

* Update install_and_test.sh description

* use split instead of partition

* More pip dependency resolution workarounds (#5339)

* remove pyopenssl and six deps

* remove outdated tox.ini dep requirement

* Fix auto_tests on systems with new bootstrappers (#5348)

* Fix pytest on macOS in Travis (#5360)

* Add tools/pytest.sh

* pass TRAVIS through in tox.ini

* Use tools/pytest.sh to run pytest

* Add quiet to pytest.ini

* ignore pytest cache

* print as a string (#5359)

* Use apache2ctl modules for Gentoo systems. (#5349)

* Do not call Apache binary for module reset in cleanup()

* Use apache2ctl modules for Gentoo

* Broader git ignore for pytest cache files (#5361)

Make gitignore take pytest cache directories in to account, even if
they reside in subdirectories.

If pytest is run for a certain module, ie. `pytest certbot-apache` the
cache directory is created under `certbot-apache` directory.

* Fix letsencrypt-auto name and long forms of -n (#5375)

* Deprecate Python2.6 by using Python3 on CentOS/RHEL 6 (#5329)

* If there's no python or there's only python2.6 on red hat systems, install python3

* Always check for python2.6

* address style, documentation, nits

* factor out all initialization code

* fix up python version return value when no python installed

* add no python error and exit

* document DeterminePythonVersion parameters

* build letsencrypt-auto

* close brace

* build leauto

* fix syntax errors

* set USE_PYTHON_3 for all cases

* rip out NOCRASH

* replace NOCRASH, update LE_PYTHON set logic

* use built-in venv for py3

* switch to LE_PYTHON not affecting bootstrap selection and not overwriting LE_PYTHON

* python3ify fetch.py

* get fetch.py working with python2 and 3

* don't verify server certificates in fetch.py HttpsGetter

* Use SSLContext and an environment variable so that our tests continue to never verify server certificates.

* typo

* build

* remove commented out code

* address review comments

* add documentation for YES_FLAG and QUIET_FLAG

* Add tests to centos6 Dockerfile to make sure we install python3 if and only if appropriate to do so.

* Allow non-interactive revocation without deleting certificates (#5386)

* Add --delete-after-revoke flags

* Use delete_after_revoke value

* Add delete_after_revoke unit tests

* Add integration tests for delete-after-revoke.

* Have letsencrypt-auto do a real upgrade in leauto-upgrades option 2 (#5390)

* Make leauto_upgrades do a real upgrade

* Cleanup vars and output

* Sleep until the server is ready

* add simple_http_server.py

* Use a randomly assigned port

* s/realpath/readlink

* wait for server before getting port

* s/localhost/all interfaces

* update Apache ciphersuites (#5383)

* Fix macOS builds for Python2.7 in Travis (#5378)

* Add OSX Python2 tests

* Make sure python2 is originating from homebrew on macOS

* Upgrade the already installed python2 instead of trying to reinstall
2018-01-09 17:24:14 -08:00
..
scripts Update test-everything (#5397) 2018-01-09 17:24:14 -08:00
testdata/sample-config Test farm tests for openssl-based revocation checking 2016-12-23 00:20:38 -08:00
apache2_targets.yaml Move everything into tests/letstest 2015-12-21 11:12:01 -08:00
multitester.py Fix test farm tests 2016-04-19 14:11:17 -04:00
README.md Updating the AWS letstest documentation (#5091) 2017-09-19 10:25:36 -07:00
targets.yaml Move everything into tests/letstest 2015-12-21 11:12:01 -08:00

README.md

letstest

Simple AWS testfarm scripts for certbot client testing

  • Configures (canned) boulder server
  • Launches EC2 instances with a given list of AMIs for different distros
  • Copies certbot repo and puts it on the instances
  • Runs certbot tests (bash scripts) on all of these
  • Logs execution and success/fail for debugging

Notes

  • Some AWS images, e.g. official CentOS and FreeBSD images require acceptance of user terms on the AWS marketplace website. This can't be automated.
  • AWS EC2 has a default limit of 20 t2/t1 instances, if more are needed, they need to be requested via online webform.

Usage

  • To install the necessary dependencies on Ubuntu 16.04, run:
sudo apt install awscli python-yaml python-boto3 fabric
  • Requires AWS IAM secrets to be set up with aws cli
  • Requires an AWS associated keyfile .pem
>aws configure --profile <profile name>
[interactive: enter secrets for IAM role]
>aws ec2 create-key-pair --profile <profile name> --key-name <key name> --query 'KeyMaterial' --output text > whatever/path/you/want.pem

Note: whatever you pick for <key name> will be shown to other users with AWS access.

When prompted for a default region name, enter: us-east-1

then:

>python multitester.py targets.yaml /path/to/your/key.pem <profile name> scripts/<test to run>

You can only run up to two tests at once. The following error is often indicative of there being too many AWS instances running on our account:

NameError: name 'instances' is not defined

If you see this, you can run the following command to shut down all running instances:

aws ec2 terminate-instances --profile <profile name> --instance-ids $(aws ec2 describe-instances --profile <profile name> | grep <key name> | cut -f8)

It will take a minute for these instances to shut down and become available again. Running this will invalidate any in progress tests.

A folder named letest-<timestamp> is also created with a log file from each instance of the test and a file named "results" containing the output above. The tests take quite a while to run.

Also, the way all of the tests work is to check if there is already a boulder server running and if not start one. The boulder server is left running between tests, and there are known issues if two instances of boulder attempt to be started. After starting your first test, wait until you see "Found existing boulder server:" or if you see output about creating a boulder server, wait a minute before starting the 2nd test. You only have to do this after starting your first session of tests or after running the aws ec2 terminate-instances command above.

Scripts

Example scripts are in the 'scripts' directory, these are just bash scripts that have a few parameters passed to them at runtime via environment variables. test_apache2.sh is a useful reference.

Note that the 

test_letsencrypt_auto_*
scripts pull code from PyPI using the letsencrypt-auto script, not the local python code. test_apache2 runs the dev venv and does local tests.

See:

Main repos: