mirror of
https://github.com/certbot/certbot.git
synced 2026-06-05 14:54:24 -04:00
e19b2e04c7
Fixes #7007 Python 3.4 is [EOL](https://www.python.org/dev/peps/pep-0429/), and only Python 3.x version available for CentOS 6 through EPEL is this version, and so is used by `certbot-auto`, the only official way to install Certbot on this platform. This unpleasant situation becomes a little more uncomfortable, considering that the newest `pip` version (19.2) [just dropped Python 3.4 support](https://github.com/pypa/pip/issues/6685) and will refuse to start on this Python version. We can expect a lot of dependencies to follow this path now. One direct result of this situation is that a fix to support correctly the ARM platforms requires to upgrade `pip` to 19.2 for `certbot-auto`. So this is not possible right now. Then, let's upgrade Certbot instances on CentOS 6 to a supported version of Python 3. This PR proposes a new bootstrap approach for CentOS 6 platform, `BootstrapRpmPython3Legacy`, that will install Python 3.6 from [SCL](https://www.softwarecollections.org) (the latest one available for now on CentOS 6). In term of Python 3 specific bootstrap methods, I take the occasion here to completely separate the bootstrap of CentOS 6 as a legacy system, from the RPM-based newest systems (like Fedora 29+) that are simply dropping support for Python 2.x. This is in prevision of future migration for all systems on Python 3.x, that is a different problematic than supporting old systems. * Add logic * Rebuilt letsencrypt-auto * Fix logic * Focus on specific packages * Maintain PATH for further invocations of letsencrypt-auto after bootstrap. * Various corrections * Fix farm test for RHEL6 * Working centos6 letsencrypt-auto self tests * Fix test_sdist for CentOS 6 * Corrections * Work in progress * Working configuration * Fix typo * Remove EPEL. Add a test. * Update letsencrypt-auto-source/letsencrypt-auto.template Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Improvements after review * Improvements * Add a comment * Add a test * Update a test * Corrections * Update function return * Work in progress * Correct behavior on oracle linux 6. * Corrections * Rebuild script * Add letsencrypt-auto tests for oraclelinux6 * Update tox.ini Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update letsencrypt-auto-source/letsencrypt-auto Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update letsencrypt-auto-source/tests/oraclelinux6_tests.sh Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update letsencrypt-auto-source/letsencrypt-auto.template Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update letsencrypt-auto-source/letsencrypt-auto Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update letsencrypt-auto-source/letsencrypt-auto Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update letsencrypt-auto-source/letsencrypt-auto.template Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update letsencrypt-auto-source/tests/oraclelinux6_tests.sh Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Remove specific code for scientific linux * Change some variables names * Update letsencrypt-auto-source/tests/oraclelinux6_tests.sh Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Various corrections * Fix tests * Add a comment * Update message * Fix test message * Update letsencrypt-auto-source/letsencrypt-auto.template Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update letsencrypt-auto-source/letsencrypt-auto Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update letsencrypt-auto-source/letsencrypt-auto Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update scripts * More focused assertion * Add back a test * Update script * Update letsencrypt-auto-source/letsencrypt-auto.template Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Update letsencrypt-auto-source/letsencrypt-auto.template Co-Authored-By: Brad Warren <bmw@users.noreply.github.com> * Check quiet mode * Add changelog * Update letsencrypt-auto-source/tests/oraclelinux6_tests.sh Co-Authored-By: Brad Warren <bmw@users.noreply.github.com>
48 lines
1.7 KiB
Docker
48 lines
1.7 KiB
Docker
# For running tests, build a docker image with a passwordless sudo and a trust
|
|
# store we can manipulate.
|
|
|
|
ARG REDHAT_DIST_FLAVOR
|
|
FROM ${REDHAT_DIST_FLAVOR}:6
|
|
|
|
ARG REDHAT_DIST_FLAVOR
|
|
|
|
RUN curl -O https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm \
|
|
&& rpm -ivh epel-release-latest-6.noarch.rpm
|
|
|
|
# Install pip and sudo:
|
|
RUN yum install -y python-pip sudo
|
|
# Update to a stable and tested version of pip.
|
|
# We do not use pipstrap here because it no longer supports Python 2.6.
|
|
RUN pip install pip==9.0.1 setuptools==29.0.1 wheel==0.29.0
|
|
# Pin pytest version for increased stability
|
|
RUN pip install pytest==3.2.5 six==1.10.0
|
|
|
|
# Add an unprivileged user:
|
|
RUN useradd --create-home --home-dir /home/lea --shell /bin/bash --groups wheel --uid 1000 lea
|
|
|
|
# Let that user sudo:
|
|
RUN sed -i.bkp -e \
|
|
's/# %wheel\(NOPASSWD: ALL\)\?/%wheel/g' \
|
|
/etc/sudoers
|
|
|
|
RUN mkdir -p /home/lea/certbot
|
|
|
|
# Install fake testing CA:
|
|
COPY ./tests/certs/ca/my-root-ca.crt.pem /usr/local/share/ca-certificates/
|
|
RUN update-ca-trust
|
|
|
|
# Copy current letsencrypt-auto:
|
|
COPY . /home/lea/certbot/letsencrypt-auto-source
|
|
|
|
# Fetch previous letsencrypt-auto that was installing python 3.4
|
|
RUN curl https://raw.githubusercontent.com/certbot/certbot/v0.38.0/letsencrypt-auto-source/letsencrypt-auto \
|
|
-o /home/lea/certbot/letsencrypt-auto-source/letsencrypt-auto_py_34 \
|
|
&& chmod +x /home/lea/certbot/letsencrypt-auto-source/letsencrypt-auto_py_34
|
|
|
|
RUN cp /home/lea/certbot/letsencrypt-auto-source/tests/${REDHAT_DIST_FLAVOR}6_tests.sh /home/lea/certbot/letsencrypt-auto-source/tests/redhat6_tests.sh \
|
|
&& chmod +x /home/lea/certbot/letsencrypt-auto-source/tests/redhat6_tests.sh
|
|
|
|
USER lea
|
|
WORKDIR /home/lea
|
|
|
|
CMD ["sudo", "certbot/letsencrypt-auto-source/tests/redhat6_tests.sh"]
|