mirror of
https://github.com/certbot/certbot.git
synced 2026-06-06 15:22:38 -04:00
90557921e3
* tests: add certbot-dns-rfc2136 integration tests * dont use 'with' form of socket.socket fixes py2 crash * address some feedback: - conftest: make DNS server a global resource - conftest: add dns_xdist parameter into node config - conftest: add --dns-server=bind flag - conftest: if configured, point the ACME server to the DNS server - dnsserver: make it sort-of compatible with xdist (future-proofing) - context: parameterize dns-rfc2136 credentials file (future proofing) - context: reduce dns-rfc2136 propagation time to speed up tests - tox: add a integration-dns-rfc2136 target - rfc2136: add a test/zone for subdelegation - rfc2136: skip tests if no DNS server is configured * try add integration-dns-rfc2136 to CI * mock recursive dns via RPZ * update --dns-server args and tox.ini args * address more feedback: - dns_server: rename rfc2136 creds file to .tpl - dns_server: dont vary dns server port, instead we will vary zone names (#8455) - dns_server: log error if bind9 fails to stop cleanly - dns_server: replace assert with raise - context: remove redundant _worker_id - context: remove redundant cleanup override - context: fix seek/flush in credentials context manager - context: rename skip_if_no_server -> ...bind_server - context: add newline EOF * conftest: document _setup_primary_node sideeffects * ci: rfc2136-integration from standard->nightly * fix _stop_bind (function was renamed to stop) * ignore errors from shutil.rmtree during cleanup * dns_server: check for crash while polling * remove --dry-run from rfc2136 test
64 lines
2.5 KiB
Python
64 lines
2.5 KiB
Python
from contextlib import contextmanager
|
|
from pytest import skip
|
|
from pkg_resources import resource_filename
|
|
import tempfile
|
|
|
|
from certbot_integration_tests.certbot_tests import context as certbot_context
|
|
from certbot_integration_tests.utils import certbot_call
|
|
|
|
|
|
class IntegrationTestsContext(certbot_context.IntegrationTestsContext):
|
|
"""Integration test context for certbot-dns-rfc2136"""
|
|
def __init__(self, request):
|
|
super(IntegrationTestsContext, self).__init__(request)
|
|
|
|
self.request = request
|
|
|
|
self._dns_xdist = None
|
|
if hasattr(request.config, 'slaveinput'): # Worker node
|
|
self._dns_xdist = request.config.slaveinput['dns_xdist']
|
|
else: # Primary node
|
|
self._dns_xdist = request.config.dns_xdist
|
|
|
|
def certbot_test_rfc2136(self, args):
|
|
"""
|
|
Main command to execute certbot using the RFC2136 DNS authenticator.
|
|
:param list args: list of arguments to pass to Certbot
|
|
"""
|
|
command = ['--authenticator', 'dns-rfc2136', '--dns-rfc2136-propagation-seconds', '2']
|
|
command.extend(args)
|
|
return certbot_call.certbot_test(
|
|
command, self.directory_url, self.http_01_port, self.tls_alpn_01_port,
|
|
self.config_dir, self.workspace, force_renew=True)
|
|
|
|
@contextmanager
|
|
def rfc2136_credentials(self, label='default'):
|
|
# type: (str) -> str
|
|
"""
|
|
Produces the contents of a certbot-dns-rfc2136 credentials file.
|
|
:param str label: which RFC2136 credential to use
|
|
:yields: Path to credentials file
|
|
:rtype: str
|
|
"""
|
|
src_file = resource_filename('certbot_integration_tests',
|
|
'assets/bind-config/rfc2136-credentials-{}.ini.tpl'
|
|
.format(label))
|
|
contents = None
|
|
|
|
with open(src_file, 'r') as f:
|
|
contents = f.read().format(
|
|
server_address=self._dns_xdist['address'],
|
|
server_port=self._dns_xdist['port']
|
|
)
|
|
|
|
with tempfile.NamedTemporaryFile('w+', prefix='rfc2136-creds-{}'.format(label),
|
|
suffix='.ini', dir=self.workspace) as f:
|
|
f.write(contents)
|
|
f.flush()
|
|
yield f.name
|
|
|
|
def skip_if_no_bind9_server(self):
|
|
"""Skips the test if there was no RFC2136-capable DNS server configured
|
|
in the test environment"""
|
|
if not self._dns_xdist:
|
|
skip('No RFC2136-capable DNS server is configured')
|