certbot: 0.31.0 -> 0.39.0

Updating:

- nixos module to use the new `account_reg.json` file.
- use nixpkgs pebble for integration tests.

Co-authored-by: Florian Klink <flokli@flokli.de>

Replace certbot-embedded pebble
This commit is contained in:
Félix Baylac-Jacqué 2019-10-18 19:11:49 +02:00
parent 6ac0e34161
commit 38e84151e0
3 changed files with 56 additions and 10 deletions

View file

@ -69,9 +69,9 @@ let
plugins = mkOption {
type = types.listOf (types.enum [
"cert.der" "cert.pem" "chain.pem" "external.sh"
"fullchain.pem" "full.pem" "key.der" "key.pem" "account_key.json"
"fullchain.pem" "full.pem" "key.der" "key.pem" "account_key.json" "account_reg.json"
]);
default = [ "fullchain.pem" "full.pem" "key.pem" "account_key.json" ];
default = [ "fullchain.pem" "full.pem" "key.pem" "account_key.json" "account_reg.json" ];
description = ''
Plugins to enable. With default settings simp_le will
store public certificate bundle in <filename>fullchain.pem</filename>,

View file

@ -0,0 +1,24 @@
From 8ddf2697508eca514a0dde4646ad14ac3ba34b2a Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Fri, 18 Oct 2019 16:06:50 +0200
Subject: [PATCH] pebble_artifacts: hardcode pebble location
---
certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py | 1 +
1 file changed, 1 insertion(+)
diff --git a/certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py b/certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py
index 2b1557928..d2603c51a 100644
--- a/certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py
+++ b/certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py
@@ -22,6 +22,7 @@ def fetch(workspace):
def _fetch_asset(asset, suffix):
+ return "@pebble@"
asset_path = os.path.join(ASSETS_PATH, '{0}_{1}_{2}'.format(asset, PEBBLE_VERSION, suffix))
if not os.path.exists(asset_path):
asset_url = ('https://github.com/letsencrypt/pebble/releases/download/{0}/{1}_{2}'
--
2.23.0

View file

@ -1,21 +1,27 @@
{ stdenv, python3Packages, fetchFromGitHub, dialog }:
{ stdenv, python37Packages, fetchFromGitHub, fetchurl, dialog, autoPatchelfHook, nginx, pebble }:
python3Packages.buildPythonApplication rec {
python37Packages.buildPythonApplication rec {
pname = "certbot";
version = "0.31.0";
version = "0.39.0";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "v${version}";
sha256 = "0rwjxmkpicyc9a5janvj1lfi430nq6ha94nyfgp11ds9fyydbh1s";
sha256 = "1s32xg2ljz7ci78wc8rqkjvgrz7vprb7fkznrlf9a4blm55pp54c";
};
propagatedBuildInputs = with python3Packages; [
patches = [
./0001-pebble_artifacts-hardcode-pebble-location.patch
];
propagatedBuildInputs = with python37Packages; [
ConfigArgParse
acme
configobj
cryptography
distro
josepy
parsedatetime
psutil
@ -26,11 +32,19 @@ python3Packages.buildPythonApplication rec {
zope_component
zope_interface
];
buildInputs = [ dialog ] ++ (with python3Packages; [ mock gnureadline ]);
patchPhase = ''
buildInputs = [ dialog ] ++ (with python37Packages; [ mock gnureadline ]);
checkInputs = with python37Packages; [
pytest_xdist
pytest
dateutil
];
postPatch = ''
substituteInPlace certbot/notify.py --replace "/usr/sbin/sendmail" "/run/wrappers/bin/sendmail"
substituteInPlace certbot/util.py --replace "sw_vers" "/usr/bin/sw_vers"
substituteInPlace certbot-ci/certbot_integration_tests/utils/pebble_artifacts.py --replace "@pebble@" "${pebble}/bin/pebble"
'';
postInstall = ''
@ -40,7 +54,15 @@ python3Packages.buildPythonApplication rec {
done
'';
doCheck = !stdenv.isDarwin; # On Hydra Darwin tests fail with "Too many open files".
# tests currently time out, because they're trying to do network access
# Upstream issue: https://github.com/certbot/certbot/issues/7450
doCheck = false;
checkPhase = ''
PATH="$out/bin:${nginx}/bin:$PATH" pytest certbot-ci/certbot_integration_tests
'';
dontUseSetuptoolsCheck = true;
meta = with stdenv.lib; {
homepage = src.meta.homepage;