* Add quiet flags to package manager invocations
Add the following flags when 'certbot-auto --quiet' is invoked:
- Add '-qq' to calls to 'apt-get' in Debian
- Add '--quiet' to calls to 'yum' or 'dnf' in CentOS or Fedora
- Add '--quiet' to calls to 'urpmi' in Mageia
- Add '--quiet' to calls to 'pkg install' in FreeBSD
* Fix $QUIET flag in bootstrappers
- Set the value of $QUIET properly (i.e. s/$QUIET/QUIET when setting the
variable) in
- deb_common.sh
- mageia_common.sh
- rpm_common.sh
- Actually use $QUIET when running $tool in rpm_common.sh
* Add handling of $QUIET to Arch and Open Suse
* Add logic to set --non-interactive if --quiet
* Add missing $QUIET_FLAG to rpm_common.sh
* Run build.py
* Limit --help to 80 cols
* Update indentation within bootstrappers
* Add $QUIET_FLAG to second call to `urpmi` (redux)
* Make certbot-auto indentation consistent
Since a majority of certbot-auto uses 2 spaces per indentation level,
made indentation in letsencrypt-auto and platform-specific shell scripts
a consistent 2 spaces
Fixes#3902
* Fix last `if` statement body in rpm_common.sh
When certbot-auto cannot find the currently installed version, output the error to the end-user, instead of not showing anything, and re-installing the virtualenv.
Fixes#4034
- The others seem to either be platforms where openssl is part of the
base system, or where I can't quickly confirm that it's safe to ask
for installation of something called "openssl".
- If we miss any platforms, the OCSP checking code in "certbot
certificates" should fail gracefully.
* Added support for shells without default variable support
* Added support for BusyBox installs that do not have `command` but has `which`
* Style fixes as suggested by reviewer
* Renamed `WHERE_IS` to `EXISTS` as suggested by review
* Removed expansion of `$LE_AUTO_SUDO` to `x` as the `-n` can check empty strings.
* Added `EXISTS` to debian bootstrap as suggested in review
* certbot-auto: Print link to doc on debugging pip install error
Also, update the doc to teach the user to workaround problem on a low
memory system.
* Correct formatting
* grep the PIP_OUT and print useful info if the problem is about memory allocation
* Fix logic on string to grep
* pin requests version in py26-oldest
* Determine requests security deps dynamically
Starting with requests 2.12, pyasn1 and ndg-httpsclient are no longer
needed to inject pyopenssl into urllib3. This change allows us to
determine whether or not these dependencies are required at install
time. If an older version of requests is used, these packages are
still installed. If a new version of requests is used, they are not
reducing the number of dependencies we have.
* Bump requests version in certbot-auto
* Use pkg_resources in activate test
Due to pip's lack of dependency resolution, the change to use
requests[extras] causes errors in acme.util_test because pkg_resources
accurately detects the "missing" dependency.
There isn't a real problem here. The problem comes from a brand new
requests and ancient pyopenssl as well as a unit test for
functionality we plan to remove in our next release. I modified
the unit test to fix the problem for now.
* Use six instead of pkg_resources for test
* Require requests<=2.11.1 in py27-oldest test
If we don't do this, we get test failures for the certbot package
which is actually a good thing! pkg_resources is catching the
unlikely but possible problem I describe in #3803 and erroring out
saying it is missing the necessary dependencies to run certbot.
Good job package resources.
* Undo changes to acme.util_test
* disallow binary (wheel) install for pycparser
pycparser has uploaded a broken wheel for 2.14, failing for two reasons
1. sha mismatch, due to not instructing pip which dist to install
2. bug in the wheel itself
* regen letsencrypt-auto-source/letsencrypt-auto
* Adding Debian 7 (Wheezy) to LE tests
* Adding Debian 8 (Jessie) to LE tests
* Fixing Debian Wheezy certificate addition error
* Adding packages to LEA Debian Jessie test and refining the code commenting
* Adding installing OpenSSL to the Debian Wheezy LEA test script
* Removing LEA tests for Debian Jessie
* Fixing nits
Not resetting OPTIND between each call of getopts skips all short args except the first one.
It fixes this automated command:
./certbot-auto certonly --webroot -w /tmp -d example.com --agree-tos --email contact@example.com -n
Where "-w" was parsed by getopts and not "-n"
* When getopts is called multiple time we need to reset OPTIND. Issue #3459
* Adding OPTIND reset in the certbot-auto source file
* Building new letsencrypt-auto from template
On Debian 7 (and probably relative distro's) `aptitude show virtualenv` exits
with 0, since it is a virtual package. However, it doesn't have any installation
candidates, so filter on this case before trying to install `virtualenv` to
prevent installation-errors while bootstrapping.
NB, to make this clear:
(0)#: apt-cache show virtualenv
N: Can't select versions from package 'virtualenv' as it is purely virtual
N: No packages found
(0)#: echo $?
0
Furthermore, --quiet=0 is necessary, to be able to grep through `apt-cache`'s
output via a pipe. More details on
http://unix.stackexchange.com/questions/201869/why-isnt-apt-cache-policy-output-piped/202041#202041.
Notably, this also installs pip via the recommended `get-pip` route rather than
grabbing a whole new version over Homebrew; this allows the install to work with
OS X's built-in Python or with the python.org Python.
There's no particular reason this *should* fix#2499, but it changes how pycparser gets installed (to a more modern way: pip vs. setuptools), so it may.
I prefer to err toward simplicity here. Yes, there's an assumption necessary for this to work--that the shell doesn't do multiple open() calls to the script path throughout the life of the interpreter--but I think it's reasonable. The alternative of exec-ing out to a dedicated update script which then execs back to le-auto has more moving parts (like extra files that we have to clean up) and is longer.
Executed as root
git clone https://github.com/letsencrypt/letsencrypt
cd letsencrypt/
./letsencrypt-auto --help
failed with message
./letsencrypt-auto: 171: ./letsencrypt-auto: sudo: not found
Ported from #1751.
* It's more lines but fewer tokens, less room for quote errors, and more idiomatic (see any init.d script).
* Also, fix a bug in which any option containing "-v", e.g. --eat-vertical-pizza, would be construed as --verbose.
Ported from #1751.
* Make sure any Python passed in as $LE_PYTHON actually exists.
* Dodge a word-splitting bug: `a='a b'; export a=${a:-c}; echo $a` gives `a` instead of `a b` under shells that respect POSIX.1, like dash.
Otherwise, we sometimes end up using the system Python, for which we'd need to use sudo to install virtualenv. Brew complicates this by yelling at you if you do use sudo. So let's simplify things by always using the homebrew python, which is more up to date anyway.
...except for $SUDO, which is always either "sudo", "su_sudo", or "", never having a quote-needing char in it.
It's unlikely that $PYVER would have a space in it, but it doesn't hurt.
Python 2.4 doesn't support --version, and we want to be able to at least complain that it's too old without crashing.
Also, bring built le-auto up to date.
--no-self-upgrade metamorphosed from a private flag to a public one, so add a new private flag, --le-auto-phase2 to take its original role of marking the division between phases. This flag must come first and, consequently, can be stripped off the arg list before calling through to letsencrypt, which means the client doesn't need to know about it.
The downside is that anyone still (deprecatedly) running le-auto out of the root of a (recently updated) master checkout will get a "Hey, the current release version le-auto I just self-upgraded to doesn't understand the --le-auto-phase2 flag" error from when we merge this until the next release is made, but that's better than a documented option not working right.
Also, remove a needless folder creation from the Dockerfile.
Leaving broken venvs around can, if it got as far as installing the venv/bin/letsencrypt script, wreck future le-auto runs, since the presence of that script means "a working LE is installed" to it. Waiting until a new version of le-auto comes out and running it would recover, but this lets re-running the same version recover as well.
ConfigArgParse has a conditional dependency for Pythons < 2.7. On my local machine, I had a cached ConfigArgParse wheel built under 2.7, so it didn't carry those dependencies, and the pip freeze I used to determine the le-auto requirements thus missed it. From now on, we'll do those passes with --no-cache-dir.
* We choose a different Travis infra for one of the jobs, as in https://github.com/numpy/numpy/blob/master/.travis.yml#L49.
* We keep the language as "python" so the installation of packages (like tox, which we need) doesn't fail.
* Override the before_install to disable the dpkg stuff the other jobs need.
* adduser is redundant with `--groups sudo` above, so we delete it.
This will avoid crashing when used with pip 8.x, which was released today and is already the 3rd most used client against PyPI. (7.1.2 and 1.5.4 take spots 1 and 2, respectively.)
Bring everything to the latest versions.
Make dependencies unconditional: argparse, ndg-httpsclient, and pyasn1 get in all the time, to match the state of master as of 0.2.0.
If the new le-auto works well in the minutes or hours after release, we'll make another commit to master that removes the old le-auto and bootstrap scripts.
Close https://github.com/erikrose/letsencrypt/pull/2.
I didn't backport their imports, so they had NameErrors in the failure case anyway. And, because of the docker image, these tests currently are run under only 2.7 at the moment.
This fixes an "OSError: [Errno 2] No such file or directory" on Fedora 23. Note that openssl-devel was not sufficient to install the openssl commandline tool.
The current manual-testing build of le-auto now crashes with #1548, but that should have been resolved when we upgraded the cryptography lib and so should go away when we build a new version.
The motivation is to free us of a reliance on a rather modern version of setuptools, which caused le-auto failures for people on Wheezy and other older distros. (The alternative would have been to forcibly upgrade setuptools as the old le-auto did, but less is more.)
Mock is used only in tests, so we move it to tests_require. It will still be installed automatically when setup.py test is run. Give all packages a test_suite so this works.
The "testing" extra remains for optional packages not required for the nose tests but used in tox. However, the extra is much less useful now and is a candidate for deletion. We could roll the list of packages therein into the tox config so as not to favor any particular package.
Remove tests_require=install_requires, which I don't think does anything useful, since install requirements are implicitly installed when running setup.py test.
Fix tests to pass with mock removed. We had to stop them pulling down LE from PyPI, since the current version there (0.1.1) requires mock and explodes when `letsencrypt` is run.
Originally, I had it in mind to move letsencrypt-auto inside this dir. However, now we'd like to copy it or link it to the root level, where people are used to finding it (at least for awhile). Since it would be confusing to have a letsencrypt-auto and a letsencrypt_auto right next to each other, we rename this folder.
