Fix integration tests with Pebble v2.1.0 + (#7175)

Since Pebble v2.1.0, new controls have been added on ACME specs compliance on Pebble with strict mode enabled. These controls are described here: letsencrypt/pebble@3a2ce1c Currently Certbot is not compliant enough to pass these new controls. One part of the work to do is described here: #7171 As a consequence, our CI is currently broken, both on PR builds and nightly builds. This PR disables the strict mode during integration tests, fixing temporarily our CI. This will give us some time to fix theses deviations, and add back the strict mode in a future PR once it is merged. * Remove -strict mode on Pebble for now. * Refer to relevant Certbot PR * Clean code
2026-01-26 07:41:33 +03:00 · 2019-06-24 21:03:24 +02:00
parent 9a60f6df78
commit 249af5c4cd
1 changed files with 10 additions and 2 deletions
--- a/certbot-ci/certbot_integration_tests/utils/acme_server.py
+++ b/certbot-ci/certbot_integration_tests/utils/acme_server.py
@@ -132,13 +132,21 @@ def _prepare_acme_server(workspace, acme_type, acme_xdist):
            os.rename(join(instance_path, 'test/rate-limit-policies-b.yml'),
                      join(instance_path, 'test/rate-limit-policies.yml'))
        if acme_type == 'pebble':
-            # Configure Pebble at full speed (PEBBLE_VA_NOSLEEP=1) and not randomly refusing valid
-            # nonce (PEBBLE_WFE_NONCEREJECT=0) to have a stable test environment.
            with open(os.path.join(instance_path, 'docker-compose.yml'), 'r') as file_handler:
                config = yaml.load(file_handler.read())

+            # Configure Pebble at full speed (PEBBLE_VA_NOSLEEP=1) and not randomly refusing valid
+            # nonce (PEBBLE_WFE_NONCEREJECT=0) to have a stable test environment.
            config['services']['pebble'].setdefault('environment', [])\
                .extend(['PEBBLE_VA_NOSLEEP=1', 'PEBBLE_WFE_NONCEREJECT=0'])
+
+            # Also disable strict mode for now, since Pebble v2.1.0 added specs in
+            # strict mode for which Certbot is not compliant for now.
+            # See https://github.com/certbot/certbot/pull/7175
+            # TODO: Add back -strict mode once Certbot is compliant with Pebble v2.1.0+
+            config['services']['pebble']['command'] = config['services']['pebble']['command']\
+                .replace('-strict', '')
+
            with open(os.path.join(instance_path, 'docker-compose.yml'), 'w') as file_handler:
                file_handler.write(yaml.dump(config))