From 4792e1ee217eda2d7a2e2a1b0e5c4da9a1892841 Mon Sep 17 00:00:00 2001 From: ohemorange Date: Mon, 11 Nov 2019 15:41:40 -0800 Subject: [PATCH] Move constants.py to _internal (#7534) * Don't call core constants from nginx plugin * Move constants.py to _internal/ * Move ENHANCEMENTS from now-internal constants to public plugins.enhancements * Update display.enhancements.ask from its 2015 comment --- certbot-apache/certbot_apache/configurator.py | 4 ++-- .../configurators/common.py | 2 +- .../certbot_compatibility_test/util.py | 2 +- certbot-nginx/certbot_nginx/configurator.py | 20 ++----------------- certbot/_internal/account.py | 2 +- certbot/_internal/client.py | 2 +- certbot/{ => _internal}/constants.py | 12 ----------- certbot/_internal/display/enhancements.py | 2 +- certbot/_internal/eff.py | 2 +- certbot/_internal/log.py | 4 ++-- certbot/_internal/main.py | 2 +- certbot/_internal/plugins/disco.py | 2 +- certbot/_internal/storage.py | 2 +- certbot/cli.py | 2 +- certbot/configuration.py | 6 +++--- certbot/display/util.py | 2 +- certbot/interfaces.py | 6 +++--- certbot/plugins/common.py | 2 +- certbot/plugins/common_test.py | 4 ++-- certbot/plugins/enhancements.py | 13 +++++++++++- certbot/reverter.py | 2 +- certbot/tests/account_test.py | 2 +- certbot/tests/cli_test.py | 2 +- certbot/tests/configuration_test.py | 2 +- certbot/tests/eff_test.py | 2 +- certbot/tests/log_test.py | 2 +- certbot/tests/main_test.py | 2 +- certbot/tests/util.py | 2 +- certbot/util.py | 2 +- docs/api/constants.rst | 9 --------- 30 files changed, 47 insertions(+), 73 deletions(-) rename certbot/{ => _internal}/constants.py (95%) delete mode 100644 docs/api/constants.rst diff --git a/certbot-apache/certbot_apache/configurator.py b/certbot-apache/certbot_apache/configurator.py index 6ff7d328e..57cd4a9b4 100644 --- a/certbot-apache/certbot_apache/configurator.py +++ b/certbot-apache/certbot_apache/configurator.py @@ -1612,9 +1612,9 @@ class ApacheConfigurator(common.Installer): :param str domain: domain to enhance :param str enhancement: enhancement type defined in - :const:`~certbot.constants.ENHANCEMENTS` + :const:`~certbot.plugins.enhancements.ENHANCEMENTS` :param options: options for the enhancement - See :const:`~certbot.constants.ENHANCEMENTS` + See :const:`~certbot.plugins.enhancements.ENHANCEMENTS` documentation for appropriate parameter. :raises .errors.PluginError: If Enhancement is not supported, or if diff --git a/certbot-compatibility-test/certbot_compatibility_test/configurators/common.py b/certbot-compatibility-test/certbot_compatibility_test/configurators/common.py index 8f90d37c2..f8d106f21 100644 --- a/certbot-compatibility-test/certbot_compatibility_test/configurators/common.py +++ b/certbot-compatibility-test/certbot_compatibility_test/configurators/common.py @@ -4,7 +4,7 @@ import os import shutil import tempfile -from certbot import constants +from certbot._internal import constants from certbot_compatibility_test import errors from certbot_compatibility_test import util diff --git a/certbot-compatibility-test/certbot_compatibility_test/util.py b/certbot-compatibility-test/certbot_compatibility_test/util.py index a96ead21f..4f93e5561 100644 --- a/certbot-compatibility-test/certbot_compatibility_test/util.py +++ b/certbot-compatibility-test/certbot_compatibility_test/util.py @@ -9,7 +9,7 @@ import tarfile import josepy as jose from certbot.tests import util as test_util -from certbot import constants +from certbot._internal import constants from certbot_compatibility_test import errors diff --git a/certbot-nginx/certbot_nginx/configurator.py b/certbot-nginx/certbot_nginx/configurator.py index fe5c7da35..177c0ea40 100644 --- a/certbot-nginx/certbot_nginx/configurator.py +++ b/certbot-nginx/certbot_nginx/configurator.py @@ -17,7 +17,6 @@ from acme import challenges from acme import crypto_util as acme_crypto_util from acme.magic_typing import List, Dict, Set # pylint: disable=unused-import, no-name-in-module -from certbot import constants as core_constants from certbot import crypto_util from certbot import errors from certbot import interfaces @@ -101,9 +100,6 @@ class NginxConfigurator(common.Installer): openssl_version = kwargs.pop("openssl_version", None) super(NginxConfigurator, self).__init__(*args, **kwargs) - # Verify that all directories and files exist with proper permissions - self._verify_setup() - # Files to save self.save_notes = "" @@ -708,9 +704,9 @@ class NginxConfigurator(common.Installer): :param str domain: domain to enhance :param str enhancement: enhancement type defined in - :const:`~certbot.constants.ENHANCEMENTS` + :const:`~certbot.plugins.enhancements.ENHANCEMENTS` :param options: options for the enhancement - See :const:`~certbot.constants.ENHANCEMENTS` + See :const:`~certbot.plugins.enhancements.ENHANCEMENTS` documentation for appropriate parameter. """ @@ -929,18 +925,6 @@ class NginxConfigurator(common.Installer): except errors.SubprocessError as err: raise errors.MisconfigurationError(str(err)) - def _verify_setup(self): - """Verify the setup to ensure safe operating environment. - - Make sure that files/directories are setup with appropriate permissions - Aim for defensive coding... make sure all input files - have permissions of root. - - """ - util.make_or_verify_dir(self.config.work_dir, core_constants.CONFIG_DIRS_MODE) - util.make_or_verify_dir(self.config.backup_dir, core_constants.CONFIG_DIRS_MODE) - util.make_or_verify_dir(self.config.config_dir, core_constants.CONFIG_DIRS_MODE) - def _nginx_version(self): """Return results of nginx -V diff --git a/certbot/_internal/account.py b/certbot/_internal/account.py index 992d63d38..12f6a3e8a 100644 --- a/certbot/_internal/account.py +++ b/certbot/_internal/account.py @@ -16,7 +16,7 @@ from cryptography.hazmat.primitives import serialization from acme import fields as acme_fields from acme import messages -from certbot import constants +from certbot._internal import constants from certbot import errors from certbot import interfaces from certbot import util diff --git a/certbot/_internal/client.py b/certbot/_internal/client.py index 37d61a7a4..f694a0ae7 100644 --- a/certbot/_internal/client.py +++ b/certbot/_internal/client.py @@ -21,7 +21,7 @@ import certbot from certbot._internal import account from certbot._internal import auth_handler from certbot import cli -from certbot import constants +from certbot._internal import constants from certbot import crypto_util from certbot._internal import eff from certbot._internal import error_handler diff --git a/certbot/constants.py b/certbot/_internal/constants.py similarity index 95% rename from certbot/constants.py rename to certbot/_internal/constants.py index 10cd58ca1..d8c3c2ae1 100644 --- a/certbot/constants.py +++ b/certbot/_internal/constants.py @@ -147,18 +147,6 @@ RENEWER_DEFAULTS = dict( ) """Defaults for renewer script.""" - -ENHANCEMENTS = ["redirect", "ensure-http-header", "ocsp-stapling"] -"""List of possible :class:`certbot.interfaces.IInstaller` -enhancements. - -List of expected options parameters: -- redirect: None -- ensure-http-header: name of header (i.e. Strict-Transport-Security) -- ocsp-stapling: certificate chain file path - -""" - ARCHIVE_DIR = "archive" """Archive directory, relative to `IConfig.config_dir`.""" diff --git a/certbot/_internal/display/enhancements.py b/certbot/_internal/display/enhancements.py index 0f6b6c57d..5498b9547 100644 --- a/certbot/_internal/display/enhancements.py +++ b/certbot/_internal/display/enhancements.py @@ -18,7 +18,7 @@ def ask(enhancement): """Display the enhancement to the user. :param str enhancement: One of the - :class:`certbot.CONFIG.ENHANCEMENTS` enhancements + :const:`~certbot.plugins.enhancements.ENHANCEMENTS` enhancements :returns: True if feature is desired, False otherwise :rtype: bool diff --git a/certbot/_internal/eff.py b/certbot/_internal/eff.py index 433cdc8cd..a0692009f 100644 --- a/certbot/_internal/eff.py +++ b/certbot/_internal/eff.py @@ -4,7 +4,7 @@ import logging import requests import zope.component -from certbot import constants +from certbot._internal import constants from certbot import interfaces diff --git a/certbot/_internal/log.py b/certbot/_internal/log.py index a16e2ef7e..2109e0427 100644 --- a/certbot/_internal/log.py +++ b/certbot/_internal/log.py @@ -24,7 +24,7 @@ import traceback from acme import messages -from certbot import constants +from certbot._internal import constants from certbot import errors from certbot import util from certbot.compat import os @@ -41,7 +41,7 @@ def pre_arg_parse_setup(): """Setup logging before command line arguments are parsed. Terminal logging is setup using - `certbot.constants.QUIET_LOGGING_LEVEL` so Certbot is as quiet as + `certbot._internal.constants.QUIET_LOGGING_LEVEL` so Certbot is as quiet as possible. File logging is setup so that logging messages are buffered in memory. If Certbot exits before `post_arg_parse_setup` is called, these buffered messages are written to a temporary file. diff --git a/certbot/_internal/main.py b/certbot/_internal/main.py index de68e8553..dd5f7fe4a 100644 --- a/certbot/_internal/main.py +++ b/certbot/_internal/main.py @@ -19,7 +19,7 @@ from certbot._internal import cert_manager from certbot import cli from certbot._internal import client from certbot import configuration -from certbot import constants +from certbot._internal import constants from certbot import crypto_util from certbot._internal import eff from certbot import errors diff --git a/certbot/_internal/plugins/disco.py b/certbot/_internal/plugins/disco.py index ec2bff8b7..0bee88ae1 100644 --- a/certbot/_internal/plugins/disco.py +++ b/certbot/_internal/plugins/disco.py @@ -10,7 +10,7 @@ import zope.interface import zope.interface.verify from acme.magic_typing import Dict # pylint: disable=unused-import, no-name-in-module -from certbot import constants +from certbot._internal import constants from certbot import errors from certbot import interfaces diff --git a/certbot/_internal/storage.py b/certbot/_internal/storage.py index 9684cc195..b7b878dab 100644 --- a/certbot/_internal/storage.py +++ b/certbot/_internal/storage.py @@ -13,7 +13,7 @@ import six import certbot from certbot import cli -from certbot import constants +from certbot._internal import constants from certbot import crypto_util from certbot._internal import error_handler from certbot import errors diff --git a/certbot/cli.py b/certbot/cli.py index 103347735..739eadd8a 100644 --- a/certbot/cli.py +++ b/certbot/cli.py @@ -22,7 +22,7 @@ from acme.magic_typing import Any, Dict, Optional import certbot import certbot.plugins.enhancements as enhancements import certbot._internal.plugins.selection as plugin_selection -from certbot import constants +from certbot._internal import constants from certbot import crypto_util from certbot import errors from certbot import hooks diff --git a/certbot/configuration.py b/certbot/configuration.py index cc9cb2d98..48579eb1c 100644 --- a/certbot/configuration.py +++ b/certbot/configuration.py @@ -4,7 +4,7 @@ import copy import zope.interface from six.moves.urllib import parse # pylint: disable=relative-import -from certbot import constants +from certbot._internal import constants from certbot import errors from certbot import interfaces from certbot import util @@ -20,7 +20,7 @@ class NamespaceConfig(object): :class:`certbot.interfaces.IConfig`. However, note that the following attributes are dynamically resolved using :attr:`~certbot.interfaces.IConfig.work_dir` and relative - paths defined in :py:mod:`certbot.constants`: + paths defined in :py:mod:`certbot._internal.constants`: - `accounts_dir` - `csr_dir` @@ -30,7 +30,7 @@ class NamespaceConfig(object): And the following paths are dynamically resolved using :attr:`~certbot.interfaces.IConfig.config_dir` and relative - paths defined in :py:mod:`certbot.constants`: + paths defined in :py:mod:`certbot._internal.constants`: - `default_archive_dir` - `live_dir` diff --git a/certbot/display/util.py b/certbot/display/util.py index d67e33dc8..6cf9f9c05 100644 --- a/certbot/display/util.py +++ b/certbot/display/util.py @@ -5,7 +5,7 @@ import textwrap import zope.interface -from certbot import constants +from certbot._internal import constants from certbot import errors from certbot import interfaces from certbot.compat import misc diff --git a/certbot/interfaces.py b/certbot/interfaces.py index 2e2df8a73..8cdd247d8 100644 --- a/certbot/interfaces.py +++ b/certbot/interfaces.py @@ -295,10 +295,10 @@ class IInstaller(IPlugin): :param str domain: domain for which to provide enhancement :param str enhancement: An enhancement as defined in - :const:`~certbot.constants.ENHANCEMENTS` + :const:`~certbot.plugins.enhancements.ENHANCEMENTS` :param options: Flexible options parameter for enhancement. Check documentation of - :const:`~certbot.constants.ENHANCEMENTS` + :const:`~certbot.plugins.enhancements.ENHANCEMENTS` for expected options for each enhancement. :raises .PluginError: If Enhancement is not supported, or if @@ -310,7 +310,7 @@ class IInstaller(IPlugin): """Returns a `collections.Iterable` of supported enhancements. :returns: supported enhancements which should be a subset of - :const:`~certbot.constants.ENHANCEMENTS` + :const:`~certbot.plugins.enhancements.ENHANCEMENTS` :rtype: :class:`collections.Iterable` of :class:`str` """ diff --git a/certbot/plugins/common.py b/certbot/plugins/common.py index fc56972b5..843e27a1b 100644 --- a/certbot/plugins/common.py +++ b/certbot/plugins/common.py @@ -14,7 +14,7 @@ from josepy import util as jose_util from acme.magic_typing import List # pylint: disable=unused-import, no-name-in-module from certbot import achallenges # pylint: disable=unused-import -from certbot import constants +from certbot._internal import constants from certbot import crypto_util from certbot import errors from certbot import interfaces diff --git a/certbot/plugins/common_test.py b/certbot/plugins/common_test.py index 8fa642ced..977500f86 100644 --- a/certbot/plugins/common_test.py +++ b/certbot/plugins/common_test.py @@ -167,11 +167,11 @@ class InstallerTest(test_util.ConfigTestCase): self.assertTrue(os.path.isfile(self.installer.ssl_dhparams)) def _current_ssl_dhparams_hash(self): - from certbot.constants import SSL_DHPARAMS_SRC + from certbot._internal.constants import SSL_DHPARAMS_SRC return crypto_util.sha256sum(SSL_DHPARAMS_SRC) def test_current_file_hash_in_all_hashes(self): - from certbot.constants import ALL_SSL_DHPARAMS_HASHES + from certbot._internal.constants import ALL_SSL_DHPARAMS_HASHES self.assertTrue(self._current_ssl_dhparams_hash() in ALL_SSL_DHPARAMS_HASHES, "Constants.ALL_SSL_DHPARAMS_HASHES must be appended" " with the sha256 hash of self.config.ssl_dhparams when it is updated.") diff --git a/certbot/plugins/enhancements.py b/certbot/plugins/enhancements.py index 353ff44d5..8896c1a98 100644 --- a/certbot/plugins/enhancements.py +++ b/certbot/plugins/enhancements.py @@ -2,10 +2,21 @@ import abc import six -from certbot import constants +from certbot._internal import constants from acme.magic_typing import Dict, List, Any # pylint: disable=unused-import, no-name-in-module +ENHANCEMENTS = ["redirect", "ensure-http-header", "ocsp-stapling"] +"""List of possible :class:`certbot.interfaces.IInstaller` +enhancements. + +List of expected options parameters: +- redirect: None +- ensure-http-header: name of header (i.e. Strict-Transport-Security) +- ocsp-stapling: certificate chain file path + +""" + def enabled_enhancements(config): """ Generator to yield the enabled new style enhancements. diff --git a/certbot/reverter.py b/certbot/reverter.py index ac2804164..9118fef94 100644 --- a/certbot/reverter.py +++ b/certbot/reverter.py @@ -9,7 +9,7 @@ import traceback import six -from certbot import constants +from certbot._internal import constants from certbot import errors from certbot import util from certbot.compat import os diff --git a/certbot/tests/account_test.py b/certbot/tests/account_test.py index 29ec4fc33..0f0b47ec4 100644 --- a/certbot/tests/account_test.py +++ b/certbot/tests/account_test.py @@ -278,7 +278,7 @@ class AccountFileStorageTest(test_util.ConfigTestCase): self._set_server('https://acme-staging.api.letsencrypt.org/directory') self.storage.save(self.acc, self.mock_client) # ensure v2 isn't already linked to it - with mock.patch('certbot.constants.LE_REUSE_SERVERS', {}): + with mock.patch('certbot._internal.constants.LE_REUSE_SERVERS', {}): self._set_server('https://acme-staging-v02.api.letsencrypt.org/directory') self.assertRaises(errors.AccountNotFound, self.storage.load, self.acc.id) diff --git a/certbot/tests/cli_test.py b/certbot/tests/cli_test.py index 0adf33921..8a398188c 100644 --- a/certbot/tests/cli_test.py +++ b/certbot/tests/cli_test.py @@ -12,7 +12,7 @@ from acme import challenges import certbot.tests.util as test_util from certbot import cli -from certbot import constants +from certbot._internal import constants from certbot import errors from certbot.compat import os from certbot.compat import filesystem diff --git a/certbot/tests/configuration_test.py b/certbot/tests/configuration_test.py index aa07a580f..e1e090fb5 100644 --- a/certbot/tests/configuration_test.py +++ b/certbot/tests/configuration_test.py @@ -3,7 +3,7 @@ import unittest import mock -from certbot import constants +from certbot._internal import constants from certbot import errors from certbot.compat import misc from certbot.compat import os diff --git a/certbot/tests/eff_test.py b/certbot/tests/eff_test.py index 5e4cadcfa..b53187f47 100644 --- a/certbot/tests/eff_test.py +++ b/certbot/tests/eff_test.py @@ -4,7 +4,7 @@ import unittest import mock import requests -from certbot import constants +from certbot._internal import constants import certbot.tests.util as test_util diff --git a/certbot/tests/log_test.py b/certbot/tests/log_test.py index cd2cb01f1..36c473bd2 100644 --- a/certbot/tests/log_test.py +++ b/certbot/tests/log_test.py @@ -11,7 +11,7 @@ import six from acme import messages from acme.magic_typing import Optional # pylint: disable=unused-import, no-name-in-module -from certbot import constants +from certbot._internal import constants from certbot import errors from certbot import util from certbot.compat import filesystem diff --git a/certbot/tests/main_test.py b/certbot/tests/main_test.py index 177790028..835951b70 100644 --- a/certbot/tests/main_test.py +++ b/certbot/tests/main_test.py @@ -24,7 +24,7 @@ import certbot.tests.util as test_util from certbot._internal import account from certbot import cli from certbot import configuration -from certbot import constants +from certbot._internal import constants from certbot import crypto_util from certbot import errors from certbot import interfaces # pylint: disable=unused-import diff --git a/certbot/tests/util.py b/certbot/tests/util.py index 38779f564..00452fef9 100644 --- a/certbot/tests/util.py +++ b/certbot/tests/util.py @@ -20,7 +20,7 @@ from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import serialization from certbot import configuration -from certbot import constants +from certbot._internal import constants from certbot import interfaces from certbot._internal import lock from certbot._internal import storage diff --git a/certbot/util.py b/certbot/util.py index fdcc57d27..5d8aa8f22 100644 --- a/certbot/util.py +++ b/certbot/util.py @@ -19,7 +19,7 @@ import six from acme.magic_typing import Tuple, Union # pylint: disable=unused-import, no-name-in-module -from certbot import constants +from certbot._internal import constants from certbot import errors from certbot._internal import lock from certbot.compat import os diff --git a/docs/api/constants.rst b/docs/api/constants.rst deleted file mode 100644 index 99ecc240a..000000000 --- a/docs/api/constants.rst +++ /dev/null @@ -1,9 +0,0 @@ -:mod:`certbot.constants` ------------------------------------ - -.. automodule:: certbot.constants - :members: - :exclude-members: SSL_DHPARAMS_SRC - -.. autodata:: SSL_DHPARAMS_SRC - :annotation: = '/path/to/certbot/ssl-dhparams.pem'