Bug#894025: python-certbot-dns-cloudflare: Fails to build from source

2018-03-26 Thread Andrew Starr-Bochicchio 
On Sun, Mar 25, 2018 at 11:15 PM, Harlan Lieberman-Berg <
hlieber...@debian.org> wrote:

> Hm, so, we've never shipped the testdata.  All the way back to the first
> tag (0.0.0.dev20151104-1), we've removed the testdata.  It's only for the
> test cases, so we don't ship it out in the debs.
>

It looks like the test data slipped back into the package at some point.
Inspecting the 0.21.1-1 from testing:

$ dpkg --contents python3-certbot_0.21.1-1_all.deb | grep rsa512_key.pem
-rw-r--r-- root/root   493 2018-01-25 14:29
./usr/lib/python3/dist-packages/certbot/tests/testdata/rsa512_key.pem

It's not actually clear to me if any of these packages really depend on
that test data. It seems that it is only due to them importing
dns_test_common which defines the key globally.

https://salsa.debian.org/letsencrypt-team/certbot/certbot/blob/master/certbot/plugins/dns_test_common.py#L16

But taking a quick look at the packages that are failing, I don't actually
see KEY referenced in their tests. So we could patch potentially that out
in the main certbot package.


-- Andrew Starr-Bochicchio

   Debian Developer 
   Ubuntu Developer 
   PGP/GPG Key ID: 3B56E2BBD53FDCB1

Bug#894025: python-certbot-dns-cloudflare: Fails to build from source

2018-03-25 Thread Harlan Lieberman-Berg 
Hm, so, we've never shipped the testdata.  All the way back to the first
tag (0.0.0.dev20151104-1), we've removed the testdata.  It's only for the
test cases, so we don't ship it out in the debs.

An update to the python version caused the way that it was being deleted to
break a while ago, it looks like.  A user reported it to me recently
because it was causing chkrootkit to trip on their systems, so I fixed the
removal in 8bb2938.

I'm not sure what we should do here.  Shipping the testdata isn't a huge
amount of resources for the end user, though it's a bit annoying that it's
causing some security stuff to complain.  We could create an intermediary
package that just ships the testdata that we could B-D on, but that seems
potentially unnecessary for the additional load on the ftpmasters and the
archive.  We could also ask upstream to ship the testdata that each package
needs with each package.

Thoughts?

On Sun, Mar 25, 2018 at 10:45 AM, Andrew Starr-Bochicchio 
wrote:

> On Sun, Mar 25, 2018 at 9:47 AM, Jeremy Bicha  wrote:
>>
>> error: [Errno 2] No such file or directory:
>> '/usr/lib/python3/dist-packages/certbot/tests/testdata/rsa512_key.pem'
>>
>> Full build log at
>> https://launchpad.net/ubuntu/+source/python-certbot-dns-clou
>> dflare/0.22.0-1/+build/14491162
>>
>
> Looks like this was caused by this change in the main certbot package:
>
> https://salsa.debian.org/letsencrypt-team/certbot/certbot/commit/
> 8bb2938afb15594cb79f8661d951724323f0e754
>
> Harlan, any more context on that or concerns about reverting?
>
> Thanks,
>
> -- Andrew Starr-Bochicchio
>
>Debian Developer 
>Ubuntu Developer 
>PGP/GPG Key ID: 3B56E2BBD53FDCB1
>
>


-- 
Harlan Lieberman-Berg
~hlieberman

Bug#894025: python-certbot-dns-cloudflare: Fails to build from source

2018-03-25 Thread Andrew Starr-Bochicchio 
On Sun, Mar 25, 2018 at 9:47 AM, Jeremy Bicha  wrote:
>
> error: [Errno 2] No such file or directory:
> '/usr/lib/python3/dist-packages/certbot/tests/testdata/rsa512_key.pem'
>
> Full build log at
> https://launchpad.net/ubuntu/+source/python-certbot-dns-
> cloudflare/0.22.0-1/+build/14491162
>

Looks like this was caused by this change in the main certbot package:

https://salsa.debian.org/letsencrypt-team/certbot/certbot/commit/8bb2938afb15594cb79f8661d951724323f0e754

Harlan, any more context on that or concerns about reverting?

Thanks,

-- Andrew Starr-Bochicchio

   Debian Developer 
   Ubuntu Developer 
   PGP/GPG Key ID: 3B56E2BBD53FDCB1

Bug#894025: python-certbot-dns-cloudflare: Fails to build from source

2018-03-25 Thread Jeremy Bicha 
Source: python-certbot-dns-cloudflare
Version: 0.22.0-1
Severity: serious
X-Debbugs-CC: a...@debian.org

python-certbot-dns-cloudflare fails to build from source in a clean
sid chroot. During the build tests, there is this error:

error: [Errno 2] No such file or directory:
'/usr/lib/python3/dist-packages/certbot/tests/testdata/rsa512_key.pem'

Full build log at
https://launchpad.net/ubuntu/+source/python-certbot-dns-cloudflare/0.22.0-1/+build/14491162

This issue also affects these packages:

python-certbot-dns-dnsimple
python-certbot-dns-digitalocean
python-certbot-dns-rfc2136

The Google package works though!

Thanks,
Jeremy Bicha