Merge getssl-dns01 and getssl-staging-dns01 into a single cfg file

5 years ago · 67a7e5d453
--- a/test/10-mixed-case.bats
+++ b/test/10-mixed-case.bats
@ -29,11 +29,7 @@ setup() {
 }

@test "Check that DNS-01 verification works if the domain is not lowercase" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01.cfg"
    fi
    CONFIG_FILE="getssl-dns01.cfg"

    GETSSL_CMD_HOST=$(echo $GETSSL_HOST | tr a-z A-Z)
    setup_environment
--- a/test/14-test-revoke.bats
+++ b/test/14-test-revoke.bats
@ -15,7 +15,7 @@ setup() {

@test "Create certificate to check revoke" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
        CONFIG_FILE="getssl-dns01.cfg"
    else
        CONFIG_FILE="getssl-http01.cfg"
    fi
@ -30,7 +30,7 @@ setup() {

@test "Check we can revoke a certificate" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
        CONFIG_FILE="getssl-dns01.cfg"
    else
        CONFIG_FILE="getssl-http01.cfg"
    fi
--- a/test/15-test-revoke-no-suffix.bats
+++ b/test/15-test-revoke-no-suffix.bats
@ -15,7 +15,7 @@ setup() {

@test "Create certificate to check revoke (no suffix)" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
        CONFIG_FILE="getssl-dns01.cfg"
    else
        CONFIG_FILE="getssl-http01-no-suffix.cfg"
    fi
@ -34,7 +34,7 @@ setup() {

@test "Check we can revoke a certificate (no suffix)" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
        CONFIG_FILE="getssl-dns01.cfg"
    else
        CONFIG_FILE="getssl-http01.cfg"
    fi
--- a/test/18-staging-retry-dns-add.bats
+++ b/test/18-staging-retry-dns-add.bats
--- a/test/19-test-add-to-sans.bats
+++ b/test/19-test-add-to-sans.bats
@ -26,7 +26,7 @@ teardown() {
    skip "FIXME: Certificate is not recreated when SANS is updated"
    if [ -n "$STAGING" ]; then
        skip "Not trying on staging server yet"
        CONFIG_FILE="getssl-staging-dns01.cfg"
        CONFIG_FILE="getssl-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01-add-to-sans-1.cfg"
    fi
@ -45,7 +45,7 @@ teardown() {
    skip "FIXME: Certificate is not recreated when SANS is updated"
    if [ -n "$STAGING" ]; then
        skip "Not trying on staging server yet"
        CONFIG_FILE="getssl-staging-dns01.cfg"
        CONFIG_FILE="getssl-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01-add-to-sans-2.cfg"
    fi
--- a/test/2-simple-dns01-dig.bats
+++ b/test/2-simple-dns01-dig.bats
@ -30,9 +30,6 @@ teardown() {

@test "Create new certificate using DNS-01 verification (dig)" {
    CONFIG_FILE="getssl-dns01.cfg"
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    fi

    setup_environment
    init_getssl
--- a/test/2-simple-dns01-nslookup.bats
+++ b/test/2-simple-dns01-nslookup.bats
@ -31,9 +31,6 @@ teardown() {

@test "Create new certificate using DNS-01 verification (nslookup)" {
    CONFIG_FILE="getssl-dns01.cfg"
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    fi

    setup_environment
    init_getssl
--- a/test/20-wildcard-simple.bats
+++ b/test/20-wildcard-simple.bats
@ -14,11 +14,7 @@ setup() {


@test "Create wildcard certificate" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01.cfg"
    fi
    CONFIG_FILE="getssl-dns01.cfg"

    GETSSL_CMD_HOST="*.${GETSSL_HOST}"
    setup_environment
--- a/test/21-wildcard-dual-rsa.bats
+++ b/test/21-wildcard-dual-rsa.bats
@ -14,11 +14,7 @@ setup() {


@test "Create secp384r1 wildcard certificate" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01.cfg"
    fi
    CONFIG_FILE="getssl-dns01.cfg"

    GETSSL_CMD_HOST="*.${GETSSL_HOST}"

@ -40,11 +36,7 @@ EOF


@test "Create dual certificates using DNS-01 verification" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01.cfg"
    fi
    CONFIG_FILE="getssl-dns01.cfg"

    GETSSL_CMD_HOST="*.${GETSSL_HOST}"

--- a/test/22-wildcard-dual-rsa-ecdsa-copy-2-locations.bats
+++ b/test/22-wildcard-dual-rsa-ecdsa-copy-2-locations.bats
@ -14,11 +14,7 @@ setup() {


@test "Create dual certificates (one wildcard) and copy RSA and ECDSA chain and key to two locations" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01.cfg"
    fi
    CONFIG_FILE="getssl-dns01.cfg"

    GETSSL_CMD_HOST="*.${GETSSL_HOST}"

--- a/test/24-wildcard-sans.bats
+++ b/test/24-wildcard-sans.bats
@ -22,11 +22,7 @@ teardown() {


@test "Check can create certificate for wildcard domain as arg and non-wildcard in SANS" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01.cfg"
    fi
    CONFIG_FILE="getssl-dns01.cfg"

    # Staging server generates an error if try to create a certificate for *.domain and a.domain
    # so create for *.wild-domain and a.domain instead
@ -50,11 +46,7 @@ teardown() {


@test "Check can create certificate for non-wildcard domain as arg and wildcard in SANS" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01.cfg"
    fi
    CONFIG_FILE="getssl-dns01.cfg"

    GETSSL_CMD_HOST="${GETSSL_HOST}"
    setup_environment
--- a/test/26-wildcard-revoke.bats
+++ b/test/26-wildcard-revoke.bats
@ -14,11 +14,7 @@ setup() {


@test "Create certificate to check wildcard revoke" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01.cfg"
    fi
    CONFIG_FILE="getssl-dns01.cfg"

    GETSSL_CMD_HOST="*.${GETSSL_HOST}"
    setup_environment
@ -30,11 +26,7 @@ setup() {


@test "Check we can revoke a wildcard certificate" {
    if [ -n "$STAGING" ]; then
        CONFIG_FILE="getssl-staging-dns01.cfg"
    else
        CONFIG_FILE="getssl-dns01.cfg"
    fi
    CONFIG_FILE="getssl-dns01.cfg"
    . "${CODE_DIR}/test/test-config/${CONFIG_FILE}"

    GETSSL_CMD_HOST="*.${GETSSL_HOST}"
--- a/test/8-staging-ecdsa.bats
+++ b/test/8-staging-ecdsa.bats
@ -9,9 +9,9 @@ load '/getssl/test/test_helper.bash'

@test "Create new certificate using staging server and prime256v1" {
    if [ -z "$STAGING" ]; then
        skip "Running internal tests, skipping external test"
        skip "Running external tests, skipping internal testing"
    fi
    CONFIG_FILE="getssl-staging-dns01.cfg"
    CONFIG_FILE="getssl-dns01.cfg"

    setup_environment
    init_getssl
@ -35,9 +35,9 @@ load '/getssl/test/test_helper.bash'

@test "Create new certificate using staging server and secp384r1" {
    if [ -z "$STAGING" ]; then
        skip "Running internal tests, skipping external test"
        skip "Running external tests, skipping internal testing"
    fi
    CONFIG_FILE="getssl-staging-dns01.cfg"
    CONFIG_FILE="getssl-dns01.cfg"

    setup_environment
    init_getssl
--- a/test/test-config/getssl-dns01.cfg
+++ b/test/test-config/getssl-dns01.cfg
@ -1,19 +1,38 @@
 # Uncomment and modify any variables you need
 # see https://github.com/srvrco/getssl/wiki/Config-variables for details
 # see https://github.com/srvrco/getssl/wiki/Example-config-files for example configs
 #
 CA="https://pebble:14000/dir"
 # Test that the script works with dns

 VALIDATE_VIA_DNS=true
 DNS_ADD_COMMAND="/getssl/dns_scripts/dns_add_challtestsrv"
 DNS_DEL_COMMAND="/getssl/dns_scripts/dns_del_challtestsrv"
 AUTH_DNS_SERVER=10.30.50.3

 # Speed up the test by reducing the number or retries and the wait between retries.
 DNS_WAIT=2
 DNS_WAIT_COUNT=11
 DNS_EXTRA_WAIT=0

 if [ -z "$STAGING" ]; then
    # Settings for challtestserv dns provider running in local docker
    CA="https://pebble:14000/dir"

    DNS_ADD_COMMAND="/getssl/dns_scripts/dns_add_challtestsrv"
    DNS_DEL_COMMAND="/getssl/dns_scripts/dns_del_challtestsrv"
    AUTH_DNS_SERVER=10.30.50.3

    # Speed up the test by reducing the number or retries and the wait between retries.
    DNS_WAIT=2
    DNS_WAIT_COUNT=11
    DNS_EXTRA_WAIT=0
 else
    # Settings for external dns provider and staging server
    CA="https://acme-staging-v02.api.letsencrypt.org/directory"

    DNS_ADD_COMMAND="/getssl/dns_scripts/dns_add_${dynamic_dns}"
    DNS_DEL_COMMAND="/getssl/dns_scripts/dns_del_${dynamic_dns}"
    PUBLIC_DNS_SERVER="8.8.8.8 resolver1.infoserve.de"
    if [[ "${dynamic_dns}" == "dynu" ]]; then
        AUTH_DNS_SERVER=ns1.dynu.com
    else
        AUTH_DNS_SERVER=ns1.duckdns.org
    fi
    CHECK_ALL_AUTH_DNS="true"
    CHECK_PUBLIC_DNS_SERVER="true"
    DNS_EXTRA_WAIT=120

    DNS_WAIT_COUNT=20
    DNS_WAIT=30
    DNS_WAIT_RETRY_ADD="true"
 fi
 # Additional domains - this could be multiple domains / subdomains in a comma separated list
 SANS=""

--- a/test/test-config/getssl-staging-dns01.cfg
+++ b/test/test-config/getssl-staging-dns01.cfg
@ -1,49 +0,0 @@
 # Test that the script works with external dns provider and staging server
 #
 CA="https://acme-staging-v02.api.letsencrypt.org/directory"

 VALIDATE_VIA_DNS=true
 DNS_ADD_COMMAND="/getssl/dns_scripts/dns_add_${dynamic_dns}"
 DNS_DEL_COMMAND="/getssl/dns_scripts/dns_del_${dynamic_dns}"
 PUBLIC_DNS_SERVER="8.8.8.8 resolver1.infoserve.de"
 if [[ "${dynamic_dns}" == "dynu" ]]; then
    AUTH_DNS_SERVER=ns1.dynu.com
 else
    AUTH_DNS_SERVER=ns1.duckdns.org
 fi
 CHECK_ALL_AUTH_DNS="true"
 CHECK_PUBLIC_DNS_SERVER="true"
 DNS_EXTRA_WAIT=120

 # Speed up the test by reducing the number or retries and retrying DNS_ADD after 10 failures
 DNS_WAIT_COUNT=20
 DNS_WAIT=30
 DNS_WAIT_RETRY_ADD="true"

 ACCOUNT_KEY_TYPE="rsa"
 PRIVATE_KEY_ALG="rsa"

 # Additional domains - this could be multiple domains / subdomains in a comma separated list
 SANS=""

 # Location for all your certs, these can either be on the server (full path name)
 # or using ssh /sftp as for the ACL
 DOMAIN_CERT_LOCATION="/etc/nginx/pki/server.crt"
 DOMAIN_KEY_LOCATION="/etc/nginx/pki/private/server.key"
 CA_CERT_LOCATION="/etc/nginx/pki/chain.crt"
 DOMAIN_CHAIN_LOCATION="" # this is the domain cert and CA cert
 DOMAIN_PEM_LOCATION="" # this is the domain_key, domain cert and CA cert

 # The command needed to reload apache / nginx or whatever you use
 RELOAD_CMD="cp /getssl/test/test-config/nginx-ubuntu-ssl ${NGINX_CONFIG} && /getssl/test/restart-nginx"

 # Define the server type and confirm correct certificate is installed
 SERVER_TYPE="https"
 CHECK_REMOTE="true"

 if [[ -s "$DOMAIN_DIR/getssl_test_specific.cfg" ]]; then
    . $DOMAIN_DIR/getssl_test_specific.cfg
 fi

 #_RUNNING_TEST=1
 #_USE_DEBUG=1