Make uncomplicated modules private (certbot#7528)

* Create _internal package for Certbot's non-public modules * Move account.py to _internal * Move auth_handler.py to _internal * Move cert_manager.py to _internal * Move client.py to _internal * Move error_handler.py to _internal * Move lock.py to _internal * Move main.py to _internal * Move notify.py to _internal * Move ocsp.py to _internal * Move renewal.py to _internal * Move reporter.py to _internal * Move storage.py to _internal * Move updater.py to _internal * update apache and nginx oldest requirements * Keep the lock file as certbot.lock * nginx oldest tests still need to rely on newer certbot * python doesn't have good dependency resolution, so specify the transitive dependency * update required minimum versions in nginx setup.py
Matze-S · Nov 9, 2019 · 96e02d6 · 96e02d6
1 parent 0a48d7b
commit 96e02d6
Show file tree

Hide file tree

Showing 56 changed files with 533 additions and 582 deletions.
diff --git a/certbot-apache/certbot_apache/configurator.py b/certbot-apache/certbot_apache/configurator.py
@@ -2345,7 +2345,7 @@ def enable_autohsts(self, _unused_lineage, domains):
         Enable the AutoHSTS enhancement for defined domains
 
         :param _unused_lineage: Certificate lineage object, unused
-        :type _unused_lineage: certbot.storage.RenewableCert
+        :type _unused_lineage: certbot._internal.storage.RenewableCert
 
         :param domains: List of domains in certificate to enhance
         :type domains: str
@@ -2470,7 +2470,7 @@ def deploy_autohsts(self, lineage):
         and changes the HSTS max-age to a high value.
 
         :param lineage: Certificate lineage object
-        :type lineage: certbot.storage.RenewableCert
+        :type lineage: certbot._internal.storage.RenewableCert
         """
         self._autohsts_fetch_state()
         if not self._autohsts:

diff --git a/certbot-nginx/local-oldest-requirements.txt b/certbot-nginx/local-oldest-requirements.txt
@@ -1,3 +1,3 @@
 # Remember to update setup.py to match the package versions below.
-acme[dev]==0.29.0
-certbot[dev]==0.36.0
+-e acme[dev]
+-e .[dev]
diff --git a/certbot-nginx/setup.py b/certbot-nginx/setup.py
@@ -9,8 +9,8 @@
 # Remember to update local-oldest-requirements.txt when changing the minimum
 # acme/certbot version.
 install_requires = [
-    'acme>=0.29.0',
-    'certbot>=0.35.0',
+    'acme>=1.0.0.dev0',
+    'certbot>=1.0.0.dev0',
     'mock',
     'PyOpenSSL',
     'pyparsing>=1.5.5',  # Python3 support; perhaps unnecessary?

diff --git a/certbot/_internal/__init__.py b/certbot/_internal/__init__.py
@@ -0,0 +1,6 @@
+"""
+Modules internal to Certbot.
+
+This package contains modules that are not considered part of Certbot's public
+API. They may be changed without updating Certbot's major version.
+"""
diff --git a/certbot/account.py → certbot/_internal/account.py b/certbot/account.py → certbot/_internal/account.py
diff --git a/certbot/auth_handler.py → certbot/_internal/auth_handler.py b/certbot/auth_handler.py → certbot/_internal/auth_handler.py
@@ -13,7 +13,7 @@
 # pylint: enable=unused-import, no-name-in-module
 from certbot import achallenges
 from certbot import errors
-from certbot import error_handler
+from certbot._internal import error_handler
 from certbot import interfaces
 
 logger = logging.getLogger(__name__)
@@ -29,7 +29,7 @@ class AuthHandler(object):
     :ivar acme.client.BackwardsCompatibleClientV2 acme_client: ACME client API.
 
     :ivar account: Client's Account
-    :type account: :class:`certbot.account.Account`
+    :type account: :class:`certbot._internal.account.Account`
 
     :ivar list pref_challs: sorted user specified preferred challenges
         type strings with the most preferred challenge listed first

diff --git a/certbot/cert_manager.py → certbot/_internal/cert_manager.py b/certbot/cert_manager.py → certbot/_internal/cert_manager.py
@@ -12,8 +12,8 @@
 from certbot import crypto_util
 from certbot import errors
 from certbot import interfaces
-from certbot import ocsp
-from certbot import storage
+from certbot._internal import ocsp
+from certbot._internal import storage
 from certbot import util
 from certbot.compat import os
 from certbot.display import util as display_util

diff --git a/certbot/client.py → certbot/_internal/client.py b/certbot/client.py → certbot/_internal/client.py
@@ -18,16 +18,16 @@
 from acme.magic_typing import Optional, List  # pylint: disable=unused-import,no-name-in-module
 
 import certbot
-from certbot import account
-from certbot import auth_handler
+from certbot._internal import account
+from certbot._internal import auth_handler
 from certbot import cli
 from certbot import constants
 from certbot import crypto_util
 from certbot import eff
-from certbot import error_handler
+from certbot._internal import error_handler
 from certbot import errors
 from certbot import interfaces
-from certbot import storage
+from certbot._internal import storage
 from certbot import util
 from certbot.compat import os
 from certbot.display import enhancements
@@ -408,7 +408,7 @@ def obtain_and_enroll_certificate(self, domains, certname):
         :param certname: requested name of lineage
         :type certname: `str` or `None`
 
-        :returns: A new :class:`certbot.storage.RenewableCert` instance
+        :returns: A new :class:`certbot._internal.storage.RenewableCert` instance
             referred to the enrolled cert lineage, False if the cert could not
             be obtained, or None if doing a successful dry run.
 

diff --git a/certbot/error_handler.py → certbot/_internal/error_handler.py b/certbot/error_handler.py → certbot/_internal/error_handler.py
diff --git a/certbot/lock.py → certbot/_internal/lock.py b/certbot/lock.py → certbot/_internal/lock.py
diff --git a/certbot/main.py → certbot/_internal/main.py b/certbot/main.py → certbot/_internal/main.py
@@ -14,10 +14,10 @@
 from acme.magic_typing import Union  # pylint: disable=unused-import, no-name-in-module
 
 import certbot
-from certbot import account
-from certbot import cert_manager
+from certbot._internal import account
+from certbot._internal import cert_manager
 from certbot import cli
-from certbot import client
+from certbot._internal import client
 from certbot import configuration
 from certbot import constants
 from certbot import crypto_util
@@ -26,10 +26,10 @@
 from certbot import hooks
 from certbot import interfaces
 from certbot import log
-from certbot import renewal
-from certbot import reporter
-from certbot import storage
-from certbot import updater
+from certbot._internal import renewal
+from certbot._internal import reporter
+from certbot._internal import storage
+from certbot._internal import updater
 from certbot import util
 from certbot.compat import filesystem
 from certbot.compat import misc
@@ -483,7 +483,7 @@ def _determine_account(config):
 
     :returns: Account and optionally ACME client API (biproduct of new
         registration).
-    :rtype: tuple of :class:`certbot.account.Account` and :class:`acme.client.Client`
+    :rtype: tuple of :class:`certbot._internal.account.Account` and :class:`acme.client.Client`
 
     :raises errors.Error: If unable to register an account with ACME server
 

diff --git a/certbot/notify.py → certbot/_internal/notify.py b/certbot/notify.py → certbot/_internal/notify.py
diff --git a/certbot/ocsp.py → certbot/_internal/ocsp.py b/certbot/ocsp.py → certbot/_internal/ocsp.py
@@ -22,7 +22,7 @@
 from acme.magic_typing import Optional, Tuple  # pylint: disable=unused-import, no-name-in-module
 from certbot import crypto_util
 from certbot import errors
-from certbot.storage import RenewableCert # pylint: disable=unused-import
+from certbot._internal.storage import RenewableCert # pylint: disable=unused-import
 from certbot import util
 
 logger = logging.getLogger(__name__)

diff --git a/certbot/renewal.py → certbot/_internal/renewal.py b/certbot/renewal.py → certbot/_internal/renewal.py
@@ -20,8 +20,8 @@
 from certbot import errors
 from certbot import hooks
 from certbot import interfaces
-from certbot import storage
-from certbot import updater
+from certbot._internal import storage
+from certbot._internal import updater
 from certbot import util
 from certbot.compat import os
 from certbot.plugins import disco as plugins_disco
@@ -429,7 +429,7 @@ def handle_renewal_request(config):  # pylint: disable=too-many-locals,too-many-
                 # XXX: ensure that each call here replaces the previous one
                 zope.component.provideUtility(lineage_config)
                 renewal_candidate.ensure_deployed()
-                from certbot import main
+                from certbot._internal import main
                 plugins = plugins_disco.PluginsRegistry.find_all()
                 if should_renew(lineage_config, renewal_candidate):
                     # Apply random sleep upon first renewal if needed

diff --git a/certbot/reporter.py → certbot/_internal/reporter.py b/certbot/reporter.py → certbot/_internal/reporter.py
diff --git a/certbot/storage.py → certbot/_internal/storage.py b/certbot/storage.py → certbot/_internal/storage.py
@@ -15,7 +15,7 @@
 from certbot import cli
 from certbot import constants
 from certbot import crypto_util
-from certbot import error_handler
+from certbot._internal import error_handler
 from certbot import errors
 from certbot import util
 from certbot.compat import os
@@ -248,7 +248,7 @@ def _relevant(namespaces, option):
 
     :rtype: bool
     """
-    from certbot import renewal
+    from certbot._internal import renewal
 
     return (option in renewal.CONFIG_ITEMS or
             any(option.startswith(namespace) for namespace in namespaces))

diff --git a/certbot/updater.py → certbot/_internal/updater.py b/certbot/updater.py → certbot/_internal/updater.py
diff --git a/certbot/cli.py b/certbot/cli.py
@@ -438,7 +438,7 @@ class HelpfulArgumentParser(object):
 
 
     def __init__(self, args, plugins, detect_defaults=False):
-        from certbot import main
+        from certbot._internal import main
         self.VERBS = {
             "auth": main.certonly,
             "certonly": main.certonly,
@@ -1256,7 +1256,7 @@ def prepare_and_parse_args(plugins, args, detect_defaults=False):  # pylint: dis
 
 
 def _create_subparsers(helpful):
-    from certbot.client import sample_user_agent # avoid import loops
+    from certbot._internal.client import sample_user_agent # avoid import loops
     helpful.add(
         None, "--user-agent", default=flag_default("user_agent"),
         help='Set a custom user agent string for the client. User agent strings allow '

diff --git a/certbot/display/ops.py b/certbot/display/ops.py
@@ -75,7 +75,7 @@ def choose_account(accounts):
     """Choose an account.
 
     :param list accounts: Containing at least one
-        :class:`~certbot.account.Account`
+        :class:`~certbot._internal.account.Account`
 
     """
     # Note this will get more complicated once we start recording authorizations

diff --git a/certbot/plugins/common_test.py b/certbot/plugins/common_test.py
@@ -178,7 +178,7 @@ def test_current_file_hash_in_all_hashes(self):
 
 
 class AddrTest(unittest.TestCase):
-    """Tests for certbot.client.plugins.common.Addr."""
+    """Tests for certbot._internal.client.plugins.common.Addr."""
 
     def setUp(self):
         from certbot.plugins.common import Addr

diff --git a/certbot/plugins/enhancements.py b/certbot/plugins/enhancements.py
@@ -51,7 +51,7 @@ def enable(lineage, domains, installer, config):
     Run enable method for each requested enhancement that is supported.
 
     :param lineage: Certificate lineage object
-    :type lineage: certbot.storage.RenewableCert
+    :type lineage: certbot._internal.storage.RenewableCert
 
     :param domains: List of domains in certificate to enhance
     :type domains: str
@@ -112,7 +112,7 @@ def update_autohsts(self, lineage, *args, **kwargs):
         Implementation of this method should increase the max-age value.
 
         :param lineage: Certificate lineage object
-        :type lineage: certbot.storage.RenewableCert
+        :type lineage: certbot._internal.storage.RenewableCert
 
         .. note:: prepare() method inherited from `interfaces.IPlugin` might need
             to be called manually within implementation of this interface method
@@ -126,7 +126,7 @@ def deploy_autohsts(self, lineage, *args, **kwargs):
         Long max-age value should be set in implementation of this method.
 
         :param lineage: Certificate lineage object
-        :type lineage: certbot.storage.RenewableCert
+        :type lineage: certbot._internal.storage.RenewableCert
         """
 
     @abc.abstractmethod
@@ -137,7 +137,7 @@ def enable_autohsts(self, lineage, domains, *args, **kwargs):
         over the subsequent runs of Certbot renew.
 
         :param lineage: Certificate lineage object
-        :type lineage: certbot.storage.RenewableCert
+        :type lineage: certbot._internal.storage.RenewableCert
 
         :param domains: List of domains in certificate to enhance
         :type domains: str

diff --git a/certbot/tests/account_test.py b/certbot/tests/account_test.py
@@ -1,4 +1,4 @@
-"""Tests for certbot.account."""
+"""Tests for certbot._internal.account."""
 import datetime
 import json
 import unittest
@@ -19,10 +19,10 @@
 
 
 class AccountTest(unittest.TestCase):
-    """Tests for certbot.account.Account."""
+    """Tests for certbot._internal.account.Account."""
 
     def setUp(self):
-        from certbot.account import Account
+        from certbot._internal.account import Account
         self.regr = mock.MagicMock()
         self.meta = Account.Meta(
             creation_host="test.certbot.org",
@@ -31,9 +31,9 @@ def setUp(self):
         self.acc = Account(self.regr, KEY, self.meta)
         self.regr.__repr__ = mock.MagicMock(return_value="i_am_a_regr")
 
-        with mock.patch("certbot.account.socket") as mock_socket:
+        with mock.patch("certbot._internal.account.socket") as mock_socket:
             mock_socket.getfqdn.return_value = "test.certbot.org"
-            with mock.patch("certbot.account.datetime") as mock_dt:
+            with mock.patch("certbot._internal.account.datetime") as mock_dt:
                 mock_dt.datetime.now.return_value = self.meta.creation_dt
                 self.acc_no_meta = Account(self.regr, KEY)
 
@@ -55,29 +55,29 @@ def test_repr(self):
           "<Account(i_am_a_regr, 7adac10320f585ddf118429c0c4af2cd, Meta("))
 
 class ReportNewAccountTest(test_util.ConfigTestCase):
-    """Tests for certbot.account.report_new_account."""
+    """Tests for certbot._internal.account.report_new_account."""
 
     def _call(self):
-        from certbot.account import report_new_account
+        from certbot._internal.account import report_new_account
         report_new_account(self.config)
 
-    @mock.patch("certbot.account.zope.component.queryUtility")
+    @mock.patch("certbot._internal.account.zope.component.queryUtility")
     def test_no_reporter(self, mock_zope):
         mock_zope.return_value = None
         self._call()
 
-    @mock.patch("certbot.account.zope.component.queryUtility")
+    @mock.patch("certbot._internal.account.zope.component.queryUtility")
     def test_it(self, mock_zope):
         self._call()
         call_list = mock_zope().add_message.call_args_list
         self.assertTrue(self.config.config_dir in call_list[0][0][0])
 
 
 class AccountMemoryStorageTest(unittest.TestCase):
-    """Tests for certbot.account.AccountMemoryStorage."""
+    """Tests for certbot._internal.account.AccountMemoryStorage."""
 
     def setUp(self):
-        from certbot.account import AccountMemoryStorage
+        from certbot._internal.account import AccountMemoryStorage
         self.storage = AccountMemoryStorage()
 
     def test_it(self):
@@ -92,16 +92,16 @@ def test_it(self):
 
 
 class AccountFileStorageTest(test_util.ConfigTestCase):
-    """Tests for certbot.account.AccountFileStorage."""
+    """Tests for certbot._internal.account.AccountFileStorage."""
     #pylint: disable=too-many-public-methods
 
     def setUp(self):
         super(AccountFileStorageTest, self).setUp()
 
-        from certbot.account import AccountFileStorage
+        from certbot._internal.account import AccountFileStorage
         self.storage = AccountFileStorage(self.config)
 
-        from certbot.account import Account
+        from certbot._internal.account import Account
         new_authzr_uri = "hi"
         self.acc = Account(
             regr=messages.RegistrationResource(
@@ -162,7 +162,7 @@ def test_find_all_load_skips(self):
         # pylint: disable=protected-access
         self.storage._load_for_server_path = mock.MagicMock(
             side_effect=["x", errors.AccountStorageError, "z"])
-        with mock.patch("certbot.account.os.listdir") as mock_listdir:
+        with mock.patch("certbot._internal.account.os.listdir") as mock_listdir:
             mock_listdir.return_value = ["x", "y", "z"]
             self.assertEqual(["x", "z"], self.storage.find_all())
 
@@ -171,7 +171,7 @@ def test_load_non_existent_raises_error(self):
 
     def _set_server(self, server):
         self.config.server = server
-        from certbot.account import AccountFileStorage
+        from certbot._internal.account import AccountFileStorage
         self.storage = AccountFileStorage(self.config)
 
     def test_find_all_neither_exists(self):

diff --git a/certbot/tests/acme_util.py b/certbot/tests/acme_util.py
@@ -7,7 +7,7 @@
 from acme import challenges
 from acme import messages
 
-from certbot import auth_handler
+from certbot._internal import auth_handler
 
 from certbot.tests import util