boulder

Commit Graph

Author	SHA1	Message	Date
Aaron Gable	a3ddc42c86	Update Public Suffix List (#6429 ) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>	2022-10-03 10:05:21 -07:00
Jacob Hoffman-Andrews	1014a81606	Switch to modules (#4211 ) Because the package versions in go.mod match what we use in Godeps.json, there are no substantive code diffs. However, there are some tiny differences resulting from how go mod vendors things differently than godep: go mod does not preserve executable permissions on shell scripts Some packages have import lines like: package ocsp // import "golang.org/x/crypto/ocsp" godep used to remove the comment from these lines, but go mod vendor does not. This introduces several indirect dependencies that we didn't have before. This is because godep used to operate at a package level, but go mod operates at a module (~= repository) level. So if we used a given repository, but didn't use all of its packages, we wouldn't previously care about the transitive dependencies of the packages we weren't using. However, in the go mod world, once we care about the repository, we care about all of that repository's transitive dependencies. AFAICT this doesn't affect vendoring. Fixes #4116	2019-05-23 14:14:00 -07:00
Daniel McCarney	893e8459d6	Use pebble-challtestrv cmd, letsencrypt/challtestsrv package. (#3980 ) Now that Pebble has a `pebble-challtestsrv` we can remove the `challtestrv` package and associated command from Boulder. I switched CI to use `pebble-challtestsrv`. Notably this means that we have to add our expected mock data using the HTTP management interface. The Boulder-tools images are regenerated to include the `pebble-challtestsrv` command. Using this approach also allows separating the TLS-ALPN-01 and HTTPS HTTP-01 challenges by binding each challenge type in the `pebble-challtestsrv` to different interfaces both using the same VA HTTPS port. Mock DNS directs the VA to the correct interface. The load-generator command that was previously using the `challtestsrv` package from Boulder is updated to use a vendored copy of the new `github.org/letsencrypt/challtestsrv` package. Vendored dependencies change in two ways: 1) Gomock is updated to the latest release (matching what the Bouldertools image provides) 2) A couple of new subpackages in `golang.org/x/net/` are added by way of transitive dependency through the challtestsrv package. Unit tests are confirmed to pass for `gomock`: ``` ~/go/src/github.com/golang/mock/gomock$ git log --pretty=format:'%h' -n 1 51421b9 ~/go/src/github.com/golang/mock/gomock$ go test ./... ok github.com/golang/mock/gomock 0.002s ? github.com/golang/mock/gomock/internal/mock_matcher [no test files] ``` For `/x/net` all tests pass except two `/x/net/icmp` `TestDiag.go` test cases that we have agreed are OK to ignore. Resolves https://github.com/letsencrypt/boulder/issues/3962 and https://github.com/letsencrypt/boulder/issues/3951	2018-12-12 14:32:56 -05:00

Author

SHA1

Message

Date

Aaron Gable

a3ddc42c86

Update Public Suffix List (#6429 )

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

2022-10-03 10:05:21 -07:00

Jacob Hoffman-Andrews

1014a81606

Switch to modules (#4211 )

Because the package versions in go.mod match what we use in Godeps.json,
there are no substantive code diffs. However, there are some tiny
differences resulting from how go mod vendors things differently than
godep:

go mod does not preserve executable permissions on shell scripts
Some packages have import lines like:
package ocsp // import "golang.org/x/crypto/ocsp"

godep used to remove the comment from these lines, but go mod vendor does not.

This introduces several indirect dependencies that we didn't have
before. This is because godep used to operate at a package level, but
go mod operates at a module (~= repository) level. So if we used a
given repository, but didn't use all of its packages, we wouldn't
previously care about the transitive dependencies of the packages we
weren't using. However, in the go mod world, once we care about the
repository, we care about all of that repository's transitive
dependencies. AFAICT this doesn't affect vendoring.

Fixes #4116

2019-05-23 14:14:00 -07:00

Daniel McCarney

893e8459d6

Use pebble-challtestrv cmd, letsencrypt/challtestsrv package. (#3980 )

Now that Pebble has a `pebble-challtestsrv` we can remove the `challtestrv`
package and associated command from Boulder. I switched CI to use
`pebble-challtestsrv`. Notably this means that we have to add our expected mock
data using the HTTP management interface. The Boulder-tools images are
regenerated to include the `pebble-challtestsrv` command.

Using this approach also allows separating the TLS-ALPN-01 and HTTPS HTTP-01
challenges by binding each challenge type in the `pebble-challtestsrv` to
different interfaces both using the same VA
HTTPS port. Mock DNS directs the VA to the correct interface.

The load-generator command that was previously using the `challtestsrv` package
from Boulder is updated to use a vendored copy of the new
`github.org/letsencrypt/challtestsrv` package.

Vendored dependencies change in two ways:
1) Gomock is updated to the latest release (matching what the Bouldertools image
   provides)
2) A couple of new subpackages in `golang.org/x/net/` are added by way of
   transitive dependency through the challtestsrv package.

Unit tests are confirmed to pass for `gomock`:
```
~/go/src/github.com/golang/mock/gomock$ git log --pretty=format:'%h' -n 1
51421b9
~/go/src/github.com/golang/mock/gomock$ go test ./...
ok    github.com/golang/mock/gomock 0.002s
?     github.com/golang/mock/gomock/internal/mock_matcher [no test files]
```
For `/x/net` all tests pass except two `/x/net/icmp` `TestDiag.go` test cases
that we have agreed are OK to ignore.

Resolves https://github.com/letsencrypt/boulder/issues/3962 and
https://github.com/letsencrypt/boulder/issues/3951

2018-12-12 14:32:56 -05:00

3 Commits