Skip to content
This repository was archived by the owner on Feb 11, 2022. It is now read-only.

certbot/website-builds

BranchesTags

Repository files navigation


<!DOCTYPE html>
<html class="writer-html5" lang="en" >
<head>
  <meta charset="utf-8" />
  
  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  
  <title>Developer Guide &mdash; Certbot 1.21.0.dev0 documentation</title>
  

  
  <link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
  <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
  <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
  <link rel="stylesheet" href="_static/css/theme.css" type="text/css" />

  
  

  
  

  

  
  <!--[if lt IE 9]>
    <script src="_static/js/html5shiv.min.js"></script>
  <![endif]-->
  
    
      <script type="text/javascript" id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
        <script data-url_root="./" id="documentation_options" src="_static/documentation_options.js"></script>
        <script src="_static/jquery.js"></script>
        <script src="_static/underscore.js"></script>
        <script src="_static/doctools.js"></script>
    
    <script type="text/javascript" src="_static/js/theme.js"></script>

    
    <link rel="index" title="Index" href="genindex.html" />
    <link rel="search" title="Search" href="search.html" />
    <link rel="next" title="Packaging Guide" href="packaging.html" />
    <link rel="prev" title="User Guide" href="using.html" /> 
</head>

<body class="wy-body-for-nav">

   
  <div class="wy-grid-for-nav">
    
    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
      <div class="wy-side-scroll">
        <div class="wy-side-nav-search" >
          

          
            <a href="index.html" class="icon icon-home"> Certbot
          

          
          </a>

          
            
            
              <div class="version">
                1.21
              </div>
            
          

          
<div role="search">
  <form id="rtd-search-form" class="wy-form" action="search.html" method="get">
    <input type="text" name="q" placeholder="Search docs" />
    <input type="hidden" name="check_keywords" value="yes" />
    <input type="hidden" name="area" value="default" />
  </form>
</div>

          
        </div>

        
        <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
          
            
            
              
            
            
              <ul class="current">
<li class="toctree-l1"><a class="reference internal" href="intro.html">Introduction</a></li>
<li class="toctree-l1"><a class="reference internal" href="what.html">What is a Certificate?</a></li>
<li class="toctree-l1"><a class="reference internal" href="install.html">Get Certbot</a></li>
<li class="toctree-l1"><a class="reference internal" href="using.html">User Guide</a></li>
<li class="toctree-l1 current"><a class="current reference internal" href="#">Developer Guide</a><ul>
<li class="toctree-l2"><a class="reference internal" href="#getting-started">Getting Started</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#running-a-local-copy-of-the-client">Running a local copy of the client</a></li>
<li class="toctree-l3"><a class="reference internal" href="#find-issues-to-work-on">Find issues to work on</a></li>
<li class="toctree-l3"><a class="reference internal" href="#testing">Testing</a><ul>
<li class="toctree-l4"><a class="reference internal" href="#running-automated-unit-tests">Running automated unit tests</a></li>
<li class="toctree-l4"><a class="reference internal" href="#running-automated-integration-tests">Running automated integration tests</a></li>
<li class="toctree-l4"><a class="reference internal" href="#running-manual-integration-tests">Running manual integration tests</a></li>
<li class="toctree-l4"><a class="reference internal" href="#running-tests-in-ci">Running tests in CI</a></li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="#code-components-and-layout">Code components and layout</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#plugin-architecture">Plugin-architecture</a></li>
<li class="toctree-l3"><a class="reference internal" href="#authenticators">Authenticators</a></li>
<li class="toctree-l3"><a class="reference internal" href="#installer">Installer</a></li>
<li class="toctree-l3"><a class="reference internal" href="#installer-development">Installer Development</a></li>
<li class="toctree-l3"><a class="reference internal" href="#writing-your-own-plugin">Writing your own plugin</a><ul>
<li class="toctree-l4"><a class="reference internal" href="#writing-your-own-plugin-snap">Writing your own plugin snap</a></li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="#coding-style">Coding style</a></li>
<li class="toctree-l2"><a class="reference internal" href="#use-certbot-compat-os-instead-of-os">Use <code class="docutils literal notranslate"><span class="pre">certbot.compat.os</span></code> instead of <code class="docutils literal notranslate"><span class="pre">os</span></code></a></li>
<li class="toctree-l2"><a class="reference internal" href="#mypy-type-annotations">Mypy type annotations</a></li>
<li class="toctree-l2"><a class="reference internal" href="#submitting-a-pull-request">Submitting a pull request</a></li>
<li class="toctree-l2"><a class="reference internal" href="#asking-for-help">Asking for help</a></li>
<li class="toctree-l2"><a class="reference internal" href="#building-the-certbot-and-dns-plugin-snaps">Building the Certbot and DNS plugin snaps</a></li>
<li class="toctree-l2"><a class="reference internal" href="#updating-the-documentation">Updating the documentation</a></li>
<li class="toctree-l2"><a class="reference internal" href="#certbot-s-dependencies">Certbot’s dependencies</a><ul>
<li class="toctree-l3"><a class="reference internal" href="#updating-dependency-versions">Updating dependency versions</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="#running-the-client-with-docker">Running the client with Docker</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="packaging.html">Packaging Guide</a></li>
<li class="toctree-l1"><a class="reference internal" href="compatibility.html">Backwards Compatibility</a></li>
<li class="toctree-l1"><a class="reference internal" href="resources.html">Resources</a></li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="api.html">API Documentation</a></li>
</ul>

            
          
        </div>
        
      </div>
    </nav>

    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">

      
      <nav class="wy-nav-top" aria-label="top navigation">
        
          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
          <a href="index.html">Certbot</a>
        
      </nav>


      <div class="wy-nav-content">
        
        <div class="rst-content">
        
          

















<div role="navigation" aria-label="breadcrumbs navigation">

  <ul class="wy-breadcrumbs">
    
      <li><a href="index.html" class="icon icon-home"></a> &raquo;</li>
        
      <li>Developer Guide</li>
    
    
      <li class="wy-breadcrumbs-aside">
        
          
            <a href="_sources/contributing.rst.txt" rel="nofollow"> View page source</a>
          
        
      </li>
    
  </ul>

  
  <hr/>
</div>
          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
           <div itemprop="articleBody">
            
  <div class="section" id="developer-guide">
<h1>Developer Guide<a class="headerlink" href="#developer-guide" title="Permalink to this headline">¶</a></h1>
<div class="contents local topic" id="table-of-contents">
<p class="topic-title first">Table of Contents</p>
<ul class="simple">
<li><p><a class="reference internal" href="#getting-started" id="id7">Getting Started</a></p>
<ul>
<li><p><a class="reference internal" href="#running-a-local-copy-of-the-client" id="id8">Running a local copy of the client</a></p></li>
<li><p><a class="reference internal" href="#find-issues-to-work-on" id="id9">Find issues to work on</a></p></li>
<li><p><a class="reference internal" href="#testing" id="id10">Testing</a></p>
<ul>
<li><p><a class="reference internal" href="#running-automated-unit-tests" id="id11">Running automated unit tests</a></p></li>
<li><p><a class="reference internal" href="#running-automated-integration-tests" id="id12">Running automated integration tests</a></p></li>
<li><p><a class="reference internal" href="#running-manual-integration-tests" id="id13">Running manual integration tests</a></p></li>
<li><p><a class="reference internal" href="#running-tests-in-ci" id="id14">Running tests in CI</a></p></li>
</ul>
</li>
</ul>
</li>
<li><p><a class="reference internal" href="#code-components-and-layout" id="id15">Code components and layout</a></p>
<ul>
<li><p><a class="reference internal" href="#plugin-architecture" id="id16">Plugin-architecture</a></p></li>
<li><p><a class="reference internal" href="#authenticators" id="id17">Authenticators</a></p></li>
<li><p><a class="reference internal" href="#installer" id="id18">Installer</a></p></li>
<li><p><a class="reference internal" href="#installer-development" id="id19">Installer Development</a></p></li>
<li><p><a class="reference internal" href="#writing-your-own-plugin" id="id20">Writing your own plugin</a></p>
<ul>
<li><p><a class="reference internal" href="#writing-your-own-plugin-snap" id="id21">Writing your own plugin snap</a></p></li>
</ul>
</li>
</ul>
</li>
<li><p><a class="reference internal" href="#coding-style" id="id22">Coding style</a></p></li>
<li><p><a class="reference internal" href="#use-certbot-compat-os-instead-of-os" id="id23">Use <code class="docutils literal notranslate"><span class="pre">certbot.compat.os</span></code> instead of <code class="docutils literal notranslate"><span class="pre">os</span></code></a></p></li>
<li><p><a class="reference internal" href="#mypy-type-annotations" id="id24">Mypy type annotations</a></p></li>
<li><p><a class="reference internal" href="#submitting-a-pull-request" id="id25">Submitting a pull request</a></p></li>
<li><p><a class="reference internal" href="#asking-for-help" id="id26">Asking for help</a></p></li>
<li><p><a class="reference internal" href="#building-the-certbot-and-dns-plugin-snaps" id="id27">Building the Certbot and DNS plugin snaps</a></p></li>
<li><p><a class="reference internal" href="#updating-the-documentation" id="id28">Updating the documentation</a></p></li>
<li><p><a class="reference internal" href="#certbot-s-dependencies" id="id29">Certbot’s dependencies</a></p>
<ul>
<li><p><a class="reference internal" href="#updating-dependency-versions" id="id30">Updating dependency versions</a></p></li>
</ul>
</li>
<li><p><a class="reference internal" href="#running-the-client-with-docker" id="id31">Running the client with Docker</a></p></li>
</ul>
</div>
<div class="section" id="getting-started">
<span id="id1"></span><h2><a class="toc-backref" href="#id7">Getting Started</a><a class="headerlink" href="#getting-started" title="Permalink to this headline">¶</a></h2>
<p>Certbot has the same <a class="reference internal" href="install.html#system-requirements"><span class="std std-ref">system requirements</span></a> when set
up for development.  While the section below will help you install Certbot and
its dependencies, Certbot needs to be run on a UNIX-like OS so if you’re using
Windows, you’ll need to set up a (virtual) machine running an OS such as Linux
and continue with these instructions on that UNIX-like OS.</p>
<div class="section" id="running-a-local-copy-of-the-client">
<span id="prerequisites"></span><span id="local-copy"></span><h3><a class="toc-backref" href="#id8">Running a local copy of the client</a><a class="headerlink" href="#running-a-local-copy-of-the-client" title="Permalink to this headline">¶</a></h3>
<p>Running the client in developer mode from your local tree is a little different
than running Certbot as a user. To get set up, clone our git repository by
running:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>git clone https://github.com/certbot/certbot
</pre></div>
</div>
<p>If you’re on macOS, we recommend you skip the rest of this section and instead
run Certbot in Docker. You can find instructions for how to do this <a class="reference internal" href="#docker-dev"><span class="std std-ref">here</span></a>. If you’re running on Linux, you can run the following commands to
install dependencies and set up a virtual environment where you can run
Certbot.</p>
<p>Install the OS system dependencies required to run Certbot.</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="c1"># For APT-based distributions (e.g. Debian, Ubuntu ...)</span>
sudo apt update
sudo apt install python3-dev python3-venv gcc libaugeas0 libssl-dev <span class="se">\</span>
                 libffi-dev ca-certificates openssl
<span class="c1"># For RPM-based distributions (e.g. Fedora, CentOS ...)</span>
<span class="c1"># NB1: old distributions will use yum instead of dnf</span>
<span class="c1"># NB2: RHEL-based distributions use python3X-devel instead of python3-devel (e.g. python36-devel)</span>
sudo dnf install python3-devel gcc augeas-libs openssl-devel libffi-devel <span class="se">\</span>
                 redhat-rpm-config ca-certificates openssl
</pre></div>
</div>
<p>Set up the Python virtual environment that will host your Certbot local instance.</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">cd</span> certbot
python tools/venv.py
</pre></div>
</div>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>You may need to repeat this when
Certbot’s dependencies change or when a new plugin is introduced.</p>
</div>
<p>You can now run the copy of Certbot from git either by executing
<code class="docutils literal notranslate"><span class="pre">venv/bin/certbot</span></code>, or by activating the virtual environment. You can do the
latter by running:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span><span class="nb">source</span> venv/bin/activate
</pre></div>
</div>
<p>After running this command, <code class="docutils literal notranslate"><span class="pre">certbot</span></code> and development tools like <code class="docutils literal notranslate"><span class="pre">ipdb</span></code>,
<code class="docutils literal notranslate"><span class="pre">ipython</span></code>, <code class="docutils literal notranslate"><span class="pre">pytest</span></code>, and <code class="docutils literal notranslate"><span class="pre">tox</span></code> are available in the shell where you ran
the command. These tools are installed in the virtual environment and are kept
separate from your global Python installation. This works by setting
environment variables so the right executables are found and Python can pull in
the versions of various packages needed by Certbot.  More information can be
found in the <a class="reference external" href="https://virtualenv.pypa.io">virtualenv docs</a>.</p>
</div>
<div class="section" id="find-issues-to-work-on">
<h3><a class="toc-backref" href="#id9">Find issues to work on</a><a class="headerlink" href="#find-issues-to-work-on" title="Permalink to this headline">¶</a></h3>
<p>You can find the open issues in the <a class="reference external" href="https://github.com/certbot/certbot/issues">github issue tracker</a>.  Comparatively
easy ones are marked <a class="reference external" href="https://github.com/certbot/certbot/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22">good first issue</a>.  If you’re starting work on
something, post a comment to let others know and seek feedback on your plan
where appropriate.</p>
<p>Once you’ve got a working branch, you can open a pull request.  All changes in
your pull request must have thorough unit test coverage, pass our
tests, and be compliant with the <a class="reference internal" href="#coding-style"><span class="std std-ref">coding style</span></a>.</p>
</div>
<div class="section" id="testing">
<span id="id2"></span><h3><a class="toc-backref" href="#id10">Testing</a><a class="headerlink" href="#testing" title="Permalink to this headline">¶</a></h3>
<p>You can test your code in several ways:</p>
<ul class="simple">
<li><p>running the <a class="reference internal" href="#automated-unit">automated unit</a> tests,</p></li>
<li><p>running the <a class="reference internal" href="#automated-integration">automated integration</a> tests</p></li>
<li><p>running an <em>ad hoc</em> <a class="reference internal" href="#manual-integration">manual integration</a> test</p></li>
</ul>
<div class="section" id="running-automated-unit-tests">
<span id="automated-unit"></span><h4><a class="toc-backref" href="#id11">Running automated unit tests</a><a class="headerlink" href="#running-automated-unit-tests" title="Permalink to this headline">¶</a></h4>
<p>When you are working in a file <code class="docutils literal notranslate"><span class="pre">foo.py</span></code>, there should also be a file <code class="docutils literal notranslate"><span class="pre">foo_test.py</span></code>
either in the same directory as <code class="docutils literal notranslate"><span class="pre">foo.py</span></code> or in the <code class="docutils literal notranslate"><span class="pre">tests</span></code> subdirectory
(if there isn’t, make one). While you are working on your code and tests, run
<code class="docutils literal notranslate"><span class="pre">python</span> <span class="pre">foo_test.py</span></code> to run the relevant tests.</p>
<p>For debugging, we recommend putting
<code class="docutils literal notranslate"><span class="pre">import</span> <span class="pre">ipdb;</span> <span class="pre">ipdb.set_trace()</span></code> statements inside the source code.</p>
<p>Once you are done with your code changes, and the tests in <code class="docutils literal notranslate"><span class="pre">foo_test.py</span></code>
pass, run all of the unit tests for Certbot and check for coverage with <code class="docutils literal notranslate"><span class="pre">tox</span>
<span class="pre">-e</span> <span class="pre">py3-cover</span></code>. You should then check for code style with <code class="docutils literal notranslate"><span class="pre">tox</span> <span class="pre">-e</span> <span class="pre">lint</span></code> (all
files) or <code class="docutils literal notranslate"><span class="pre">pylint</span> <span class="pre">--rcfile=.pylintrc</span> <span class="pre">path/to/file.py</span></code> (single file at a
time).</p>
<p>Once all of the above is successful, you may run the full test suite using
<code class="docutils literal notranslate"><span class="pre">tox</span> <span class="pre">--skip-missing-interpreters</span></code>. We recommend running the commands above
first, because running all tests like this is very slow, and the large amount
of output can make it hard to find specific failures when they happen.</p>
<div class="admonition warning">
<p class="admonition-title">Warning</p>
<p>The full test suite may attempt to modify your system’s Apache
config if your user has sudo permissions, so it should not be run on a
production Apache server.</p>
</div>
</div>
<div class="section" id="running-automated-integration-tests">
<span id="automated-integration"></span><h4><a class="toc-backref" href="#id12">Running automated integration tests</a><a class="headerlink" href="#running-automated-integration-tests" title="Permalink to this headline">¶</a></h4>
<p>Generally it is sufficient to open a pull request and let Github and Azure Pipelines run
integration tests for you. However, you may want to run them locally before submitting
your pull request. You need Docker and docker-compose installed and working.</p>
<p>The tox environment <code class="xref py py-obj docutils literal notranslate"><span class="pre">integration</span></code> will setup <a class="reference external" href="https://github.com/letsencrypt/pebble">Pebble</a>, the Let’s Encrypt ACME CA server
for integration testing, then launch the Certbot integration tests.</p>
<p>With a user allowed to access your local Docker daemon, run:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>tox -e integration
</pre></div>
</div>
<p>Tests will be run using pytest. A test report and a code coverage report will be
displayed at the end of the integration tests execution.</p>
</div>
<div class="section" id="running-manual-integration-tests">
<span id="manual-integration"></span><h4><a class="toc-backref" href="#id13">Running manual integration tests</a><a class="headerlink" href="#running-manual-integration-tests" title="Permalink to this headline">¶</a></h4>
<p>You can also manually execute Certbot against a local instance of the <a class="reference external" href="https://github.com/letsencrypt/pebble">Pebble</a> ACME server.
This is useful to verify that the modifications done to the code makes Certbot behave as expected.</p>
<p>To do so you need:</p>
<ul class="simple">
<li><p>Docker installed, and a user with access to the Docker client,</p></li>
<li><p>an available <a class="reference internal" href="#local-copy">local copy</a> of Certbot.</p></li>
</ul>
<p>The virtual environment set up with <code class="xref py py-obj docutils literal notranslate"><span class="pre">python</span> <span class="pre">tools/venv.py</span></code> contains two CLI tools
that can be used once the virtual environment is activated:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>run_acme_server
</pre></div>
</div>
<ul class="simple">
<li><p>Starts a local instance of Pebble and runs in the foreground printing its logs.</p></li>
<li><p>Press CTRL+C to stop this instance.</p></li>
<li><p>This instance is configured to validate challenges against certbot executed locally.</p></li>
</ul>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Some options are available to tweak the local ACME server. You can execute
<code class="docutils literal notranslate"><span class="pre">run_acme_server</span> <span class="pre">--help</span></code> to see the inline help of the <code class="docutils literal notranslate"><span class="pre">run_acme_server</span></code> tool.</p>
</div>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>certbot_test <span class="o">[</span>ARGS...<span class="o">]</span>
</pre></div>
</div>
<ul class="simple">
<li><p>Execute certbot with the provided arguments and other arguments useful for testing purposes,
such as: verbose output, full tracebacks in case Certbot crashes, <em>etc.</em></p></li>
<li><p>Execution is preconfigured to interact with the Pebble CA started with <code class="docutils literal notranslate"><span class="pre">run_acme_server</span></code>.</p></li>
<li><p>Any arguments can be passed as they would be to Certbot (eg. <code class="docutils literal notranslate"><span class="pre">certbot_test</span> <span class="pre">certonly</span> <span class="pre">-d</span> <span class="pre">test.example.com</span></code>).</p></li>
</ul>
<p>Here is a typical workflow to verify that Certbot successfully issued a certificate
using an HTTP-01 challenge on a machine with Python 3:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>python tools/venv.py
<span class="nb">source</span> venv/bin/activate
run_acme_server <span class="p">&amp;</span>
certbot_test certonly --standalone -d test.example.com
<span class="c1"># To stop Pebble, launch `fg` to get back the background job, then press CTRL+C</span>
</pre></div>
</div>
</div>
<div class="section" id="running-tests-in-ci">
<h4><a class="toc-backref" href="#id14">Running tests in CI</a><a class="headerlink" href="#running-tests-in-ci" title="Permalink to this headline">¶</a></h4>
<p>Certbot uses Azure Pipelines to run continuous integration tests. If you are using our
Azure setup, a branch whose name starts with <code class="xref py py-obj docutils literal notranslate"><span class="pre">test-</span></code> will run all tests on that branch.</p>
</div>
</div>
</div>
<div class="section" id="code-components-and-layout">
<h2><a class="toc-backref" href="#id15">Code components and layout</a><a class="headerlink" href="#code-components-and-layout" title="Permalink to this headline">¶</a></h2>
<p>The following components of the Certbot repository are distributed to users:</p>
<dl class="simple">
<dt>acme</dt><dd><p>contains all protocol specific code</p>
</dd>
<dt>certbot</dt><dd><p>main client code</p>
</dd>
<dt>certbot-apache and certbot-nginx</dt><dd><p>client code to configure specific web servers</p>
</dd>
<dt>certbot-dns-*</dt><dd><p>client code to configure DNS providers</p>
</dd>
<dt>windows installer</dt><dd><p>Installs Certbot on Windows and is built using the files in windows-installer/</p>
</dd>
</dl>
<div class="section" id="plugin-architecture">
<h3><a class="toc-backref" href="#id16">Plugin-architecture</a><a class="headerlink" href="#plugin-architecture" title="Permalink to this headline">¶</a></h3>
<p>Certbot has a plugin architecture to facilitate support for
different webservers, other TLS servers, and operating systems.
The interfaces available for plugins to implement are defined in
<a class="reference external" href="https://github.com/certbot/certbot/blob/master/certbot/certbot/interfaces.py">interfaces.py</a> and <a class="reference external" href="https://github.com/certbot/certbot/blob/master/certbot/certbot/plugins/common.py#L45">plugins/common.py</a>.</p>
<p>The main two plugin interfaces are <a class="reference internal" href="api/certbot.interfaces.html#certbot.interfaces.Authenticator" title="certbot.interfaces.Authenticator"><code class="xref py py-obj docutils literal notranslate"><span class="pre">Authenticator</span></code></a>, which
implements various ways of proving domain control to a certificate authority,
and <a class="reference internal" href="api/certbot.interfaces.html#certbot.interfaces.Installer" title="certbot.interfaces.Installer"><code class="xref py py-obj docutils literal notranslate"><span class="pre">Installer</span></code></a>, which configures a server to use a
certificate once it is issued. Some plugins, like the built-in Apache and Nginx
plugins, implement both interfaces and perform both tasks. Others, like the
built-in Standalone authenticator, implement just one interface.</p>
</div>
<div class="section" id="authenticators">
<h3><a class="toc-backref" href="#id17">Authenticators</a><a class="headerlink" href="#authenticators" title="Permalink to this headline">¶</a></h3>
<p>Authenticators are plugins that prove control of a domain name by solving a
challenge provided by the ACME server. ACME currently defines several types of
challenges: HTTP, TLS-ALPN, and DNS, represented by classes in <a class="reference external" href="https://acme-python.readthedocs.io/en/latest/api/challenges.html#module-acme.challenges" title="(in acme-python v0)"><code class="xref py py-obj docutils literal notranslate"><span class="pre">acme.challenges</span></code></a>.
An authenticator plugin should implement support for at least one challenge type.</p>
<p>An Authenticator indicates which challenges it supports by implementing
<code class="xref py py-obj docutils literal notranslate"><span class="pre">get_chall_pref(domain)</span></code> to return a sorted list of challenge types in
preference order.</p>
<p>An Authenticator must also implement <code class="xref py py-obj docutils literal notranslate"><span class="pre">perform(achalls)</span></code>, which “performs” a list
of challenges by, for instance, provisioning a file on an HTTP server, or
setting a TXT record in DNS. Once all challenges have succeeded or failed,
Certbot will call the plugin’s <code class="xref py py-obj docutils literal notranslate"><span class="pre">cleanup(achalls)</span></code> method to remove any files or
DNS records that were needed only during authentication.</p>
</div>
<div class="section" id="installer">
<h3><a class="toc-backref" href="#id18">Installer</a><a class="headerlink" href="#installer" title="Permalink to this headline">¶</a></h3>
<p>Installers plugins exist to actually setup the certificate in a server,
possibly tweak the security configuration to make it more correct and secure
(Fix some mixed content problems, turn on HSTS, redirect to HTTPS, etc).
Installer plugins tell the main client about their abilities to do the latter
via the <a class="reference internal" href="api/certbot.interfaces.html#certbot.interfaces.Installer.supported_enhancements" title="certbot.interfaces.Installer.supported_enhancements"><code class="xref py py-meth docutils literal notranslate"><span class="pre">supported_enhancements()</span></code></a> call. We currently
have two Installers in the tree, the <code class="xref py py-obj docutils literal notranslate"><span class="pre">ApacheConfigurator</span></code>. and the
<code class="xref py py-obj docutils literal notranslate"><span class="pre">NginxConfigurator</span></code>.  External projects have made some progress toward
support for IIS, Icecast and Plesk.</p>
<p>Installers and Authenticators will oftentimes be the same class/object
(because for instance both tasks can be performed by a webserver like nginx)
though this is not always the case (the standalone plugin is an authenticator
that listens on port 80, but it cannot install certificates; a postfix plugin
would be an installer but not an authenticator).</p>
<p>Installers and Authenticators are kept separate because
it should be possible to use the <code class="xref py py-obj docutils literal notranslate"><span class="pre">StandaloneAuthenticator</span></code> (it sets
up its own Python server to perform challenges) with a program that
cannot solve challenges itself (Such as MTA installers).</p>
</div>
<div class="section" id="installer-development">
<h3><a class="toc-backref" href="#id19">Installer Development</a><a class="headerlink" href="#installer-development" title="Permalink to this headline">¶</a></h3>
<p>There are a few existing classes that may be beneficial while
developing a new <a class="reference internal" href="api/certbot.interfaces.html#certbot.interfaces.Installer" title="certbot.interfaces.Installer"><code class="xref py py-obj docutils literal notranslate"><span class="pre">Installer</span></code></a>.
Installers aimed to reconfigure UNIX servers may use Augeas for
configuration parsing and can inherit from <code class="xref py py-obj docutils literal notranslate"><span class="pre">AugeasConfigurator</span></code> class
to handle much of the interface. Installers that are unable to use
Augeas may still find the <a class="reference internal" href="api/certbot.reverter.html#certbot.reverter.Reverter" title="certbot.reverter.Reverter"><code class="xref py py-obj docutils literal notranslate"><span class="pre">Reverter</span></code></a> class helpful in handling
configuration checkpoints and rollback.</p>
</div>
<div class="section" id="writing-your-own-plugin">
<span id="dev-plugin"></span><h3><a class="toc-backref" href="#id20">Writing your own plugin</a><a class="headerlink" href="#writing-your-own-plugin" title="Permalink to this headline">¶</a></h3>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>The Certbot team is not currently accepting any new DNS plugins
because we want to rethink our approach to the challenge and resolve some
issues like <a class="reference external" href="https://github.com/certbot/certbot/issues/6464">#6464</a>,
<a class="reference external" href="https://github.com/certbot/certbot/issues/6503">#6503</a>, and <a class="reference external" href="https://github.com/certbot/certbot/issues/6504">#6504</a> first.</p>
<p>In the meantime, you’re welcome to release it as a third-party plugin. See
<a class="reference external" href="https://github.com/m42e/certbot-dns-ispconfig">certbot-dns-ispconfig</a>
for one example of that.</p>
</div>
<p>Certbot client supports dynamic discovery of plugins through the
<a class="reference external" href="https://setuptools.readthedocs.io/en/latest/pkg_resources.html#entry-points">setuptools entry points</a> using the <a class="reference internal" href="api/certbot.plugins.html#module-certbot.plugins" title="certbot.plugins"><code class="xref py py-obj docutils literal notranslate"><span class="pre">certbot.plugins</span></code></a> group. This
way you can, for example, create a custom implementation of
<a class="reference internal" href="api/certbot.interfaces.html#certbot.interfaces.Authenticator" title="certbot.interfaces.Authenticator"><code class="xref py py-obj docutils literal notranslate"><span class="pre">Authenticator</span></code></a> or the
<a class="reference internal" href="api/certbot.interfaces.html#certbot.interfaces.Installer" title="certbot.interfaces.Installer"><code class="xref py py-obj docutils literal notranslate"><span class="pre">Installer</span></code></a> without having to merge it
with the core upstream source code. An example is provided in
<code class="docutils literal notranslate"><span class="pre">examples/plugins/</span></code> directory.</p>
<p>While developing, you can install your plugin into a Certbot development
virtualenv like this:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>. venv/bin/activate
pip install -e examples/plugins/
certbot_test plugins
</pre></div>
</div>
<p>Your plugin should show up in the output of the last command. If not,
it was not installed properly.</p>
<p>Once you’ve finished your plugin and published it, you can have your
users install it system-wide with <code class="xref py py-obj docutils literal notranslate"><span class="pre">pip</span> <span class="pre">install</span></code>. Note that this will
only work for users who have Certbot installed from OS packages or via
pip.</p>
<div class="section" id="writing-your-own-plugin-snap">
<h4><a class="toc-backref" href="#id21">Writing your own plugin snap</a><a class="headerlink" href="#writing-your-own-plugin-snap" title="Permalink to this headline">¶</a></h4>
<p>If you’d like your plugin to be used alongside the Certbot snap, you
will also have to publish your plugin as a snap. Plugin snaps are
regular confined snaps, but normally do not provide any “apps”
themselves. Plugin snaps export loadable Python modules to the Certbot
snap.</p>
<p>When the Certbot snap runs, it will use its version of Python and prefer
Python modules contained in its own snap over modules contained in
external snaps. This means that your snap doesn’t have to contain things
like an extra copy of Python, Certbot, or their dependencies, but also
that if you need a different version of a dependency than is already
installed in the Certbot snap, the Certbot snap will have to be updated.</p>
<p>Certbot plugin snaps expose their Python modules to the Certbot snap via a
<a class="reference external" href="https://snapcraft.io/docs/content-interface">snap content interface</a> where <code class="docutils literal notranslate"><span class="pre">certbot-1</span></code> is the value for the <code class="docutils literal notranslate"><span class="pre">content</span></code>
attribute. The Certbot snap only uses this to find the names of connected
plugin snaps and it expects to find the Python modules to be loaded under
<code class="docutils literal notranslate"><span class="pre">lib/python3.8/site-packages/</span></code> in the plugin snap. This location is the
default when using the <code class="docutils literal notranslate"><span class="pre">core20</span></code> <a class="reference external" href="https://snapcraft.io/docs/base-snaps">base snap</a> and the <a class="reference external" href="https://snapcraft.io/docs/python-plugin">python snapcraft
plugin</a>.</p>
<p>The Certbot snap also provides a separate content interface which
you can use to get metadata about the Certbot snap using the <code class="docutils literal notranslate"><span class="pre">content</span></code>
identifier <code class="docutils literal notranslate"><span class="pre">metadata-1</span></code>.</p>
<p>The script used to generate the snapcraft.yaml files for our own externally
snapped plugins can be found at
<a class="reference external" href="https://github.com/certbot/certbot/blob/master/tools/snap/generate_dnsplugins_snapcraft.sh">https://github.com/certbot/certbot/blob/master/tools/snap/generate_dnsplugins_snapcraft.sh</a>.</p>
<p>For more information on building externally snapped plugins, see the section on
<a class="reference internal" href="#building-snaps"><span class="std std-ref">Building the Certbot and DNS plugin snaps</span></a>.</p>
<p>Once you have created your own snap, if you have the snap file locally,
it can be installed for use with Certbot by running:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>snap install --classic certbot
snap <span class="nb">set</span> certbot trust-plugin-with-root<span class="o">=</span>ok
snap install --dangerous your-snap-filename.snap
sudo snap connect certbot:plugin your-snap-name
sudo /snap/bin/certbot plugins
</pre></div>
</div>
<p>If everything worked, the last command should list your plugin in the
list of plugins found by Certbot. Once your snap is published to the
snap store, it will be installable through the name of the snap on the
snap store without the <code class="docutils literal notranslate"><span class="pre">--dangerous</span></code> flag. If you are also using
Certbot’s metadata interface, you can run <code class="docutils literal notranslate"><span class="pre">sudo</span> <span class="pre">snap</span> <span class="pre">connect</span>
<span class="pre">your-snap-name:your-plug-name-for-metadata</span> <span class="pre">certbot:certbot-metadata</span></code> to
connect your snap to it.</p>
</div>
</div>
</div>
<div class="section" id="coding-style">
<span id="id6"></span><h2><a class="toc-backref" href="#id22">Coding style</a><a class="headerlink" href="#coding-style" title="Permalink to this headline">¶</a></h2>
<p>Please:</p>
<ol class="arabic">
<li><p><strong>Be consistent with the rest of the code</strong>.</p></li>
<li><p>Read <a class="reference external" href="https://www.python.org/dev/peps/pep-0008">PEP 8 - Style Guide for Python Code</a>.</p></li>
<li><p>Follow the <a class="reference external" href="https://google.github.io/styleguide/pyguide.html">Google Python Style Guide</a>, with the exception that we
use <a class="reference external" href="https://www.sphinx-doc.org/">Sphinx-style</a> documentation:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="k">def</span> <span class="nf">foo</span><span class="p">(</span><span class="n">arg</span><span class="p">):</span>
    <span class="sd">&quot;&quot;&quot;Short description.</span>

<span class="sd">    :param int arg: Some number.</span>

<span class="sd">    :returns: Argument</span>
<span class="sd">    :rtype: int</span>

<span class="sd">    &quot;&quot;&quot;</span>
    <span class="k">return</span> <span class="n">arg</span>
</pre></div>
</div>
</li>
<li><p>Remember to use <code class="docutils literal notranslate"><span class="pre">pylint</span></code>.</p></li>
<li><p>You may consider installing a plugin for <a class="reference external" href="https://editorconfig.org/">editorconfig</a> in
your editor to prevent some linting warnings.</p></li>
<li><p>Please avoid <code class="xref py py-obj docutils literal notranslate"><span class="pre">unittest.assertTrue</span></code> or <code class="xref py py-obj docutils literal notranslate"><span class="pre">unittest.assertFalse</span></code> when
possible, and use <code class="xref py py-obj docutils literal notranslate"><span class="pre">assertEqual</span></code> or more specific assert. They give
better messages when it’s failing, and are generally more correct.</p></li>
</ol>
</div>
<div class="section" id="use-certbot-compat-os-instead-of-os">
<h2><a class="toc-backref" href="#id23">Use <code class="docutils literal notranslate"><span class="pre">certbot.compat.os</span></code> instead of <code class="docutils literal notranslate"><span class="pre">os</span></code></a><a class="headerlink" href="#use-certbot-compat-os-instead-of-os" title="Permalink to this headline">¶</a></h2>
<p>Python’s standard library <code class="docutils literal notranslate"><span class="pre">os</span></code> module lacks full support for several Windows
security features about file permissions (eg. DACLs). However several files
handled by Certbot (eg. private keys) need strongly restricted access
on both Linux and Windows.</p>
<p>To help with this, the <code class="docutils literal notranslate"><span class="pre">certbot.compat.os</span></code> module wraps the standard
<code class="docutils literal notranslate"><span class="pre">os</span></code> module, and forbids usage of methods that lack support for these Windows
security features.</p>
<p>As a developer, when working on Certbot or its plugins, you must use <code class="docutils literal notranslate"><span class="pre">certbot.compat.os</span></code>
in every place you would need <code class="docutils literal notranslate"><span class="pre">os</span></code> (eg. <code class="docutils literal notranslate"><span class="pre">from</span> <span class="pre">certbot.compat</span> <span class="pre">import</span> <span class="pre">os</span></code> instead of
<code class="docutils literal notranslate"><span class="pre">import</span> <span class="pre">os</span></code>). Otherwise the tests will fail when your PR is submitted.</p>
</div>
<div class="section" id="mypy-type-annotations">
<span id="type-annotations"></span><h2><a class="toc-backref" href="#id24">Mypy type annotations</a><a class="headerlink" href="#mypy-type-annotations" title="Permalink to this headline">¶</a></h2>
<p>Certbot uses the <a class="reference external" href="https://mypy.readthedocs.io">mypy</a> static type checker. Python 3 natively supports official type annotations,
which can then be tested for consistency using mypy. Mypy does some type checks even without type
annotations; we can find bugs in Certbot even without a fully annotated codebase.</p>
<p>Zulip wrote a <a class="reference external" href="https://blog.zulip.org/2016/10/13/static-types-in-python-oh-mypy/">great guide</a> to using mypy. It’s useful, but you don’t have to read the whole thing
to start contributing to Certbot.</p>
<p>To run mypy on Certbot, use <code class="docutils literal notranslate"><span class="pre">tox</span> <span class="pre">-e</span> <span class="pre">mypy</span></code> on a machine that has Python 3 installed.</p>
<p>Also note that OpenSSL, which we rely on, has type definitions for crypto but not SSL. We use both.
Those imports should look like this:</p>
<div class="highlight-python notranslate"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">OpenSSL</span> <span class="kn">import</span> <span class="n">crypto</span>
<span class="kn">from</span> <span class="nn">OpenSSL</span> <span class="kn">import</span> <span class="n">SSL</span>
</pre></div>
</div>
</div>
<div class="section" id="submitting-a-pull-request">
<h2><a class="toc-backref" href="#id25">Submitting a pull request</a><a class="headerlink" href="#submitting-a-pull-request" title="Permalink to this headline">¶</a></h2>
<p>Steps:</p>
<ol class="arabic simple">
<li><p>Write your code! When doing this, you should add <a class="reference internal" href="#type-annotations"><span class="std std-ref">mypy type annotations</span></a> for any functions you add or modify. You can check that
you’ve done this correctly by running <code class="docutils literal notranslate"><span class="pre">tox</span> <span class="pre">-e</span> <span class="pre">mypy</span></code> on a machine that has
Python 3 installed.</p></li>
<li><p>Make sure your environment is set up properly and that you’re in your
virtualenv. You can do this by following the instructions in the
<a class="reference internal" href="#getting-started"><span class="std std-ref">Getting Started</span></a> section.</p></li>
<li><p>Run <code class="docutils literal notranslate"><span class="pre">tox</span> <span class="pre">-e</span> <span class="pre">lint</span></code> to check for pylint errors. Fix any errors.</p></li>
<li><p>Run <code class="docutils literal notranslate"><span class="pre">tox</span> <span class="pre">--skip-missing-interpreters</span></code> to run the entire test suite
including coverage. The <code class="docutils literal notranslate"><span class="pre">--skip-missing-interpreters</span></code> argument ignores
missing versions of Python needed for running the tests. Fix any errors.</p></li>
<li><p>If any documentation should be added or updated as part of the changes you
have made, please include the documentation changes in your PR.</p></li>
<li><p>Submit the PR. Once your PR is open, please do not force push to the branch
containing your pull request to squash or amend commits. We use <a class="reference external" href="https://github.com/blog/2141-squash-your-commits">squash
merges</a> on PRs and
rewriting commits makes changes harder to track between reviews.</p></li>
<li><p>Did your tests pass on Azure Pipelines? If they didn’t, fix any errors.</p></li>
</ol>
</div>
<div class="section" id="asking-for-help">
<span id="ask-for-help"></span><h2><a class="toc-backref" href="#id26">Asking for help</a><a class="headerlink" href="#asking-for-help" title="Permalink to this headline">¶</a></h2>
<p>If you have any questions while working on a Certbot issue, don’t hesitate to
ask for help! You can do this in the Certbot channel in EFF’s Mattermost
instance for its open source projects as described below.</p>
<p>You can get involved with several of EFF’s software projects such as Certbot at
the <a class="reference external" href="https://opensource.eff.org/signup_user_complete/?id=6iqur37ucfrctfswrs14iscobw">EFF Open Source Contributor Chat Platform</a>.
By signing up for the EFF Open Source Contributor Chat Platform, you consent to
share your personal information with the Electronic Frontier Foundation, which
is the operator and data controller for this platform. The channels will be
available both to EFF, and to other users of EFFOSCCP, who may use or disclose
information in these channels outside of EFFOSCCP. EFF will use your
information, according to the <a class="reference external" href="https://www.eff.org/policy">Privacy Policy</a>,
to further the mission of EFF, including hosting and moderating the discussions
on this platform.</p>
<p>Use of EFFOSCCP is subject to the <a class="reference external" href="https://www.eff.org/pages/eppcode">EFF Code of Conduct</a>. When investigating an alleged Code of
Conduct violation, EFF may review discussion channels or direct messages.</p>
</div>
<div class="section" id="building-the-certbot-and-dns-plugin-snaps">
<span id="building-snaps"></span><h2><a class="toc-backref" href="#id27">Building the Certbot and DNS plugin snaps</a><a class="headerlink" href="#building-the-certbot-and-dns-plugin-snaps" title="Permalink to this headline">¶</a></h2>
<p>Instructions for how to manually build and run the Certbot snap and the externally
snapped DNS plugins that the Certbot project supplies are located in the README
file at <a class="reference external" href="https://github.com/certbot/certbot/tree/master/tools/snap">https://github.com/certbot/certbot/tree/master/tools/snap</a>.</p>
</div>
<div class="section" id="updating-the-documentation">
<h2><a class="toc-backref" href="#id28">Updating the documentation</a><a class="headerlink" href="#updating-the-documentation" title="Permalink to this headline">¶</a></h2>
<p>Many of the packages in the Certbot repository have documentation in a
<code class="docutils literal notranslate"><span class="pre">docs/</span></code> directory. This directory is located under the top level directory
for the package. For instance, Certbot’s documentation is under
<code class="docutils literal notranslate"><span class="pre">certbot/docs</span></code>.</p>
<p>To build the documentation of a package, make sure you have followed the
instructions to set up a <a class="reference internal" href="#local-copy">local copy</a> of Certbot including activating the
virtual environment. After that, <code class="docutils literal notranslate"><span class="pre">cd</span></code> to the docs directory you want to build
and run the command:</p>
<div class="highlight-shell notranslate"><div class="highlight"><pre><span></span>make clean html
</pre></div>
</div>
<p>This would generate the HTML documentation in <code class="docutils literal notranslate"><span class="pre">_build/html</span></code> in your current
<code class="docutils literal notranslate"><span class="pre">docs/</span></code> directory.</p>
</div>
<div class="section" id="certbot-s-dependencies">
<h2><a class="toc-backref" href="#id29">Certbot’s dependencies</a><a class="headerlink" href="#certbot-s-dependencies" title="Permalink to this headline">¶</a></h2>
<p>We attempt to pin all of Certbot’s dependencies whenever we can for reliability
and consistency. Some of the places we have Certbot’s dependencies pinned
include our snaps, Docker images, Windows installer, CI, and our development
environments.</p>
<p>In most cases, the file where dependency versions are specified is
<code class="docutils literal notranslate"><span class="pre">tools/requirements.txt</span></code>. There are two exceptions to this. The first is our
“oldest” tests where <code class="docutils literal notranslate"><span class="pre">tools/oldest_constraints.txt</span></code> is used instead. The
purpose of the “oldest” tests is to ensure Certbot continues to work with the
oldest versions of our dependencies which we claim to support. The oldest
versions of the dependencies we support should also be declared in our setup.py
files to communicate this information to our users.</p>
<p>The second exception to using <code class="docutils literal notranslate"><span class="pre">tools/requirements.txt</span></code> is in our unpinned
tests. As of writing this, there is one test we run nightly in CI where we
leave Certbot’s dependencies unpinned. The thinking behind this test is to help
us learn about breaking changes in our dependencies so that we can respond
accordingly.</p>
<p>The choices of whether Certbot’s dependencies are pinned and what file is used
if they are should be automatically handled for you most of the time by
Certbot’s tooling. The way it works though is <code class="docutils literal notranslate"><span class="pre">tools/pip_install.py</span></code> (which
many of our other tools build on) checks for the presence of environment
variables. If <code class="docutils literal notranslate"><span class="pre">CERTBOT_NO_PIN</span></code> is set to 1, Certbot’s dependencies will not
be pinned. If that variable is not set and <code class="docutils literal notranslate"><span class="pre">CERTBOT_OLDEST</span></code> is set to 1,
<code class="docutils literal notranslate"><span class="pre">tools/oldest_constraints.txt</span></code> will be used as constraints for <code class="docutils literal notranslate"><span class="pre">pip</span></code>.
Otherwise, <code class="docutils literal notranslate"><span class="pre">tools/requirements.txt</span></code> is used as constraints.</p>
<div class="section" id="updating-dependency-versions">
<h3><a class="toc-backref" href="#id30">Updating dependency versions</a><a class="headerlink" href="#updating-dependency-versions" title="Permalink to this headline">¶</a></h3>
<p><code class="docutils literal notranslate"><span class="pre">tools/requirements.txt</span></code> and <code class="docutils literal notranslate"><span class="pre">tools/oldest_constraints.txt</span></code> can be updated
using <code class="docutils literal notranslate"><span class="pre">tools/pinning/current/repin.sh</span></code> and <code class="docutils literal notranslate"><span class="pre">tools/pinning/oldest/repin.sh</span></code>
respectively. This works by using <code class="docutils literal notranslate"><span class="pre">poetry</span></code> to generate pinnings based on a
Poetry project defined by the <code class="docutils literal notranslate"><span class="pre">pyproject.toml</span></code> file in the same directory as
the script. In many cases, you can just run the script to generate updated
dependencies, however, if you need to pin back packages or unpin packages that
were previously restricted to an older version, you will need to modify the
<code class="docutils literal notranslate"><span class="pre">pyproject.toml</span></code> file. The syntax used by this file is described at
<a class="reference external" href="https://python-poetry.org/docs/pyproject/">https://python-poetry.org/docs/pyproject/</a> and how dependencies are specified in
this file is further described at
<a class="reference external" href="https://python-poetry.org/docs/dependency-specification/">https://python-poetry.org/docs/dependency-specification/</a>.</p>
<p>If you want to learn more about the design used here, see
<code class="docutils literal notranslate"><span class="pre">tools/pinning/DESIGN.md</span></code> in the Certbot repo.</p>
</div>
</div>
<div class="section" id="running-the-client-with-docker">
<span id="docker-dev"></span><h2><a class="toc-backref" href="#id31">Running the client with Docker</a><a class="headerlink" href="#running-the-client-with-docker" title="Permalink to this headline">¶</a></h2>
<p>You can use Docker Compose to quickly set up an environment for running and
testing Certbot. To install Docker Compose, follow the instructions at
<a class="reference external" href="https://docs.docker.com/compose/install/">https://docs.docker.com/compose/install/</a>.</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Linux users can simply run <code class="docutils literal notranslate"><span class="pre">pip</span> <span class="pre">install</span> <span class="pre">docker-compose</span></code> to get
Docker Compose after installing Docker Engine and activating your shell as
described in the <a class="reference internal" href="#getting-started"><span class="std std-ref">Getting Started</span></a> section.</p>
</div>
<p>Now you can develop on your host machine, but run Certbot and test your changes
in Docker. When using <code class="docutils literal notranslate"><span class="pre">docker-compose</span></code> make sure you are inside your clone of
the Certbot repository. As an example, you can run the following command to
check for linting errors:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">docker</span><span class="o">-</span><span class="n">compose</span> <span class="n">run</span> <span class="o">--</span><span class="n">rm</span> <span class="o">--</span><span class="n">service</span><span class="o">-</span><span class="n">ports</span> <span class="n">development</span> <span class="n">bash</span> <span class="o">-</span><span class="n">c</span> <span class="s1">&#39;tox -e lint&#39;</span>
</pre></div>
</div>
<p>You can also leave a terminal open running a shell in the Docker container and
modify Certbot code in another window. The Certbot repo on your host machine is
mounted inside of the container so any changes you make immediately take
effect. To do this, run:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">docker</span><span class="o">-</span><span class="n">compose</span> <span class="n">run</span> <span class="o">--</span><span class="n">rm</span> <span class="o">--</span><span class="n">service</span><span class="o">-</span><span class="n">ports</span> <span class="n">development</span> <span class="n">bash</span>
</pre></div>
</div>
<p>Now running the check for linting errors described above is as easy as:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">tox</span> <span class="o">-</span><span class="n">e</span> <span class="n">lint</span>
</pre></div>
</div>
</div>
</div>


           </div>
           
          </div>
          <footer>
  
    <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
      
        <a href="packaging.html" class="btn btn-neutral float-right" title="Packaging Guide" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right"></span></a>
      
      
        <a href="using.html" class="btn btn-neutral" title="User Guide" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left"></span> Previous</a>
      
    </div>
  

  <hr/>

  <div role="contentinfo">
    <p>
    <span class="copyright">
    &copy; Copyright 2014-2018 - The Certbot software and documentation are licensed under the Apache 2.0 license as described at <a href="https://eff.org/cb-license">https://eff.org/cb-license</a>.
    </span>
    <br>
    <br>
    <span class="status">
        <a href="https://letsencrypt.status.io/">Let's Encrypt Status</a>
    </span>

    </p>
  </div>
  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>. 

</footer>
        </div>
      </div>

    </section>

  </div>
  

  <script type="text/javascript">
      jQuery(function () {
          SphinxRtdTheme.Navigation.enable(true);
      });
  </script>

  
  
    
   

</body>
</html>

About

Travis builds for certbot.eff.org

Contributing

Contributing
Activity
Custom properties

Stars

12 stars

Watchers

9 watching

Forks

10 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages