chore: merge main back to dev for dependabot commits

.github/workflows/ci.yml

@@ -4,66 +4,146 @@ on:
   push:
     branches:
       - 'main'
+      - 'dev'
   workflow_dispatch:
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
+  cancel-in-progress: true
+
+env:
+  SLEEP: 60
+  DOCKER_BUILDKIT: '1'
+  TARGET_PLATFORMS: "linux/amd64,linux/arm64,linux/arm/v6"
+
+defaults:
+  run:
+    shell: bash
+
 jobs:
-  ShellCheck:
+  lint:
+    name: Lint files
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      -
+        uses: actions/checkout@v3
         with:
           fetch-depth: 1
           persist-credentials: false
-      - name: Shellcheck
+      -
+        name: Check shell scripts
         uses: ludeeus/action-shellcheck@master
-
-  Docker:
-    needs: [Shellcheck]
+  environment:
+    name: Set up environment for docker and poetry
+    needs: [lint]
     runs-on: ubuntu-latest
+    outputs:
+      docker_tags: ${{ steps.docker.outputs.tags }}
+      docker_labels: ${{ steps.docker.outputs.labels }}
     steps:
-      - name: Checkout
+    -
+      name: Cache environment files
+      uses: actions/cache@v3
+      with:
+        path: /tmp/buildkitd.toml
+        key: ${{ github.workflow }}-environment
+    -
+      name: Create buildkitd config
+      run: |
+        echo 'experimantal = true' > /tmp/buildkitd.toml
+        echo 'debug = true' >> /tmp/buildkitd.toml
+        echo 'insecure-entitlements  = [ "security.insecure" ]' >> /tmp/buildkitd.toml
+        # echo '[worker.oci]' >> /tmp/buildkitd.toml
+        # echo 'max-parallelism = 1' >> /tmp/buildkitd.toml
+        cat /tmp/buildkitd.toml
+    -
+      name: Set up Docker metadata
+      id: docker
+      uses: docker/metadata-action@v4
+      with:
+        images: |
+          ${{ github.repository }}
+          ghcr.io/${{ github.repository }}
+        labels: |
+          org.opencontainers.image.source=https://github.com/miigotu/certbot-dns-godaddy
+          org.opencontainers.image.url=https://github.com/miigotu/certbot-dns-godaddy
+          org.opencontainers.image.licenses=Apache-2.0
+        tags: |
+          type=raw,value=latest,enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
+          type=schedule
+          type=ref,event=branch
+          type=ref,event=tag
+          type=ref,event=pr
+          type=raw,prefix=${{ github.ref_name }},suffix=,value=${{ github.run_id }},event=push
+          type=raw,prefix=${{ github.ref_name }},suffix=,value=${{ github.sha }},event=push
+          type=raw,prefix=,suffix=,value=${{ github.head_ref }},event=pr
+          type=raw,prefix=,suffix=,value=${{ github.ref_name }},event=push,enable=${{ github.event_name != 'pull_request' }}
+          type=edge,branch=dev
+          type=semver,pattern={{version}},enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
+          type=semver,pattern={{major}}.{{minor}},enable=${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
+  docker:
+    name: Build and push docker images
+    needs: [environment, lint]
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
         uses: actions/checkout@v3
 
-      - name: Set up QEMU
+      -
+        name: Restore environment files
+        uses: actions/cache@v3
+        with:
+          path: /tmp/buildkitd.toml
+          key: ${{ github.workflow }}-environment
+          restore-keys: ${{ github.workflow }}-environment
+      -
+        name: Set up QEMU
         if: success()
         id: qemu
         uses: docker/setup-qemu-action@v2
 
-      - name: Set up Docker Buildx
+      -
+        name: Set up Docker Buildx
         if: success()
         uses: docker/setup-buildx-action@v2
 
-      - name: Login to GitHub Container Registry
+      -
+        name: Login to GitHub Container Registry
         if: success()
         uses: docker/login-action@v2
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Login to DockerHub
+      -
+        name: Login to DockerHub
         if: success()
         uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
-      - name: Build and push
+      -
+        name: Build and push docker image
         if: success()
         uses: docker/build-push-action@v4
         with:
           context: .
-          platforms:  "linux/amd64,linux/arm64,linux/arm/v6"
-          push: true
-          tags: |
-            ${{ github.repository }}:latest
-            ghcr.io/${{ github.repository }}:latest
-  Poetry:
-    needs: [Shellcheck]
+          platforms: ${{ env.TARGET_PLATFORMS }}
+          push: ${{ github.event_name != 'pull_request' }}
+          labels: ${{ needs.environment.outputs.docker_labels }}
+          tags: ${{ needs.environment.outputs.docker_tags }}
+  poetry:
+    name: Build and publish wheels
+    needs: [environment, lint, docker]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - name: Build and publish to pypi
+      -
+        uses: actions/checkout@v3
+      -
+        name: Build and publish to pypi
         uses: JRubics/[email protected]
         with:
           pypi_token: ${{ secrets.PYPI_TOKEN }}

.gitignore

@@ -1,7 +1,6 @@
 .idea
+.venv
 dist
 *.ini
 *.log*
 work
-yarn.lock
-node_modules

Dockerfile

@@ -1,4 +1,6 @@
-FROM certbot/certbot
+ARG VERSION=v2.6.0
+FROM certbot/certbot:$VERSION
+
 LABEL org.opencontainers.image.source="https://github.com/miigotu/certbot-dns-godaddy"
 LABEL maintainer="[email protected]"
 ENV PYTHONIOENCODING="UTF-8"

README.md

@@ -7,23 +7,31 @@ certbot-dns-godaddy
 
 This plugin automates the process of completing a `dns-01` challenge by creating, and subsequently removing, `TXT` records using the godaddy [API](https://developer.godaddy.com/doc/endpoint/domains) via [lexicon](https://github.com/AnalogJ/lexicon).
 
-**Note:** This manual assumes certbot ≥ v1.7, which has improved the naming scheme for external plugins. If you cannot upgrade, please also refer to the Old option naming scheme\_ section below.
+**Note:** This manual assumes certbot 2.6.0, which has improved the naming scheme for external plugins.
 
 Installation
 ------------
 
-    pip install certbot-dns-godaddy
+    # create a virtual environment, to avoid conflicts
+    python3 -m venv /some/path
+
+    # use the pip in the virtual environment to install or update
+    /some/path/bin/pip install -U certbot-dns-godaddy
+
+    # yse the cerbot from the virtualenv, to avoid accidentally
+    # using one from a different environment that does not have this library
+    /some/path/bin/certbot
 
 Named Arguments
 ---------------
 
 To start using DNS authentication for godaddy, pass the following arguments on certbot's command line:
 
-Option|Description|
----|---|
-`--authenticator dns-godaddy`|select the authenticator plugin (Required)|
-`--dns-godaddy-credentials FILE`|godaddy credentials INI file. (Required)|
-`--dns-godaddy-propagation-seconds NUM`|waiting time for DNS to propagate before asking the ACME server to verify the DNS record. (Default: 30, Recommended: \>= 600)|
+| Option                                  | Description                                                                           |
+|-----------------------------------------|---------------------------------------------------------------------------------------|
+| `--authenticator dns-godaddy`           | select the authenticator plugin (Required)                                            |
+| `--dns-godaddy-credentials FILE`        | godaddy credentials INI file. (Required)                                              |
+| `--dns-godaddy-propagation-seconds NUM` | how long to wait before ACME tries to verify DNS. (Default: 30, Recommended: \>= 600) |
 
 You may need to set an unexpectedly high propagation time (≥ 900 seconds) to give the godaddy DNS time to propagate the entries! This may be annoying when calling certbot manually but should not be a problem in automated setups.
 
@@ -82,21 +90,3 @@ Once that's finished, the application can be run as follows:
         -d example.com -d '*.example.com'
 
 You may want to change the volumes `/var/lib/letsencrypt` and `/etc/letsencrypt` to local directories where the certificates and configuration should be stored.
-
-Old option naming scheme
-------------------------
-
-It is recommended to use the newest certbot version, at least `v1.7`.
-
-If you're using a certbot version below `v1.7` all options related to external plugins (such as this one) must be prefixed by the name of the plugin. This means that every occurence of `dns-godaddy` in the command line options must be replaced by `certbot-dns-godaddy:dns-godaddy`, i.e.:
-
-    --authenticator certbot-dns-godaddy:dns-godaddy
-    --certbot-dns-godaddy:dns-godaddy-credentials
-    --certbot-dns-godaddy:dns-godaddy-propagation-seconds
-
-Further, every occurence of `dns_godaddy` in the config file must be prefixed by `certbot_dns_godaddy:`, resulting in a file like this:
-
-``` {.sourceCode .ini}
-certbot_dns_godaddy:dns_godaddy_key      = ...
-certbot_dns_godaddy:dns_godaddy_secret = ...
-```