We release packages and upload them to PyPI (wheels and source tarballs).
The following scripts are used in the process:
We use git tags to identify releases, using Semantic Versioning. For
Our packages are cryptographically signed and their signature can be verified
using the PGP key
A2CFB51FA275A7286234E7B24D17C995CD9775F2. This key can be
found on major key servers and at https://dl.eff.org/certbot.pub.
Notes for package maintainers¶
- Please use our tagged releases, not
- Do not package
certbot-compatibility-testas it’s only used internally.
- To run tests on our packages, you should use
python setup.py test. Doing things like running
pytestdirectly on our package files may not work because Certbot relies on setuptools to register and find its plugins.
- If you’d like to include automated renewal in your package
certbot renew -qshould be added to crontab or systemd timer. Additionally you should include a random per-machine time offset to avoid having a large number of your clients hit Let’s Encrypt’s servers simultaneously.
jwsis an internal script for
acmemodule and it doesn’t have to be packaged - it’s mostly for debugging: you can use it as
echo foo | jws sign | jws verify.
- Do get in touch with us. We are happy to make any changes that will make packaging easier. If you need to apply some patches don’t do it downstream - make a PR here.