build: acme.sh 2.9.0 -> 3.0.7

Author: buchdag

Dockerfile

@@ -3,7 +3,7 @@ FROM nginxproxy/docker-gen:0.11.0 AS docker-gen
 FROM alpine:3.19.0
 
 ARG GIT_DESCRIBE
-ARG ACMESH_VERSION=2.9.0
+ARG ACMESH_VERSION=3.0.7
 
 ENV COMPANION_VERSION=$GIT_DESCRIBE \
     DOCKER_HOST=unix:///var/run/docker.sock \

app/letsencrypt_service

@@ -198,9 +198,12 @@ function update_cert {
 
     # Set relevant --server parameter and ca folder name
     params_base_arr+=(--server "$acme_ca_uri")
-    local ca_dir="${acme_ca_uri##*://}" \
-        && ca_dir="${ca_dir%%/*}" \
-        && ca_dir="${ca_dir%%:*}"
+
+    # Reproduce acme.sh logic to determine the ca account folder path
+    local ca_host_dir
+    ca_host_dir="$(echo "$acme_ca_uri" | cut -d : -f 2 | tr -s / | cut -d / -f 2)"
+    local ca_path_dir
+    ca_path_dir="$(echo "$acme_ca_uri" | cut -d : -f 2- | tr -s / | cut -d / -f 3-)"
 
     local certificate_dir
     # If we're going to use one of LE stating endpoints ...
@@ -223,7 +226,7 @@ function update_cert {
 
     [[ ! -d "$config_home" ]] && mkdir -p "$config_home"
     params_base_arr+=(--config-home "$config_home")
-    local account_file="${config_home}/ca/${ca_dir}/account.json"
+    local account_file="${config_home}/ca/${ca_host_dir}/${ca_path_dir}/account.json"
 
     # External Account Binding (EAB)
     local -n eab_kid="ACME_${cid}_EAB_KID"

install_acme.sh

@@ -7,7 +7,7 @@ apk --no-cache --virtual .acmesh-deps add git
 
 # Get acme.sh ACME client source
 mkdir /src
-git -C /src clone https://github.com/Neilpang/acme.sh.git
+git -C /src clone https://github.com/acmesh-official/acme.sh.git
 cd /src/acme.sh
 if [[ "$ACMESH_VERSION" != "master" ]]; then
   git -c advice.detachedHead=false checkout "$ACMESH_VERSION"

test/tests/acme_accounts/run.sh

@@ -31,8 +31,21 @@ run_nginx_container --hosts "${domains[0]}"
 # Wait for a symlink at /etc/nginx/certs/${domains[0]}.crt
 wait_for_symlink "${domains[0]}" "$le_container_name"
 
+# Hard set the account dir based on the test ACME CA used.
+case $ACME_CA in
+  pebble)
+    account_dir="pebble/dir"
+    ;;
+  boulder)
+    account_dir="boulder/directory"
+    ;;
+  *)
+    echo "$0 $ACME_CA: invalid option."
+    exit 1
+esac
+
 # Test if the expected folder / file / content are there.
-json_file="/etc/acme.sh/default/ca/$ACME_CA/account.json"
+json_file="/etc/acme.sh/default/ca/$account_dir/account.json"
 if [[ "$ACME_CA" == 'boulder' ]]; then
   no_mail_str='[]'
 elif [[ "$ACME_CA" == 'pebble' ]]; then
@@ -64,7 +77,7 @@ run_nginx_container --hosts "${domains[1]}"
 wait_for_symlink "${domains[1]}" "$le_container_name"
 
 # Test if the expected folder / file / content are there.
-json_file="/etc/acme.sh/${default_email}/ca/$ACME_CA/account.json"
+json_file="/etc/acme.sh/${default_email}/ca/$account_dir/account.json"
 if docker exec "$le_container_name" [[ ! -d "/etc/acme.sh/$default_email" ]]; then
   echo "The /etc/acme.sh/$default_email folder does not exist."
 elif docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then
@@ -82,7 +95,7 @@ run_nginx_container --hosts "${domains[2]}" --cli-args "--env LETSENCRYPT_EMAIL=
 wait_for_symlink "${domains[2]}" "$le_container_name"
 
 # Test if the expected folder / file / content are there.
-json_file="/etc/acme.sh/${container_email}/ca/$ACME_CA/account.json"
+json_file="/etc/acme.sh/${container_email}/ca/$account_dir/account.json"
 if docker exec "$le_container_name" [[ ! -d "/etc/acme.sh/$container_email" ]]; then
   echo "The /etc/acme.sh/$container_email folder does not exist."
 elif docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then

test/tests/acme_eab/run.sh

@@ -46,7 +46,7 @@ run_nginx_container --hosts "${domains[1]}"  \
 wait_for_symlink "${domains[0]}" "$le_container_name"
 
 # Test if the expected file is there.
-config_path="/etc/acme.sh/default/ca/$ACME_CA"
+config_path="/etc/acme.sh/default/ca/$ACME_CA/dir"
 json_file="${config_path}/account.json"
 conf_file="${config_path}/ca.conf"
 if docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then
@@ -59,7 +59,7 @@ fi
 wait_for_symlink "${domains[1]}" "$le_container_name"
 
 # Test if the expected file is there.
-config_path="/etc/acme.sh/${container_email}/ca/$ACME_CA"
+config_path="/etc/acme.sh/${container_email}/ca/$ACME_CA/dir"
 json_file="${config_path}/account.json"
 conf_file="${config_path}/ca.conf"
 if docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then