Use trustme for test TLS certificate and key

[rominf]

What do these changes do?

Use trustme for test TLS certificate and key

With the current approach TLS certificate and key are hardcoded in separate files and distributed as part of wheels. This is unnecessary for end users of the package, also this brings difficulties while supporting Python 3.13, see: #473

Use trustme for generating TLS certificate and key on the fly, as it is done in other aio-libs packages.

Initially proposed in: #473 (comment)

Are there changes in behavior for the user?

Wheels no longer include test TLS certificate and key.

Related issue number

Checklist

• I think the code is well written
• Unit tests for the changes exist
• tox testenvs have been executed in the following environments:
  • Linux (openSUSE Tumbleweed): py311-cov (after merging Remove pytest-asyncio traces #554)
• Documentation reflects the changes [not worthy for documentation]
• Add a news fragment into the NEWS.rst file [not worthy for NEWS.rst]
  • Add under the "aiosmtpd-next" section, creating one if necessary
    • You may create subsections to group the changes, if you like
  • Use full sentences with correct case and punctuation
  • Refer to relevant Issue if applicable

[webknjaz]

It's unclear to me what the pytest-asyncio plug-in has to do with TLS certificates or why it needs to be removed. Either way, it's best to avoid mixing up unrelated changes.

[rominf]

@webknjaz Unfortunately, tox tests did not pass on my machine, so I had to make this change. However, I understand your point about unrelated changes, so I split this PR into two. See: #554.

[rominf]

I tried to add workaround for installing trustme: see #552 (comment) and https://github.com/aio-libs/aiosmtpd/pull/552/files#diff-4d7c51b1efe9043e44439a949dfd92e5827321b34082903477fd04876edb7552R8-R9, however it didn't work because of PyPy trying to build cryptography:

error: the configured PyPy interpreter version (3.8) is lower than PyO3's minimum supported version (3.9)

Hence, #555 should be reviewed and merged first.

[webknjaz]

I'm pretty sure cryptography has older published wheels that would be compatible.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 97.82%. Comparing base (d087090) to head (039d938).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #552      +/-   ##
==========================================
+ Coverage   97.78%   97.82%   +0.03%     
==========================================
  Files          23       23              
  Lines        5697     5709      +12     
  Branches      764      770       +6     
==========================================
+ Hits         5571     5585      +14     
+ Misses         80       78       -2     
  Partials       46       46              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[rominf]

I'm pretty sure cryptography has older published wheels that would be compatible.

You are right, cryptography==41.0.7 has compatible wheels published. I updated my PR. However, this version has a few security issues: https://security.snyk.io/package/pip/cryptography/41.0.7, so dependabot will likely create PRs.

[webknjaz]

It's possible to use env markers and only install the older version under PyPy but not others.

[rominf]

I had to read PEP 496, I didn't know about platform_python_implementation marker. Thanks! Done.

[webknjaz]

It was rejected and superseded by PEP 508.