Dependencies on both awscli and pylint are causing issues for us. We need to update pylint to make it work on Python 3.11 and newer versions are incompatible with awscli because the latter pins back its dependencies to old versions. See aws/aws-cli#7086.

To fix this, what if we just dropped the awscli dependency? We never use this tool programmatically. Instead, we make sure it's installed because it's referenced in this README. The awscli commands are the ones that start with aws.

Now that we only have one test farm test (just test_apache2.sh) and basically never run them manually anymore, I'm not sure the information about how to run multiple tests at once is needed and you can also terminate instances through the web UI. Similarly, AWS provides information on creating key pairs at https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html which also includes web instructions.

@ohemorange, since you're probably the only other person still working on Certbot who has ever manually run the test farm tests, I'd love to get your thoughts here since I'm kind of blocked on this at the moment.

With aws/aws-cli#7086 (comment), I even more strongly think we should do this. awscli v1 is still supported, but it seems its less prioritized than v2 and there are currently no plans for them to offer awscli v2 through PyPI.

You know I love a good deprecation. Probably the most important leftover piece would be creating and configuring a profile, but do we actually need to do that? Is there likely to be a reason to not just run it from the automated tests? I can't remember if we ever got the automated tests to print the logs on failure. But yeah, the web interface is definitely good enough for the rare times we might need to do anything locally, either way. I'm in favor.

Probably the most important leftover piece would be creating and configuring a profile, but do we actually need to do that?

Ugh nice catch. I missed that bit. Just in case we do want to do it, I'll write up how to do this without awscli pre-installed in the README.

Is there likely to be a reason to not just run it from the automated tests?

Maybe for debugging or expanding the tests, but I think it's been a long time since we needed to do that and I'm all for putting hurdles in our way to make it harder for us to extend these tests 😂

I can't remember if we ever got the automated tests to print the logs on failure.

We did and it looks like you wrote the PR! See #8740.

But yeah, the web interface is definitely good enough for the rare times we might need to do anything locally, either way. I'm in favor.

Great. Thanks for the sanity check. I'll write a PR for this soonish.