Skip to content

Comments

config: allow bool values for repo cert#5719

Merged
neersighted merged 1 commit intopython-poetry:masterfrom
abn:repo-verify-false
May 29, 2022
Merged

config: allow bool values for repo cert#5719
neersighted merged 1 commit intopython-poetry:masterfrom
abn:repo-verify-false

Conversation

@abn
Copy link
Member

@abn abn commented May 29, 2022

boolean values in addition to certificate paths. This allows for repositories to skip TLS certificate validation for cases where self-signed certificats are used by package sources.

In addition to the above, the certificate configuration handling has now been delegated to a dedicated dataclass.

Closes: #3676
Resolves: #1556

@abn abn added area/config Related to configuration management area/docs Documentation issues/improvements area/repo Meta-issues for the repository/forge itself labels May 29, 2022
@abn abn requested a review from a team May 29, 2022 21:29
@abn abn mentioned this pull request May 29, 2022
Closed
2 tasks
@abn abn force-pushed the repo-verify-false branch from 9c4e870 to 9533c26 Compare May 29, 2022 21:33
@abn abn changed the title This change allows certificates.<repo>.cert configuration to accept config: allow bool values for repo cert May 29, 2022
@abn abn force-pushed the repo-verify-false branch from 9533c26 to ac73268 Compare May 29, 2022 21:35
@github-actions
Copy link

github-actions bot commented May 29, 2022
edited
Loading

Deploy preview for website ready!

✅ Preview
https://website-n60mknwu4-python-poetry.vercel.app

Built with commit f7d3625.
This pull request is being automatically deployed with vercel-action

neersighted
neersighted previously approved these changes May 29, 2022
View reviewed changes
Copy link
Member

@neersighted neersighted left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM -- I especially like that PyPI is tamperproof the way you've added this, as well as the dataclass encapsulation of invariants/configuration.

@neersighted
Copy link
Member

neersighted commented May 29, 2022

Things look a little awkward with the docs nesting, but I can live with it:

image

Secrus
Secrus previously approved these changes May 29, 2022
View reviewed changes
@abn abn dismissed stale reviews from Secrus and neersighted via 99298b9 May 29, 2022 22:14
@abn abn force-pushed the repo-verify-false branch from ac73268 to 99298b9 Compare May 29, 2022 22:14
@abn
Copy link
Member Author

abn commented May 29, 2022

Things look a little awkward with the docs nesting, but I can live with it:

Yeah. But couldn't think of a better way of grouping it.

@abn abn requested review from Secrus and neersighted May 29, 2022 22:17
neersighted
neersighted previously approved these changes May 29, 2022
View reviewed changes
Secrus
Secrus reviewed May 29, 2022
View reviewed changes
@abn @Celeborn2BeAlive @maayanbar13
config: allow bool values for repo cert
f7d3625 
This change allows certificates.<repo>.cert configuration to accept
boolean values in addition to certificate paths. This allows for
repositories to skip TLS certificate validation for cases where
self-signed certificats are used by package sources.

In addition to the above, the certificate configuration handling has
now been delegated to a dedicated dataclass.

Co-authored-by: Celeborn2BeAlive <[email protected]>
Co-authored-by: Maayan Bar <[email protected]>
@abn abn force-pushed the repo-verify-false branch from 99298b9 to f7d3625 Compare May 29, 2022 22:38
@abn abn requested review from Secrus and neersighted May 29, 2022 22:39
@neersighted neersighted merged commit 8cb3aab into python-poetry:master May 29, 2022
@abn abn deleted the repo-verify-false branch May 29, 2022 22:47
@neersighted neersighted mentioned this pull request Jun 4, 2022
Closed
2 tasks
@abn abn mentioned this pull request Jun 6, 2022
Merged
@Dimaqa
Copy link

Dimaqa commented Jul 8, 2022

Still have error with version 1.2.0b2

Could not find a suitable TLS CA certificate bundle, invalid path: false

@markfaine
Copy link

markfaine commented Aug 22, 2022

This doesn't resolve the problem, because false is added as a string in auth.toml

  [certificates]
  [certificates.cp_util]
  cert = "false"

It should be:

  [certificates]
  [certificates.cp_util]
  cert = false

I suppose this command is the culprit. It's probably casting the command line argument to a string since it would have always been a string prior to this commit.

poetry config certificates.cp_util.cert false

@github-actions
Copy link

github-actions bot commented Feb 29, 2024

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@neersighted neersighted neersighted approved these changes

@Secrus Secrus Secrus approved these changes

Assignees

No one assigned

Labels

area/config Related to configuration management area/docs Documentation issues/improvements area/repo Meta-issues for the repository/forge itself

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Option to disable SSL verify

5 participants

@abn @neersighted @Dimaqa @markfaine @Secrus