Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

config: allow bool values for repo cert #5719

Merged
merged 1 commit into from
May 29, 2022

Conversation

abn
Copy link
Member

@abn abn commented May 29, 2022

boolean values in addition to certificate paths. This allows for repositories to skip TLS certificate validation for cases where self-signed certificats are used by package sources.

In addition to the above, the certificate configuration handling has now been delegated to a dedicated dataclass.

Closes: #3676
Resolves: #1556

@abn abn added area/config Related to configuration management area/docs Documentation issues/improvements area/repo Meta-issues for the repository/forge itself labels May 29, 2022
@abn abn requested a review from a team May 29, 2022 21:29
@abn abn changed the title This change allows certificates.<repo>.cert configuration to accept config: allow bool values for repo cert May 29, 2022
@github-actions
Copy link

github-actions bot commented May 29, 2022

Deploy preview for website ready!

✅ Preview
https://website-n60mknwu4-python-poetry.vercel.app

Built with commit f7d3625.
This pull request is being automatically deployed with vercel-action

neersighted
neersighted previously approved these changes May 29, 2022
Copy link
Member

@neersighted neersighted left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM -- I especially like that PyPI is tamperproof the way you've added this, as well as the dataclass encapsulation of invariants/configuration.

@neersighted
Copy link
Member

Things look a little awkward with the docs nesting, but I can live with it:

image

Secrus
Secrus previously approved these changes May 29, 2022
@abn abn dismissed stale reviews from Secrus and neersighted via 99298b9 May 29, 2022 22:14
@abn
Copy link
Member Author

abn commented May 29, 2022

Things look a little awkward with the docs nesting, but I can live with it:

Yeah. But couldn't think of a better way of grouping it.

@abn abn requested review from neersighted and Secrus May 29, 2022 22:17
neersighted
neersighted previously approved these changes May 29, 2022
This change allows certificates.<repo>.cert configuration to accept
boolean values in addition to certificate paths. This allows for
repositories to skip TLS certificate validation for cases where
self-signed certificats are used by package sources.

In addition to the above, the certificate configuration handling has
now been delegated to a dedicated dataclass.

Co-authored-by: Celeborn2BeAlive <laurent.noel.c2ba@gmail.com>
Co-authored-by: Maayan Bar <maayanbar13@gmail.com>
@neersighted neersighted merged commit 8cb3aab into python-poetry:master May 29, 2022
@abn abn deleted the repo-verify-false branch May 29, 2022 22:47
@abn abn mentioned this pull request Jun 6, 2022
@Dimaqa
Copy link

Dimaqa commented Jul 8, 2022

Still have error with version 1.2.0b2

Could not find a suitable TLS CA certificate bundle, invalid path: false

@markfaine
Copy link

This doesn't resolve the problem, because false is added as a string in auth.toml

  [certificates]
  [certificates.cp_util]
  cert = "false"

It should be:

  [certificates]
  [certificates.cp_util]
  cert = false

I suppose this command is the culprit. It's probably casting the command line argument to a string since it would have always been a string prior to this commit.

poetry config certificates.cp_util.cert false

Copy link

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
area/config Related to configuration management area/docs Documentation issues/improvements area/repo Meta-issues for the repository/forge itself
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Option to disable SSL verify
5 participants