Add verify_ssl option

[micafer]

Add verify_ssl option

Description

Add verify_ssl option, to enable the user to avoid SSL verification explicitly.
Also fix version of setup-uv and update vulneable deps to pass all the tests.

Status

• Ready for review

Checklist (tick everything that applies)

• Code linting (required, can be done after the PR checks)
• Documentation
• Tests
• ICLA (required for bigger changes)

[micafer]

@PsiACE could you take a look, it seems that "astral-sh/setup-uv" action is not allowed now.

[PsiACE]

hi @micafer , astral-sh/setup-uv@v7 needs to be pinned to a specific hash value, like astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78

Would you like to give it a try?

[micafer]

Same error.

[tisonkun]

https://github.com/apache/infrastructure-actions/blob/72e2dbde7dec469a2aad118a8e931f5d7d9e65f2/actions.yml#L21-L24

I assume either the tag or hash linked here should work.

Background can be https://infra.apache.org/blog/trivy_security_incident.html.

[micafer]

Now the tests are running, thanks @PsiACE and @tisonkun !

[codecov-commenter]

Codecov Report

❌ Patch coverage is 81.66667% with 11 lines in your changes missing coverage. Please review.
✅ Project coverage is 83.36%. Comparing base (3fb37a2) to head (76cddba).

Files with missing lines	Patch %	Lines
libcloud/loadbalancer/drivers/elb.py	0.00%	3 Missing ⚠️
libcloud/compute/drivers/azure_arm.py	33.33%	2 Missing ⚠️
libcloud/compute/drivers/ecs.py	0.00%	2 Missing ⚠️
libcloud/common/base.py	75.00%	1 Missing ⚠️
libcloud/common/google.py	75.00%	1 Missing ⚠️
libcloud/compute/drivers/vsphere.py	50.00%	1 Missing ⚠️
libcloud/storage/drivers/oss.py	0.00%	1 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##            trunk    #2128   +/-   ##
=======================================
  Coverage   83.36%   83.36%           
=======================================
  Files         353      353           
  Lines       81906    81906           
  Branches     9007     9007           
=======================================
  Hits        68278    68278           
  Misses      10799    10799           
  Partials     2829     2829           

Files with missing lines	Coverage Δ
libcloud/common/abiquo.py	89.83% <ø> (ø)
libcloud/common/dimensiondata.py	94.92% <ø> (ø)
libcloud/common/openstack.py	85.32% <100.00%> (ø)
libcloud/common/openstack_identity.py	84.44% <100.00%> (ø)
libcloud/compute/base.py	92.86% <ø> (ø)
libcloud/compute/deployment.py	93.67% <ø> (ø)
libcloud/compute/drivers/digitalocean.py	84.86% <ø> (ø)
libcloud/compute/drivers/dummy.py	37.50% <ø> (ø)
libcloud/compute/drivers/equinixmetal.py	70.11% <ø> (ø)
libcloud/compute/drivers/gandi.py	72.66% <100.00%> (ø)
... and 38 more

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[micafer]

please @PsiACE and @tisonkun review this, the change is minor but important (commit e68658a).
The rest of commits are done update some deps to pass the tests.

[tisonkun]

Since I don't see any change that calls VSphereNodeDriver(...) with different verify_ssl param, I expect that it's always true now? Or users would initialize their own VSphereNodeDriver with verify_ssl=false if desired?

[tisonkun]

This is the non-trival change.

[micafer]

Since I don't see any change that calls VSphereNodeDriver(...) with different verify_ssl param, I expect that it's always true now? Or users would initialize their own VSphereNodeDriver with verify_ssl=false if desired?

Exactly, only if the user sets explicitly verify_ssl=false the certificates will not be validate, el the rest of cases they will.

[tisonkun]

LGTM. Thanks for working on this!