From e5107cf83f581b89ed448dac929388262da88c04 Mon Sep 17 00:00:00 2001 From: Liran BG Date: Thu, 21 Mar 2024 14:43:21 +0200 Subject: [PATCH] [DataStore] Condition http verify on mlrun config (#5311) --- mlrun/datastore/base.py | 38 ++++++++++++++++++++++---------------- 1 file changed, 22 insertions(+), 16 deletions(-) diff --git a/mlrun/datastore/base.py b/mlrun/datastore/base.py index b7ebb7ac34f..832426d86d6 100644 --- a/mlrun/datastore/base.py +++ b/mlrun/datastore/base.py @@ -27,6 +27,7 @@ import urllib3 from deprecated import deprecated +import mlrun.config import mlrun.errors from mlrun.errors import err_to_str from mlrun.utils import StorePrefix, is_ipython, logger @@ -34,10 +35,6 @@ from .store_resources import is_store_uri, parse_store_uri from .utils import filter_df_start_end_time, select_columns_from_df -verify_ssl = False -if not verify_ssl: - urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) - class FileStats: def __init__(self, size, modified, content_type=None): @@ -643,17 +640,6 @@ def basic_auth_header(user, password): return {"Authorization": authstr} -def http_get(url, headers=None, auth=None): - try: - response = requests.get(url, headers=headers, auth=auth, verify=verify_ssl) - except OSError as exc: - raise OSError(f"error: cannot connect to {url}: {err_to_str(exc)}") - - mlrun.errors.raise_for_status(response) - - return response.content - - class HttpStore(DataStore): def __init__(self, parent, schema, name, endpoint="", secrets: dict = None): super().__init__(parent, name, schema, endpoint, secrets) @@ -681,7 +667,7 @@ def put(self, key, data, append=False): raise ValueError("unimplemented") def get(self, key, size=None, offset=0): - data = http_get(self.url + self._join(key), self._headers, self.auth) + data = self._http_get(self.url + self._join(key), self._headers, self.auth) if offset: data = data[offset:] if size: @@ -701,6 +687,26 @@ def _validate_https_token(self): f"schema as it is not secure and is not recommended." ) + def _http_get( + self, + url, + headers=None, + auth=None, + ): + # import here to prevent import cycle + from mlrun.config import config as mlconf + + verify_ssl = mlconf.httpdb.http.verify + try: + if not verify_ssl: + urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) + response = requests.get(url, headers=headers, auth=auth, verify=verify_ssl) + except OSError as exc: + raise OSError(f"error: cannot connect to {url}: {err_to_str(exc)}") + + mlrun.errors.raise_for_status(response) + return response.content + # This wrapper class is designed to extract the 'ds' schema and profile name from URL-formatted paths. # Within fsspec, the AbstractFileSystem::_strip_protocol() internal method is used to handle complete URL paths.