You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Version
Please provide the versions of the pulpcore and pulp_python packages in use, and how they are installed. If you are using Pulp via Katello, please provide the Katello version.
"core": "3.47.0"
"python": "3.11.0"
We are using docker compose to installed Pulp components.
Describe the bug
A clear and concise description of what the bug is.
When a Python remote is created for PyPI, using a HTTP proxy, and when TLS Validation is set to False, we are getting a certificate validation error when trying to sync the python repository with the PyPI remote.
To Reproduce
Steps to reproduce the behavior:
Create a Python Remote pointing to PyPI, with HTTP proxy, and TLS Validation set to False:
Sync the repository with the remote:
pulp python repository sync --name Test-PyPI --remote Test-PyPI
The logs would generate the following error:
pulp-pulp_worker-1 | 2024-03-18T21:47:12.763642774Z aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host pypi.org:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')]
Expected behavior
A clear and concise description of what you expected to happen.
TLS validation not to be performed on the remote when a sync is performed on the python repository and remote.
Additional context
Add any other context about the problem here. Please provide links to any previous discussions via Discourse or Bugzilla.
The text was updated successfully, but these errors were encountered:
pulp-user333
changed the title
pulp_python does not disable tls_validation when set to false
pulp_python does not disable tls_validation when it is set to false on the remote
Mar 19, 2024
gerrod3
added a commit
to gerrod3/pulp_python
that referenced
this issue
Apr 9, 2024
Version
Please provide the versions of the pulpcore and pulp_python packages in use, and how they are installed. If you are using Pulp via Katello, please provide the Katello version.
"core": "3.47.0"
"python": "3.11.0"
We are using docker compose to installed Pulp components.
Describe the bug
A clear and concise description of what the bug is.
When a Python remote is created for PyPI, using a HTTP proxy, and when TLS Validation is set to False, we are getting a certificate validation error when trying to sync the python repository with the PyPI remote.
To Reproduce
Steps to reproduce the behavior:
Create a Python Remote pointing to PyPI, with HTTP proxy, and TLS Validation set to False:
[
{
“pulp_href”: “/pulp/api/v3/remotes/python/python/018e3f85-b903-783a-a05a-f86fdabce839/”,
“pulp_created”: “2024-03-15T00:31:52.068466Z”,
“name”: “Test-PyPI”,
"url": “https://pypi.org/”,
“ca_cert”: null,
“client_cert”: null,
"tls_validation": false,
"proxy_url": “http://10.1.1.9:8080/”,
“pulp_labels”: {},
“pulp_last_updated”: “2024-03-18T15:58:31.957989Z”,
“download_concurrency”: null,
“max_retries”: null,
“policy”: “on_demand”,
“total_timeout”: null,
“connect_timeout”: null,
“sock_connect_timeout”: null,
“sock_read_timeout”: null,
“headers”: null,
“rate_limit”: null,
“hidden_fields”: [
{
“name”: “client_key”,
“is_set”: false
},
{
“name”: “proxy_username”,
“is_set”: false
},
{
“name”: “proxy_password”,
“is_set”: false
},
{
“name”: “username”,
“is_set”: false
},
{
“name”: “password”,
“is_set”: false
}
],
“includes”: [
“shelf-reader”
],
“excludes”: [],
“prereleases”: true,
“package_types”: [],
“keep_latest_packages”: 0,
“exclude_platforms”: []
}
]
Create a Python Repository:
[
{
"pulp_href": "/pulp/api/v3/repositories/python/python/018e3f85-bfde-7228-b620-68f8f49897aa/",
"pulp_created": "2024-03-15T00:31:53.823938Z",
"versions_href": "/pulp/api/v3/repositories/python/python/018e3f85-bfde-7228-b620-68f8f49897aa/versions/",
"pulp_labels": {},
"latest_version_href": "/pulp/api/v3/repositories/python/python/018e3f85-bfde-7228-b620-68f8f49897aa/versions/0/",
"name": "Test-PyPI",
"description": "",
"retain_repo_versions": null,
"remote": null,
"autopublish": false
}
]
Sync the repository with the remote:
pulp python repository sync --name Test-PyPI --remote Test-PyPI
The logs would generate the following error:
pulp-pulp_worker-1 | 2024-03-18T21:47:12.763642774Z aiohttp.client_exceptions.ClientConnectorCertificateError: Cannot connect to host pypi.org:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')]
Expected behavior
A clear and concise description of what you expected to happen.
TLS validation not to be performed on the remote when a sync is performed on the python repository and remote.
Additional context
Add any other context about the problem here. Please provide links to any previous discussions via Discourse or Bugzilla.
The text was updated successfully, but these errors were encountered: