Skip to content

fix(cli): add ability to disable SSL verification #2717

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 13, 2023
Merged

fix(cli): add ability to disable SSL verification #2717

merged 1 commit into from
Dec 13, 2023

Conversation

JohnVillalovos
Copy link
Member

Add a --no-ssl-verify option to disable SSL verification

Closes: #2714

Changes

Documentation and testing

Please consider whether this PR needs documentation and tests. This is not required, but highly appreciated:

@JohnVillalovos JohnVillalovos requested a review from nejch November 4, 2023 00:37
@codecov Codecov
Copy link

codecov bot commented Nov 4, 2023

Codecov Report

Merging #2717 (3e49170) into main (e7229ce) will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##             main    #2717   +/-   ##
=======================================
  Coverage   96.44%   96.44%           
=======================================
  Files          88       88           
  Lines        5761     5763    +2     
=======================================
+ Hits         5556     5558    +2     
  Misses        205      205
Flag Coverage Δ
api_func_v4 82.37% <0.00%> (-0.03%) ⬇️
cli_func_v4 83.46% <100.00%> (+<0.01%) ⬆️
unit 88.09% <100.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Coverage Δ
gitlab/cli.py 100.00% <100.00%> (ø)

@JohnVillalovos JohnVillalovos mentioned this pull request Nov 4, 2023
Closed
@JohnVillalovos JohnVillalovos force-pushed the jlvillal/cli_ssl_verify branch from 3e49170 to 0a1ed42 Compare November 6, 2023 16:31
nejch
nejch requested changes Nov 7, 2023
View reviewed changes
Copy link
Member

@nejch nejch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot @JohnVillalovos! This is nice and simple but I think we might need a more general fix, WDYT?

gitlab/cli.py
Comment on lines +208 to +215
ssl_verify_group.add_argument(
"--no-ssl-verify",
help="Disable SSL verification",
required=False,
dest="ssl_verify",
action="store_false",
)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like the simplicity of this, but it doesn't fully fix #2714. We still cannot use environment variables (this is true for all of our booleans on the CLI). We'd need some kind of strtobool logic for those, and that maybe also falls back to strings for the ssl_verify arg. Also, the new flag doesn't have an env var equivalent this way like the others do. WDYT?

@JohnVillalovos
Copy link
Member Author

Thanks a lot @JohnVillalovos! This is nice and simple but I think we might need a more general fix, WDYT?

I don't disagree that it could be better but it does handle the issue brought up in #2714 As it will allow them to disable ssl_verify

At the moment I'm not sure if I personally have the time to start down the path that will be required to make all environment variables work.

If someone wants to attempt it then the strtobool could be done similar to this: https://github.com/python/cpython/blob/f55cb44359821e71c29903f2152b4658509dac0d/Lib/configparser.py#L1092-L1097

@JohnVillalovos JohnVillalovos force-pushed the jlvillal/cli_ssl_verify branch from 0a1ed42 to 6853bed Compare November 13, 2023 13:44
@nejch
Copy link
Member

nejch commented Nov 22, 2023

Thanks a lot @JohnVillalovos! This is nice and simple but I think we might need a more general fix, WDYT?

I don't disagree that it could be better but it does handle the issue brought up in #2714 As it will allow them to disable ssl_verify

At the moment I'm not sure if I personally have the time to start down the path that will be required to make all environment variables work.

If someone wants to attempt it then the strtobool could be done similar to this: https://github.com/python/cpython/blob/f55cb44359821e71c29903f2152b4658509dac0d/Lib/configparser.py#L1092-L1097

Sorry for the delay here, I was just thinking about whether we should introduce something that would potentially be deprecated again if we have a strtobool solution later, maybe we can go ahead with this if I don't get to it before the 28th 😁

@JohnVillalovos @nejch
fix(cli): add ability to disable SSL verification
be07c99 
Add a `--no-ssl-verify` option to disable SSL verification

Closes: #2714
@nejch nejch force-pushed the jlvillal/cli_ssl_verify branch from 6853bed to be07c99 Compare December 13, 2023 12:08
@nejch nejch enabled auto-merge (rebase) December 13, 2023 12:09
@nejch nejch merged commit 3fe9fa6 into main Dec 13, 2023
@nejch nejch deleted the jlvillal/cli_ssl_verify branch December 13, 2023 12:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nejch nejch nejch requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Boolean values parsed on the cli by argument or enviroment are not parsed correctly
2 participants
@JohnVillalovos @nejch