From 60645058e544d5fee6fa6a14e7909a07261e1ff1 Mon Sep 17 00:00:00 2001 From: jfuller Date: Sun, 14 Jan 2024 10:10:17 +0100 Subject: [PATCH] added GRIFFON_VERIFY_SSL env var --- CHANGELOG.md | 2 ++ docs/user_guide.md | 5 +++++ griffon/__init__.py | 9 ++++++++- 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 52907f3..94f3980 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## Unreleased +### Added +* GRIFFON_VERIFY_SSL environment variable ## [0.4.1] - 2024-01-12 ### Fixed diff --git a/docs/user_guide.md b/docs/user_guide.md index 6d3d25e..3ba28a6 100644 --- a/docs/user_guide.md +++ b/docs/user_guide.md @@ -87,6 +87,11 @@ export OSIDB_USERNAME="" export OSIDB_PASSWORD="" ``` +To disable verifying ssl certificates: +```commandline +export GRIFFON_VERIFY_SSL="False" +``` + ### Enable autocompletion Enable shell autocompletion by following these instructions for your specific shell. diff --git a/griffon/__init__.py b/griffon/__init__.py index 65da54a..5201931 100644 --- a/griffon/__init__.py +++ b/griffon/__init__.py @@ -42,6 +42,7 @@ GRIFFON_CONFIG_DIR = os.getenv("GRIFFON_API_URL", "~/.griffon") GRIFFON_RC_FILE = "~/.griffonrc" GRIFFON_DEFAULT_LOG_FILE = os.getenv("GRIFFON_DEFAULT_LOG_FILE", "~/.griffon/history.log") +GRIFFON_VERIFY_SSL = os.getenv("GRIFFON_VERIFY_SSL", "True").lower() in ("true", "1", "t") logger = logging.getLogger("griffon") @@ -138,6 +139,7 @@ def create_session(): try: return component_registry_bindings.new_session( component_registry_server_uri=CORGI_SERVER_URL, + verify_ssl=GRIFFON_VERIFY_SSL, ) except: # noqa console.log(f"{CORGI_SERVER_URL} is not accessible.") @@ -204,7 +206,11 @@ def create_session(): if OSIDB_AUTH_METHOD == "credentials": credentials["username"] = OSIDB_USERNAME credentials["password"] = OSIDB_PASSWORD - return osidb_bindings.new_session(osidb_server_uri=OSIDB_SERVER_URL, **credentials) + return osidb_bindings.new_session( + osidb_server_uri=OSIDB_SERVER_URL, + verify_ssl=GRIFFON_VERIFY_SSL, + **credentials, + ) except: # noqa console.log(f"{OSIDB_SERVER_URL} is not accessible (or krb ticket has expired).") exit(1) @@ -307,6 +313,7 @@ def create_session(): try: return component_registry_bindings.new_session( component_registry_server_uri=COMMUNITY_COMPONENTS_SERVER_URL, + verify_ssl=GRIFFON_VERIFY_SSL, ) except: # noqa console.log(f"{COMMUNITY_COMPONENTS_SERVER_URL } is not accessible.")