Add missing load_default_certs() call. #350
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Thank you @moisesguimaraes for your PR. Can you also adjust integration tests with case covering this PR? Now they are not failing on master: |
moisesguimaraes
commented
Jan 26, 2021
| context.set_ciphers.assert_not_called() | ||
| context.verify_mode.assert_not_called() | ||
|
|
||
| context.load_default_certs.assert_called_with( |
There was a problem hiding this comment.
@matusvalo I have tests to cover the new code path already.
There was a problem hiding this comment.
yes I saw. But I was curious why integration test creating real tls connection to broker suit does not fail on master. They should fail right?
There was a problem hiding this comment.
They should only fail when you try to load system certs. I added new tests for this case.
moisesguimaraes
force-pushed
the
master
branch
from
cbc53f5
to
e4f1f1d
Compare
|
Ok, added some integration tests. |
Our CI is not working, so please check on you repo if they are working fine. |
auvipy
reviewed
Jan 27, 2021
|
I will check it today. |
|
OK I have checked the PR and it looks great! Thank you @moisesguimaraes ! I also like the integration test. Thanks again! |
|
i will try to release tonite or tomorrw morning |
athos-ribeiro
pushed a commit
to athos-ribeiro/cachito
that referenced
this pull request
Feb 10, 2021
A recent py-ampq update is causing cachito workers to fail to get local certificates: ``` ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123) ``` This has been reported upstream on celery/py-amqp#349 and fixed on celery/py-amqp#350. However, even with the fix, provided by Fedora on https://bodhi.fedoraproject.org/updates/FEDORA-2021-904397f5c4, Cachito workers still fail to connect to rabbitmq (with the same error) when enforcing SSL connections. Let's pin py-amqp version to the latest version known to work with Cachito so we do not need to halt development/deployments while we deal with the amqp issue. Signed-off-by: Athos Ribeiro <athos@redhat.com>
athos-ribeiro
pushed a commit
to containerbuildsystem/cachito
that referenced
this pull request
Feb 10, 2021
A recent py-ampq update is causing cachito workers to fail to get local certificates: ``` ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123) ``` This has been reported upstream on celery/py-amqp#349 and fixed on celery/py-amqp#350. However, even with the fix, provided by Fedora on https://bodhi.fedoraproject.org/updates/FEDORA-2021-904397f5c4, Cachito workers still fail to connect to rabbitmq (with the same error) when enforcing SSL connections. Let's pin py-amqp version to the latest version known to work with Cachito so we do not need to halt development/deployments while we deal with the amqp issue. Signed-off-by: Athos Ribeiro <athos@redhat.com>
softdevm
pushed a commit
to softdevm/cachito-app
that referenced
this pull request
Sep 2, 2022
A recent py-ampq update is causing cachito workers to fail to get local certificates: ``` ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123) ``` This has been reported upstream on celery/py-amqp#349 and fixed on celery/py-amqp#350. However, even with the fix, provided by Fedora on https://bodhi.fedoraproject.org/updates/FEDORA-2021-904397f5c4, Cachito workers still fail to connect to rabbitmq (with the same error) when enforcing SSL connections. Let's pin py-amqp version to the latest version known to work with Cachito so we do not need to halt development/deployments while we deal with the amqp issue. Signed-off-by: Athos Ribeiro <athos@redhat.com>
softdev87
added a commit
to softdev87/cachito-app
that referenced
this pull request
Sep 8, 2022
A recent py-ampq update is causing cachito workers to fail to get local certificates: ``` ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123) ``` This has been reported upstream on celery/py-amqp#349 and fixed on celery/py-amqp#350. However, even with the fix, provided by Fedora on https://bodhi.fedoraproject.org/updates/FEDORA-2021-904397f5c4, Cachito workers still fail to connect to rabbitmq (with the same error) when enforcing SSL connections. Let's pin py-amqp version to the latest version known to work with Cachito so we do not need to halt development/deployments while we deal with the amqp issue. Signed-off-by: Athos Ribeiro <athos@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes: #349