Skip to content

Commit

Permalink
atifactory: make certs bundle path configurable
Browse files Browse the repository at this point in the history
Sometimes we find a big corporation issuing its own internal
certificates which we want to trust.

This patch adds a code that sets the cert bundle path to a value of the
environment variable LAVATORY_CERTBUNDLE_PATH if the variable exists;
otherwise output of cetify.where() is used instead.
  • Loading branch information
filak-sap authored and sijis committed Sep 30, 2019
1 parent 7b76a21 commit 37eba1c
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 1 deletion.
17 changes: 17 additions & 0 deletions docs/getting_started.rst
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,23 @@ provided, Lavatory will run against all repos in Artifactory.
By default, Lavatory runs in drymode. Must include ``--nodryrun`` in order to
actually delete Artifacts

Configure SSL
~~~~~~~~~~~~~

When HTTPS Artifactory URL is provided, Lavatory uses ``certifi`` to get the
list of trusted certificates.

If your server's certificate is not signed by any of certifi's authorities,
you can either update the certifi's list whose file system path can be retrieved
by the following command:

::

python -c "import certifi; print(certifi.where())"

or you can instruct Lavatory to use your own CA bundle file path by setting
the environment variable ``LAVATORY_CERTBUNDLE_PATH``.

CLI Help
--------

Expand Down
3 changes: 2 additions & 1 deletion src/lavatory/utils/artifactory.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
"""Artifactory purger module."""
import os
import base64
import datetime
import logging
Expand Down Expand Up @@ -29,7 +30,7 @@ def __init__(self, repo_name=None):
self.artifactory.artifactory_url = self.api_url
self.artifactory.username = self.credentials['artifactory_username']
self.artifactory.password = base64.encodebytes(bytes(self.credentials['artifactory_password'], 'utf-8'))
self.artifactory.certbundle = certifi.where()
self.artifactory.certbundle = os.getenv('LAVATORY_CERTBUNDLE_PATH', certifi.where())

def repos(self, repo_type='local'):
"""
Expand Down

0 comments on commit 37eba1c

Please sign in to comment.