Skip verify with self-signed certificates

[keithf4]

Running into the error below when Grafana has TLS enabled with self-signed certificates. The ansible uri module provides the validate_certs: false option to get around this. Also the community.grafana module provides tls_skip_verify, but we need to be able to make alertmanager datasources in Prometheus which this module had so far allowed until we tried with TLS enabled.

Is there a way to disable TLS verification with this module?

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: requests.exceptions.SSLError: HTTPSConnectionPool(host='192.168.122.14', 
port=3000): Max retries exceeded with url: /api/datasources (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: u
nable to get local issuer certificate (_ssl.c:1129)')))                                                                                                                   
fatal: [192.168.122.14]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n  File \"/usr/lib/python3.9/site-packages/urllib3/connectionp
ool.py\", line 700, in urlopen\n    httplib_response = self._make_request(\n  File \"/usr/lib/python3.9/site-packages/urllib3/connectionpool.py\", line 383, in _make_requ
est\n    self._validate_conn(conn)\n  File \"/usr/lib/python3.9/site-packages/urllib3/connectionpool.py\", line 1015, in _validate_conn\n    conn.connect()\n  File \"/usr
/lib/python3.9/site-packages/urllib3/connection.py\", line 411, in connect\n    self.sock = ssl_wrap_socket(\n  File \"/usr/lib/python3.9/site-packages/urllib3/util/ssl_.
py\", line 453, in ssl_wrap_socket\n    ssl_sock = _ssl_wrap_socket_impl(sock, context, tls_in_tls)\n  File \"/usr/lib/python3.9/site-packages/urllib3/util/ssl_.py\", lin
e 495, in _ssl_wrap_socket_impl\n    return ssl_context.wrap_socket(sock)\n  File \"/usr/lib64/python3.9/ssl.py\", line 501, in wrap_socket\n    return self.sslsocket_cla
ss._create(\n  File \"/usr/lib64/python3.9/ssl.py\", line 1074, in _create\n    self.do_handshake()\n  File \"/usr/lib64/python3.9/ssl.py\", line 1343, in do_handshake\n 
   self._sslobj.do_handshake()\nssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1
129)\n\nDuring handling of the above exception, another exception occurred:\n\nTraceback (most recent call last):\n  File \"/usr/lib/python3.9/site-packages/requests/adap
ters.py\", line 439, in send\n    resp = conn.urlopen(\n  File \"/usr/lib/python3.9/site-packages/urllib3/connectionpool.py\", line 756, in urlopen\n    retries = retries
.increment(\n  File \"/usr/lib/python3.9/site-packages/urllib3/util/retry.py\", line 574, in increment\n    raise MaxRetryError(_pool, url, error or ResponseError(cause))
\nurllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='192.168.122.14', port=3000): Max retries exceeded with url: /api/datasources (Caused by SSLError(SSLCertVeri
ficationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')))\n\nDuring handling of the above exc
eption, another exception occurred:\n\nTraceback (most recent call last):\n  File \"<stdin>\", line 107, in <module>\n  File \"<stdin>\", line 99, in _ansiballz_main\n  F
ile \"<stdin>\", line 47, in invoke_module\n  File \"/usr/lib64/python3.9/runpy.py\", line 225, in run_module\n    return _run_module_code(code, init_globals, run_name, m
od_spec)\n  File \"/usr/lib64/python3.9/runpy.py\", line 97, in _run_module_code\n    _run_code(code, mod_globals, init_globals,\n  File \"/usr/lib64/python3.9/runpy.py\"
, line 87, in _run_code\n    exec(code, run_globals)\n  File \"/tmp/ansible_grafana.grafana.datasource_payload_0cii4595/ansible_grafana.grafana.datasource_payload.zip/ans
ible_collections/grafana/grafana/plugins/modules/datasource.py\", line 205, in <module>\n  File \"/tmp/ansible_grafana.grafana.datasource_payload_0cii4595/ansible_grafana
.grafana.datasource_payload.zip/ansible_collections/grafana/grafana/plugins/modules/datasource.py\", line 195, in main\n  File \"/tmp/ansible_grafana.grafana.datasource_p
ayload_0cii4595/ansible_grafana.grafana.datasource_payload.zip/ansible_collections/grafana/grafana/plugins/modules/datasource.py\", line 139, in present_datasource\n  Fil
e \"/usr/lib/python3.9/site-packages/requests/api.py\", line 119, in post\n    return request('post', url, data=data, json=json, **kwargs)\n  File \"/usr/lib/python3.9/si
te-packages/requests/api.py\", line 61, in request\n    return session.request(method=method, url=url, **kwargs)\n  File \"/usr/lib/python3.9/site-packages/requests/sessi
ons.py\", line 544, in request\n    resp = self.send(prep, **send_kwargs)\n  File \"/usr/lib/python3.9/site-packages/requests/sessions.py\", line 657, in send\n    r = ad
apter.send(request, **kwargs)\n  File \"/usr/lib/python3.9/site-packages/requests/adapters.py\", line 514, in send\n    raise SSLError(e, request=request)\nrequests.excep
tions.SSLError: HTTPSConnectionPool(host='192.168.122.14', port=3000): Max retries exceeded with url: /api/datasources (Caused by SSLError(SSLCertVerificationError(1, '[S
SL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')))\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee st
dout/stderr for the exact error", "rc": 1}                                      

[ishanjainn]

cc @gardar

[keithf4]

Just checking in on this to see if anything can possibly be done