Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: mTLS support #4171

Merged
merged 1 commit into from
Jun 11, 2024
Merged

feat: mTLS support #4171

merged 1 commit into from
Jun 11, 2024

Conversation

samypr100
Copy link
Collaborator

@samypr100 samypr100 commented Jun 9, 2024
edited
Loading

Summary

Closes #3626

This adds mTLS support to uv via the standard env var SSL_CLIENT_CERT.

Test Plan

Tested locally using a nginx proxy to pypi using my own self-signed ca + certs + client certs generated via mkcert. Used this proxy with both uv and pip to make sure we have feature partity in mTLS functionality.

@zanieb zanieb self-assigned this Jun 9, 2024
@zanieb zanieb self-requested a review June 9, 2024 16:16
@samypr100 samypr100 marked this pull request as ready for review June 9, 2024 16:21
@samypr100
Copy link
Collaborator Author

samypr100 commented Jun 9, 2024
edited
Loading

I didn't see --cert supported as a direct CLI option given we delegate SSL_CERT_FILE to upstream rust tls. Similarly this PR focuses on only supporting the client cert environment var.

I think we could explore support via config file in a future PR if it makes sense for uv to do so, thoughts?

@zanieb
Copy link
Member

zanieb commented Jun 9, 2024

Thanks for putting this up!

I think we could explore support via config file in a future PR if it makes sense for uv to do so, thoughts?

Totally fine with me to separate the implementation

zanieb
zanieb reviewed Jun 10, 2024
View reviewed changes
@zanieb zanieb added the enhancement New feature or improvement to existing functionality label Jun 10, 2024
@samypr100 samypr100 force-pushed the mutual-tls branch 3 times, most recently from f17b828 to a48b9a1 Compare June 10, 2024 23:27
@zanieb zanieb merged commit 68abf85 into astral-sh:main Jun 11, 2024
47 checks passed
@samypr100 samypr100 deleted the mutual-tls branch June 11, 2024 04:56
@samypr100 samypr100 mentioned this pull request Aug 25, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zanieb zanieb zanieb approved these changes

Assignees

@zanieb zanieb

Labels
enhancement New feature or improvement to existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

mTLS Support?
2 participants
@samypr100 @zanieb