Certs are not passed when checking for signature extentions during sync #1552
Assignees
Labels
Comments
ipanova
added a commit
to ipanova/pulp_container
that referenced
this issue
Mar 15, 2024
…ions API during sync closes pulp#1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check.
github-project-automation
bot
moved this from In Progress
to Done
in Pulp Container Roadmap
patchback bot
pushed a commit
that referenced
this issue
Mar 15, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
patchback bot
pushed a commit
that referenced
this issue
Mar 15, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
lubosmj
pushed a commit
that referenced
this issue
Mar 15, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
patchback bot
pushed a commit
that referenced
this issue
Mar 15, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
lubosmj
pushed a commit
that referenced
this issue
Mar 15, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
lubosmj
pushed a commit
that referenced
this issue
Mar 15, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
lubosmj
pushed a commit
that referenced
this issue
Mar 15, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
lubosmj
pushed a commit
that referenced
this issue
Mar 15, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
mdellweg
pushed a commit
that referenced
this issue
Dec 4, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
mdellweg
pushed a commit
that referenced
this issue
Dec 4, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
mdellweg
pushed a commit
that referenced
this issue
Dec 4, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
mdellweg
pushed a commit
that referenced
this issue
Dec 4, 2024
…ions API during sync closes #1552 In sync we are checking whether the remot registry implrementations signsture extentions API. We need to pass respective remote tls and certs config if they were provided, hence no need to override core's ``_make_aiohttp_session_from_remote`` and use it directly from core. We do not need to pass auth since we care only about response headers that we check. (cherry picked from commit 03c1923)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Version
main and older
Describe the bug
{"traceback": " File "/usr/lib/python3.9/site-packages/pulpcore/tasking/pulpcore_worker.py", line 450, in _perform_task
result = func(*args, **kwargs)
File "/usr/lib/python3.9/site-packages/pulp_container/app/tasks/synchronize.py", line 41, in synchronize
return dv.create()
File "/usr/lib/python3.9/site-packages/pulpcore/plugin/stages/declarative_version.py", line 161, in create
loop.run_until_complete(pipeline)
File "/usr/lib64/python3.9/asyncio/base_events.py", line 647, in run_until_complete
return future.result()
File "/usr/lib/python3.9/site-packages/pulpcore/plugin/stages/api.py", line 225, in create_pipeline
await asyncio.gather(*futures)
File "/usr/lib/python3.9/site-packages/pulpcore/plugin/stages/api.py", line 43, in call
await self.run()
File "/usr/lib/python3.9/site-packages/pulp_container/app/tasks/sync_stages.py", line 81, in run
signature_source = await self.get_signature_source()
File "/usr/lib/python3.9/site-packages/pulp_container/app/tasks/sync_stages.py", line 221, in get_signature_source
result = await extension_check_downloader.run()
File "/usr/lib/python3.9/site-packages/pulpcore/download/http.py", line 273, in run
return await download_wrapper()
File "/usr/lib/python3.9/site-packages/backoff/_async.py", line 151, in retry
ret = await target(*args, **kwargs)
File "/usr/lib/python3.9/site-packages/pulpcore/download/http.py", line 258, in download_wrapper
return await self._run(extra_data=extra_data)
File "/usr/lib/python3.9/site-packages/pulpcore/download/http.py", line 291, in _run
async with self.session.get(
File "/usr/lib64/python3.9/site-packages/aiohttp/client.py", line 1141, in aenter
self._resp = await self._coro
File "/usr/lib64/python3.9/site-packages/aiohttp/client.py", line 536, in _request
conn = await self._connector.connect(
File "/usr/lib64/python3.9/site-packages/aiohttp/connector.py", line 540, in connect
proto = await self._create_connection(req, traces, timeout)
File "/usr/lib64/python3.9/site-packages/aiohttp/connector.py", line 901, in _create_connection
_, proto = await self._create_direct_connection(req, traces, timeout)
File "/usr/lib64/python3.9/site-packages/aiohttp/connector.py", line 1206, in _create_direct_connection
raise last_exc
File "/usr/lib64/python3.9/site-packages/aiohttp/connector.py", line 1175, in _create_direct_connection
transp, proto = await self._wrap_create_connection(
File "/usr/lib64/python3.9/site-packages/aiohttp/connector.py", line 982, in _wrap_create_connection
raise ClientConnectorCertificateError(req.connection_key, exc) from exc
", "description": "Cannot connect to host registry.tts-trax.com:443 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)')]"}
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A clear and concise description of what you expected to happen.
Additional context
Add any other context about the problem here. Please provide links to any previous discussions via Discourse or Bugzilla.
The text was updated successfully, but these errors were encountered: