Closed
Bug 1390946
Opened 7 years ago
Closed 6 years ago
Switch puppet to use https for pypi
Categories
(Infrastructure & Operations :: RelOps: Puppet, task)
Infrastructure & Operations
RelOps: Puppet
Tracking
(Not tracked)
RESOLVED
INCOMPLETE
People
(Reporter: dhouse, Assigned: dhouse)
References
Details
Attachments
(2 files)
1.23 KB,
patch
|
dhouse
:
review-
|
Details | Diff | Splinter Review |
633 bytes,
patch
|
dhouse
:
review-
|
Details | Diff | Splinter Review |
We can switch to using https for all pypi index use from puppet: pypi.pvt.build.mozilla.org maybe also for the pypi index use from the puppet masters?
Assignee: relops → dhouse
Attachment #8897917 -
Flags: review?(jwatkins)
Attachment #8897917 -
Flags: review?(dcrisan)
Attachment #8897918 -
Flags: review?(jwatkins)
Attachment #8897918 -
Flags: review?(dcrisan)
Attachment #8897917 -
Flags: review?(jwatkins)
Attachment #8897917 -
Flags: review?(dcrisan)
Attachment #8897918 -
Flags: review?(jwatkins)
Attachment #8897918 -
Flags: review?(dcrisan)
I tested a pip install with these changes and it does not work: ``` Getting page https://pypi.pvt.build.mozilla.org/pub Could not fetch URL https://pypi.pvt.build.mozilla.org/pub: connection error: HTTPSConnectionPool(host='pypi.pvt.build.mozilla.org', port=443): Max retries exceeded with url: /pub (Caused by <class 'socket.error'>: [Errno 61] Connection refused) Will skip URL https://pypi.pvt.build.mozilla.org/pub when looking for download links for gevent==0.13.6 Getting page https://pypi.pub.build.mozilla.org/pub Could not fetch URL https://pypi.pub.build.mozilla.org/pub: connection error: hostname 'pypi.pub.build.mozilla.org' doesn't match 'secure.pub.build.mozilla.org' Will skip URL https://pypi.pub.build.mozilla.org/pub when looking for download links for gevent==0.13.6 Getting page https://releng-puppet1.srv.releng.mdc1.mozilla.com/python/packages Could not fetch URL https://releng-puppet1.srv.releng.mdc1.mozilla.com/python/packages: connection error: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Will skip URL https://releng-puppet1.srv.releng.mdc1.mozilla.com/python/packages when looking for download links for gevent==0.13.6 Getting page https://releng-puppet2.srv.releng.mdc1.mozilla.com/python/packages Could not fetch URL https://releng-puppet2.srv.releng.mdc1.mozilla.com/python/packages: connection error: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Will skip URL https://releng-puppet2.srv.releng.mdc1.mozilla.com/python/packages when looking for download links for gevent==0.13.6 Getting page https://releng-puppet2.srv.releng.scl3.mozilla.com/python/packages Could not fetch URL https://releng-puppet2.srv.releng.scl3.mozilla.com/python/packages: connection error: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Will skip URL https://releng-puppet2.srv.releng.scl3.mozilla.com/python/packages when looking for download links for gevent==0.13.6 Getting page https://releng-puppet1.srv.releng.use1.mozilla.com/python/packages Could not fetch URL https://releng-puppet1.srv.releng.use1.mozilla.com/python/packages: connection error: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Will skip URL https://releng-puppet1.srv.releng.use1.mozilla.com/python/packages when looking for download links for gevent==0.13.6 Getting page https://releng-puppet1.srv.releng.scl3.mozilla.com/python/packages Could not fetch URL https://releng-puppet1.srv.releng.scl3.mozilla.com/python/packages: connection error: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Will skip URL https://releng-puppet1.srv.releng.scl3.mozilla.com/python/packages when looking for download links for gevent==0.13.6 Getting page https://releng-puppet1.srv.releng.usw2.mozilla.com/python/packages Could not fetch URL https://releng-puppet1.srv.releng.usw2.mozilla.com/python/packages: connection error: [Errno 1] _ssl.c:504: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Will skip URL https://releng-puppet1.srv.releng.usw2.mozilla.com/python/packages when looking for download links for gevent==0.13.6 ```
Attachment #8897917 -
Flags: review-
Attachment #8897918 -
Flags: review-
Updated•7 years ago
|
This was fixed instead through bug 1463592 ``` diff --git a/manifests/moco-config.pp b/manifests/moco-config.pp index 7ec0f6d9..ed51ad76 100644 --- a/manifests/moco-config.pp +++ b/manifests/moco-config.pp @@ -127,7 +127,7 @@ class config inherits config::base { # connection $puppetmaster_cert_extra_names = [$apt_repo_server] - $user_python_repositories = [ 'http://pypi.pvt.build.mozilla.org/pub', 'http://pypi.pub.build.mozilla.org/pub' ] + $user_python_repositories = [ 'https://pypi.pvt.build.mozilla.org/pub', 'https://pypi.pub.build.mozilla.org/pub' ] # Releng hosts are 'medium' by default. Slaves are specifically overridden # with the 'low' level, and some others are flagged as 'high' or 'maximum'. ```
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → INCOMPLETE
You need to log in
before you can comment on or make changes to this bug.
Description
•