From 516b90c5e1b11d8528ca4008523e148d2346e140 Mon Sep 17 00:00:00 2001 From: Dayan Graham Date: Wed, 22 Mar 2023 16:29:53 +0000 Subject: [PATCH 1/2] (feat): Chalice - Allow option to set ssl verification to false for the Chalice API --- api/chalicelib/utils/s3.py | 6 ++++-- api/env.default | 1 + ee/api/env.default | 1 + 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/api/chalicelib/utils/s3.py b/api/chalicelib/utils/s3.py index 366a5d181..8a2369647 100644 --- a/api/chalicelib/utils/s3.py +++ b/api/chalicelib/utils/s3.py @@ -16,7 +16,8 @@ else: aws_access_key_id=config("S3_KEY"), aws_secret_access_key=config("S3_SECRET"), config=Config(signature_version='s3v4'), - region_name=config("sessions_region")) + region_name=config("sessions_region"), + verify=(False if config("S3_DISABLE_SSL_VERIFY") else True)) def __get_s3_resource(): @@ -26,7 +27,8 @@ def __get_s3_resource(): aws_access_key_id=config("S3_KEY"), aws_secret_access_key=config("S3_SECRET"), config=Config(signature_version='s3v4'), - region_name=config("sessions_region")) + region_name=config("sessions_region"), + verify=(False if config("S3_DISABLE_SSL_VERIFY") else True)) def exists(bucket, key): diff --git a/api/env.default b/api/env.default index 78acd001c..6fc4752ad 100644 --- a/api/env.default +++ b/api/env.default @@ -10,6 +10,7 @@ EMAIL_USE_TLS=true S3_HOST= S3_KEY= S3_SECRET= +S3_DISABLE_SSL_VERIFY= SITE_URL= announcement_url= captcha_key= diff --git a/ee/api/env.default b/ee/api/env.default index cdbc3d256..075b53eca 100644 --- a/ee/api/env.default +++ b/ee/api/env.default @@ -11,6 +11,7 @@ LICENSE_KEY= S3_HOST= S3_KEY= S3_SECRET= +S3_DISABLE_SSL_VERIFY= SAML2_MD_URL= SITE_URL= announcement_url= From 8ed2ca7792e56e41527e1cfdfb3ae9cbbe741229 Mon Sep 17 00:00:00 2001 From: Dayan Graham Date: Mon, 27 Mar 2023 16:55:25 +0000 Subject: [PATCH 2/2] (feat): chalice - S3_DISABLE_SSL_VERIFY cast bool --- api/chalicelib/utils/s3.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/api/chalicelib/utils/s3.py b/api/chalicelib/utils/s3.py index 8a2369647..655628602 100644 --- a/api/chalicelib/utils/s3.py +++ b/api/chalicelib/utils/s3.py @@ -17,7 +17,7 @@ else: aws_secret_access_key=config("S3_SECRET"), config=Config(signature_version='s3v4'), region_name=config("sessions_region"), - verify=(False if config("S3_DISABLE_SSL_VERIFY") else True)) + verify=not config("S3_DISABLE_SSL_VERIFY", default=False, cast=bool)) def __get_s3_resource(): @@ -28,7 +28,7 @@ def __get_s3_resource(): aws_secret_access_key=config("S3_SECRET"), config=Config(signature_version='s3v4'), region_name=config("sessions_region"), - verify=(False if config("S3_DISABLE_SSL_VERIFY") else True)) + verify=not config("S3_DISABLE_SSL_VERIFY", default=False, cast=bool)) def exists(bucket, key): @@ -83,7 +83,8 @@ def get_presigned_url_for_upload_secure(bucket, expires_in, key, conditions=None Conditions=conditions, ) req = PreparedRequest() - req.prepare_url(f"{url_parts['url']}/{url_parts['fields']['key']}", url_parts['fields']) + req.prepare_url( + f"{url_parts['url']}/{url_parts['fields']['key']}", url_parts['fields']) return req.url @@ -103,7 +104,8 @@ def get_file(source_bucket, source_key): def rename(source_bucket, source_key, target_bucket, target_key): s3 = __get_s3_resource() - s3.Object(target_bucket, target_key).copy_from(CopySource=f'{source_bucket}/{source_key}') + s3.Object(target_bucket, target_key).copy_from( + CopySource=f'{source_bucket}/{source_key}') s3.Object(source_bucket, source_key).delete()