Optionally disable SSL cert checking (#78)
This behavior is controlled by an environment variable named LOCAL_DEV. When this is set to "True", then SSL checking is disabled. The default set in the Dockerfile (for added safety) is "False".
diff --git a/Dockerfile b/Dockerfile
index de2d500..5c6e434 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -25,7 +25,10 @@
RUN pip install gevent==1.1.2 flask==0.11.1 confluent-kafka==0.9.2 \
requests==2.10.0 cloudant==2.1.0 psutil==5.0.0
+# while I expect these will be overridden during deployment, we might as well
+# set reasonable defaults
ENV PORT 5000
+ENV LOCAL_DEV False
RUN mkdir -p /KafkaFeedProvider
ADD provider/*.py /KafkaFeedProvider/
diff --git a/provider/app.py b/provider/app.py
index 1715108..3b106dd 100644
--- a/provider/app.py
+++ b/provider/app.py
@@ -68,7 +68,7 @@
response.status_code = 409
else:
logging.info("[{}] Ensuring user has access rights to post a trigger".format(triggerFQN))
- trigger_get_response = requests.get(body["triggerURL"])
+ trigger_get_response = requests.get(body["triggerURL"], verify=check_ssl)
trigger_get_status_code = trigger_get_response.status_code
logging.info("[{}] Repsonse status code from trigger authorization {}".format(triggerFQN,
trigger_get_status_code))
@@ -193,6 +193,11 @@
fh.setFormatter(formatter)
logger.addHandler(fh)
+ local_dev = os.getenv('LOCAL_DEV', 'False')
+ logging.debug('LOCAL_DEV is {} {}'.format(local_dev, type(local_dev)))
+ check_ssl = (local_dev == 'False')
+ logging.debug('check_ssl is {} {}'.format(check_ssl, type(check_ssl)))
+
database.migrate()
TheDoctor(consumers).start()
diff --git a/provider/consumer.py b/provider/consumer.py
index cf79a22..96df8b7 100644
--- a/provider/consumer.py
+++ b/provider/consumer.py
@@ -14,6 +14,7 @@
import json
import logging
+import os
import requests
import time
@@ -24,6 +25,8 @@
from datetime import datetime
from threading import Thread, Lock
+local_dev = os.getenv('LOCAL_DEV', 'False')
+check_ssl = (local_dev == 'False')
class Consumer:
class State:
@@ -300,7 +303,7 @@
while retry:
try:
- response = requests.post(self.triggerURL, json=payload, timeout=10.0)
+ response = requests.post(self.triggerURL, json=payload, timeout=10.0, verify=check_ssl)
status_code = response.status_code
logging.info("[{}] Repsonse status code {}".format(self.trigger, status_code))