Fix SSL shenanigans with a hack to allow the user to specify the CA bundle file
This commit is contained in:
parent
1a6dcdeb78
commit
e665ba79d7
@ -4,6 +4,8 @@ import giteapy
|
|||||||
import logging
|
import logging
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
|
import certifi
|
||||||
|
|
||||||
|
|
||||||
class Migrator:
|
class Migrator:
|
||||||
|
|
||||||
@ -101,6 +103,15 @@ class Migrator:
|
|||||||
|
|
||||||
self.__verify_ssl = b
|
self.__verify_ssl = b
|
||||||
|
|
||||||
|
def set_ca_bundle(self, bundle_path: str):
|
||||||
|
|
||||||
|
self.__logger.info("Setting certificate bundle path")
|
||||||
|
|
||||||
|
# Hacky but oh well
|
||||||
|
self.__logger.info(f"Old path: {certifi.where()}")
|
||||||
|
certifi.core._CACERT_PATH = bundle_path
|
||||||
|
self.__logger.info(f"New path: {certifi.where()}")
|
||||||
|
|
||||||
def migrate_entire_org(
|
def migrate_entire_org(
|
||||||
self,
|
self,
|
||||||
interactive: bool = True,
|
interactive: bool = True,
|
||||||
@ -118,6 +129,9 @@ class Migrator:
|
|||||||
api_source: giteapy.OrganizationApi
|
api_source: giteapy.OrganizationApi
|
||||||
api_destination: giteapy.OrganizationApi
|
api_destination: giteapy.OrganizationApi
|
||||||
|
|
||||||
|
# Tattle on certify
|
||||||
|
self.__logger.info(f"Certifi is currently using CA bundle: {certifi.where()}")
|
||||||
|
|
||||||
# Grab all org repos
|
# Grab all org repos
|
||||||
source_repos = self._fetch_all_org_repos(org=source_org)
|
source_repos = self._fetch_all_org_repos(org=source_org)
|
||||||
self.__logger.info(f"Found {len(source_repos)} repos on source:")
|
self.__logger.info(f"Found {len(source_repos)} repos on source:")
|
||||||
|
15
main.py
15
main.py
@ -23,7 +23,7 @@ def main():
|
|||||||
dest="source_port",
|
dest="source_port",
|
||||||
required=False,
|
required=False,
|
||||||
default=None,
|
default=None,
|
||||||
help="Port of the source server"
|
help="Port of the source server. Requests will use https (not ssh), so you probably don't want to change this."
|
||||||
)
|
)
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
"--source-token",
|
"--source-token",
|
||||||
@ -57,7 +57,7 @@ def main():
|
|||||||
dest="destination_port",
|
dest="destination_port",
|
||||||
required=False,
|
required=False,
|
||||||
default=None,
|
default=None,
|
||||||
help="Port of the destination server"
|
help="Port of the destination server. Requests will use https (not ssh), so you probably don't want to change this."
|
||||||
)
|
)
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
"--destination-token", "--dest-token",
|
"--destination-token", "--dest-token",
|
||||||
@ -124,6 +124,13 @@ def main():
|
|||||||
help="Don't verify SSL certificates",
|
help="Don't verify SSL certificates",
|
||||||
)
|
)
|
||||||
|
|
||||||
|
parser.add_argument(
|
||||||
|
"--ca-bundle",
|
||||||
|
dest="ca_bundle",
|
||||||
|
default=None,
|
||||||
|
help="Specify the location of your system-wide CA Bundle, in case python is not using it."
|
||||||
|
)
|
||||||
|
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
mig = Migrator(
|
mig = Migrator(
|
||||||
source_host=args.source_hostname,
|
source_host=args.source_hostname,
|
||||||
@ -133,7 +140,11 @@ def main():
|
|||||||
destination_port=args.destination_port,
|
destination_port=args.destination_port,
|
||||||
destination_token=args.destination_token
|
destination_token=args.destination_token
|
||||||
)
|
)
|
||||||
|
|
||||||
mig.set_verify_ssl(args.verify_ssl)
|
mig.set_verify_ssl(args.verify_ssl)
|
||||||
|
if args.ca_bundle:
|
||||||
|
mig.set_ca_bundle(args.ca_bundle)
|
||||||
|
|
||||||
mig.migrate_entire_org(
|
mig.migrate_entire_org(
|
||||||
interactive=args.interactive,
|
interactive=args.interactive,
|
||||||
source_org=args.source_org,
|
source_org=args.source_org,
|
||||||
|
Loading…
Reference in New Issue
Block a user