Commit a2cda5d6 authored by Patrick Godwin's avatar Patrick Godwin
Browse files

influx.py: finer control over checking SSL certs, clean up various conditions for setting up client

parent 170346f6
Pipeline #156488 failed with stages
in 5 minutes and 1 second
......@@ -36,9 +36,6 @@ try:
urllib3.contrib.pyopenssl.inject_into_urllib3()
except ImportError:
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
check_certs=False
else:
check_certs=True
#-------------------------------------------------
### templates
......@@ -65,25 +62,28 @@ class Aggregator(object):
whether to use auth credentials, defaults to False
https : `bool`
whether to connect via HTTPS, defaults to False
check_certs : `bool`
whether to check SSL certificates, defaults to True
reduce_dt : `int`
how often to reduce data for lower dt + aggregated timeseries, defaults to 300s
reduce_across_tags : `bool`
whether to create timeseries that are aggregated across tags, defaults to True
"""
def __init__(self, hostname='localhost', port=8086, db='mydb', auth=False, https=False, reduce_dt=300, reduce_across_tags=True, **kwargs):
def __init__(self, hostname='localhost', port=8086, db='mydb', auth=False, https=False, check_certs=True, reduce_dt=300, reduce_across_tags=True, **kwargs):
self.hostname = hostname
self.port = port
self.db = db
self.auth = auth
self.https = https
self.check_certs = check_certs
### reduction options
self.reduce_dt = reduce_dt
self.reduce_across_tags = reduce_across_tags
### set up client and database
self.client = create_client(host=self.hostname, port=self.port, auth=self.auth, https=self.https)
self.client = create_client(host=self.hostname, port=self.port, auth=self.auth, https=self.https, check_certs=self.check_certs)
set_up_database(self.client, self.db)
### track reduced data to process
......@@ -542,17 +542,20 @@ class Consumer(object):
whether to use auth credentials, defaults to False
https : `bool`
whether to connect via HTTPS, defaults to False
check_certs : `bool`
whether to check SSL certificates, defaults to True
"""
def __init__(self, hostname='localhost', port=8086, db='mydb', auth=False, https=False, **kwargs):
def __init__(self, hostname='localhost', port=8086, db='mydb', auth=False, https=False, check_certs=True, **kwargs):
self.hostname = hostname
self.port = port
self.db = db
self.auth = auth
self.https = https
self.check_certs = check_certs
### set up client
self.client = create_client(host=self.hostname, port=self.port, auth=self.auth, https=self.https)
self.client = create_client(host=self.hostname, port=self.port, auth=self.auth, https=self.https, check_certs=self.check_certs)
### set up structure to store schemas
self.schema = {}
......@@ -1135,7 +1138,7 @@ def create_database(client, db):
client.request('POST', '/query?{}'.format(params), headers=headers)
def create_client(host='localhost', port=8086, auth=False, https=False):
def create_client(host='localhost', port=8086, auth=False, https=False, check_certs=True):
### add basic auth if requested
if auth:
user = os.getenv('INFLUX_USERNAME')
......@@ -1161,17 +1164,15 @@ def create_client(host='localhost', port=8086, auth=False, https=False):
if https and check_certs:
if 'SCALD_SSL_CA_CERT' in os.environ:
return urllib3.HTTPSConnectionPool(host, port=port, maxsize=10, block=True, headers=headers,
cert_reqs='CERT_REQUIRED', ca_certs=os.environ.get('SCALD_SSL_CA_CERT'))
ca_certs = os.environ.get('SCALD_SSL_CA_CERT')
else:
return urllib3.HTTPSConnectionPool(host, port=port, maxsize=10, block=True, headers=headers,
cert_reqs='CERT_REQUIRED', ca_certs=certifi.where())
ca_certs = certifi.where()
return urllib3.HTTPSConnectionPool(
host, port=port, maxsize=10, block=True, headers=headers,
cert_reqs='CERT_REQUIRED', ca_certs=ca_certs
)
elif https:
if 'SCALD_SSL_CA_CERT' in os.environ:
return urllib3.HTTPSConnectionPool(host, port=port, maxsize=10, block=True, headers=headers,
cert_reqs='CERT_REQUIRED', ca_certs=os.environ.get('SCALD_SSL_CA_CERT'))
else:
return urllib3.HTTPSConnectionPool(host, port=port, maxsize=10, block=True, headers=headers, cert_reqs='CERT_NONE')
return urllib3.HTTPSConnectionPool(host, port=port, maxsize=10, block=True, headers=headers, cert_reqs='CERT_NONE')
else:
return urllib3.HTTPConnectionPool(host, port=port, maxsize=10, block=True, headers=headers)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment