Skip to content

Commit 637168d

Browse files
committed
Support ca_cert option for downloads
1 parent 08e2e62 commit 637168d

2 files changed

Lines changed: 55 additions & 24 deletions

File tree

automation/utils.py

Lines changed: 39 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -188,40 +188,57 @@ def download_file(i):
188188
else:
189189
verify = is_true(i.get('verify_ssl', True))
190190

191+
# Support custom CA file via MLC_SSL_CA_FILE
192+
ca_file = os.environ.get('MLC_SSL_CA_FILE', i.get('ssl_ca_file', ''))
193+
if ca_file and os.path.isfile(ca_file):
194+
verify = ca_file
195+
191196
try:
192-
with requests.get(url, stream=True, allow_redirects=True, verify=verify) as download:
197+
try:
198+
download = requests.get(url, stream=True, allow_redirects=True, verify=verify)
193199
download.raise_for_status()
200+
except requests.exceptions.SSLError as ssl_err:
201+
if verify is not False:
202+
print(f"WARNING: SSL verification failed: {ssl_err}")
203+
print("Retrying without SSL verification...")
204+
download = requests.get(url, stream=True, allow_redirects=True, verify=False)
205+
download.raise_for_status()
206+
else:
207+
raise
194208

195-
size_string = download.headers.get('Content-Length')
196-
197-
if size_string is None:
198-
transfer_encoding = download.headers.get(
199-
'Transfer-Encoding', '')
200-
if transfer_encoding != 'chunked':
201-
return {'return': 1, 'error': 'did not receive file'}
202-
else:
203-
size_string = "0"
209+
size_string = download.headers.get('Content-Length')
204210

205-
size = int(size_string)
211+
if size_string is None:
212+
transfer_encoding = download.headers.get(
213+
'Transfer-Encoding', '')
214+
if transfer_encoding != 'chunked':
215+
return {'return': 1, 'error': 'did not receive file'}
216+
else:
217+
size_string = "0"
206218

207-
with open(path_to_file, 'wb') as output:
208-
for chunk in download.iter_content(chunk_size=chunk_size):
219+
size = int(size_string)
209220

210-
if chunk:
211-
output.write(chunk)
212-
if size == 0:
213-
continue
214-
downloaded += 1
215-
percent = downloaded * chunk_size * 100 / size
221+
with open(path_to_file, 'wb') as output:
222+
for chunk in download.iter_content(chunk_size=chunk_size):
216223

217-
sys.stdout.write("\r{}{:3.0f}%".format(text, percent))
218-
sys.stdout.flush()
224+
if chunk:
225+
output.write(chunk)
226+
if size == 0:
227+
continue
228+
downloaded += 1
229+
percent = downloaded * chunk_size * 100 / size
219230

220-
sys.stdout.write("\r{}{:3.0f}%".format(text, 100))
231+
sys.stdout.write("\r{}{:3.0f}%".format(text, percent))
221232
sys.stdout.flush()
222233

234+
sys.stdout.write("\r{}{:3.0f}%".format(text, 100))
235+
sys.stdout.flush()
236+
223237
except Exception as e:
224238
return {'return': 1, 'error': format(e)}
239+
finally:
240+
if 'download' in dir():
241+
download.close()
225242

226243
print('')
227244
if size == 0:

script/download-file/customize.py

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -92,6 +92,13 @@ def preprocess(i):
9292
else:
9393
verify_ssl = True
9494

95+
# Support custom CA file via MLC_SSL_CA_FILE
96+
ca_file = env.get('MLC_SSL_CA_FILE', '')
97+
if ca_file and os.path.isfile(ca_file):
98+
ssl_ca_file = ca_file
99+
else:
100+
ssl_ca_file = ''
101+
95102
if env.get('MLC_DOWNLOAD_PATH', '') != '':
96103
download_path = env['MLC_DOWNLOAD_PATH']
97104
if os.path.isfile(download_path):
@@ -186,7 +193,8 @@ def preprocess(i):
186193
for i in range(1, 5):
187194
r = download_file({
188195
'url': url,
189-
'verify': verify_ssl})
196+
'verify': verify_ssl,
197+
'ssl_ca_file': ssl_ca_file})
190198
if r['return'] == 0:
191199
download_success = True
192200
break
@@ -213,7 +221,9 @@ def preprocess(i):
213221
elif tool == "wget":
214222
if env.get('MLC_DOWNLOAD_FILENAME', '') != '':
215223
extra_download_options += f" --tries=3 -O {q}{env['MLC_DOWNLOAD_FILENAME']}{q} "
216-
if not verify_ssl:
224+
if ssl_ca_file:
225+
extra_download_options += f" --ca-certificate={q}{ssl_ca_file}{q} "
226+
elif not verify_ssl:
217227
extra_download_options += " --no-check-certificate "
218228
env['MLC_DOWNLOAD_CMD'] = f"wget -nc {extra_download_options} {url}"
219229
for i in range(1, 5):
@@ -238,6 +248,10 @@ def preprocess(i):
238248
env['MLC_DOWNLOAD_CMD'] += f" -d {q}{os.path.join(os.getcwd(), temp_download_file)}{q} {extra_download_options} {url}"
239249

240250
elif tool == "curl":
251+
if ssl_ca_file:
252+
extra_download_options += f" --cacert {q}{ssl_ca_file}{q} "
253+
elif not verify_ssl:
254+
extra_download_options += " -k "
241255
if env.get('MLC_DOWNLOAD_FILENAME', '') != '':
242256
extra_download_options += f" --output {q}{env['MLC_DOWNLOAD_FILENAME']}{q} "
243257

0 commit comments

Comments
 (0)