webkitpy: Use apple_additions certificate path if available
authorjbedard@apple.com <jbedard@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 7 May 2020 20:15:58 +0000 (20:15 +0000)
committerjbedard@apple.com <jbedard@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 7 May 2020 20:15:58 +0000 (20:15 +0000)
https://bugs.webkit.org/show_bug.cgi?id=211584

Rubber-stamped by Aakash Jain

* Scripts/webkitpy/results/upload.py:
(Upload):
(Upload.certificate_chain): Certificate chain to be used, prefer apple_additions
over certifi.
(Upload.upload): Use Upload.certificate_chain().
(Upload.upload_archive): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@261332 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Tools/ChangeLog
Tools/Scripts/webkitpy/results/upload.py

index 76e8fab..c29c892 100644 (file)
@@ -1,3 +1,17 @@
+2020-05-07  Jonathan Bedard  <jbedard@apple.com>
+
+        webkitpy: Use apple_additions certificate path if available
+        https://bugs.webkit.org/show_bug.cgi?id=211584
+
+        Rubber-stamped by Aakash Jain
+
+        * Scripts/webkitpy/results/upload.py:
+        (Upload):
+        (Upload.certificate_chain): Certificate chain to be used, prefer apple_additions
+        over certifi.
+        (Upload.upload): Use Upload.certificate_chain().
+        (Upload.upload_archive): Ditto.
+
 2020-05-07  Commit Queue  <commit-queue@webkit.org>
 
         Unreviewed, reverting r260959.
index b069862..cdb090f 100644 (file)
@@ -21,6 +21,7 @@
 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 import webkitpy.thirdparty.autoinstalled.requests
+from webkitpy.port.config import apple_additions
 
 import math
 import os
@@ -176,6 +177,14 @@ class Upload(object):
         result.update({key: value for key, value in optional_data.items() if value is not None})
         return result
 
+    @staticmethod
+    def certificate_chain():
+        if apple_additions() and getattr(apple_additions(), 'certificate_chain', False):
+            return apple_additions().certificate_chain()
+
+        import certifi
+        return certifi.where()
+
     def upload(self, hostname, log_line_func=lambda val: sys.stdout.write(val + '\n')):
         try:
             data = Upload.Encoder().default(self)
@@ -185,6 +194,7 @@ class Upload(object):
                 '{}{}'.format(hostname, self.UPLOAD_ENDPOINT),
                 headers={'Content-type': 'application/json'},
                 data=json.dumps(data),
+                verify=Upload.certificate_chain(),
             )
         except requests.exceptions.ConnectionError:
             log_line_func(' ' * 4 + 'Failed to upload to {}, results server not online'.format(hostname))
@@ -222,6 +232,7 @@ class Upload(object):
                 '{}{}'.format(hostname, self.ARCHIVE_UPLOAD_ENDPOINT),
                 data=meta_data,
                 files=dict(file=archive),
+                verify=Upload.certificate_chain(),
             )
 
         except requests.exceptions.ConnectionError: