From 88727a2de6f8c10f7733086600946f163fc94c85 Mon Sep 17 00:00:00 2001 From: Michiel De Smet Date: Fri, 1 Nov 2024 11:45:39 +0800 Subject: [PATCH] Set SSL verification default to True --- .../Under the Hood-20241103-212520.yaml | 7 +++++++ dbt/adapters/trino/connections.py | 16 ++++++++-------- .../adapter/test_insecure_warnings.py | 18 ++++++++++++++++++ 3 files changed, 33 insertions(+), 8 deletions(-) create mode 100644 .changes/unreleased/Under the Hood-20241103-212520.yaml create mode 100644 tests/functional/adapter/test_insecure_warnings.py diff --git a/.changes/unreleased/Under the Hood-20241103-212520.yaml b/.changes/unreleased/Under the Hood-20241103-212520.yaml new file mode 100644 index 00000000..c4f461ba --- /dev/null +++ b/.changes/unreleased/Under the Hood-20241103-212520.yaml @@ -0,0 +1,7 @@ +kind: Under the Hood +body: Enable SSL verification by default +time: 2024-11-03T21:25:20.671327+08:00 +custom: + Author: mdesmet + Issue: "441" + PR: "442" diff --git a/dbt/adapters/trino/connections.py b/dbt/adapters/trino/connections.py index f2d49ad9..afe8a14f 100644 --- a/dbt/adapters/trino/connections.py +++ b/dbt/adapters/trino/connections.py @@ -6,7 +6,7 @@ from dataclasses import dataclass, field from datetime import date, datetime from enum import Enum -from typing import Any, Dict, List, Optional +from typing import Any, Dict, List, Optional, Union import sqlparse import trino @@ -99,7 +99,7 @@ class TrinoNoneCredentials(TrinoCredentials): user: str client_tags: Optional[List[str]] = None roles: Optional[Dict[str, str]] = None - cert: Optional[str] = None + cert: Optional[Union[str, bool]] = True http_scheme: HttpScheme = HttpScheme.HTTP http_headers: Optional[Dict[str, str]] = None session_properties: Dict[str, Any] = field(default_factory=dict) @@ -124,7 +124,7 @@ class TrinoCertificateCredentials(TrinoCredentials): user: Optional[str] = None client_tags: Optional[List[str]] = None roles: Optional[Dict[str, str]] = None - cert: Optional[str] = None + cert: Optional[Union[str, bool]] = True http_headers: Optional[Dict[str, str]] = None session_properties: Dict[str, Any] = field(default_factory=dict) prepared_statements_enabled: bool = PREPARED_STATEMENTS_ENABLED_DEFAULT @@ -154,7 +154,7 @@ class TrinoLdapCredentials(TrinoCredentials): impersonation_user: Optional[str] = None client_tags: Optional[List[str]] = None roles: Optional[Dict[str, str]] = None - cert: Optional[str] = None + cert: Optional[Union[str, bool]] = True http_headers: Optional[Dict[str, str]] = None session_properties: Dict[str, Any] = field(default_factory=dict) prepared_statements_enabled: bool = PREPARED_STATEMENTS_ENABLED_DEFAULT @@ -185,7 +185,7 @@ class TrinoKerberosCredentials(TrinoCredentials): krb5_config: Optional[str] = None service_name: Optional[str] = "trino" mutual_authentication: Optional[bool] = False - cert: Optional[str] = None + cert: Optional[Union[str, bool]] = True http_headers: Optional[Dict[str, str]] = None force_preemptive: Optional[bool] = False hostname_override: Optional[str] = None @@ -227,7 +227,7 @@ class TrinoJwtCredentials(TrinoCredentials): user: Optional[str] = None client_tags: Optional[List[str]] = None roles: Optional[Dict[str, str]] = None - cert: Optional[str] = None + cert: Optional[Union[str, bool]] = True http_headers: Optional[Dict[str, str]] = None session_properties: Dict[str, Any] = field(default_factory=dict) prepared_statements_enabled: bool = PREPARED_STATEMENTS_ENABLED_DEFAULT @@ -253,7 +253,7 @@ class TrinoOauthCredentials(TrinoCredentials): user: Optional[str] = None client_tags: Optional[List[str]] = None roles: Optional[Dict[str, str]] = None - cert: Optional[str] = None + cert: Optional[Union[str, bool]] = True http_headers: Optional[Dict[str, str]] = None session_properties: Dict[str, Any] = field(default_factory=dict) prepared_statements_enabled: bool = PREPARED_STATEMENTS_ENABLED_DEFAULT @@ -282,7 +282,7 @@ class TrinoOauthConsoleCredentials(TrinoCredentials): user: Optional[str] = None client_tags: Optional[List[str]] = None roles: Optional[Dict[str, str]] = None - cert: Optional[str] = None + cert: Optional[Union[str, bool]] = True http_headers: Optional[Dict[str, str]] = None session_properties: Dict[str, Any] = field(default_factory=dict) prepared_statements_enabled: bool = PREPARED_STATEMENTS_ENABLED_DEFAULT diff --git a/tests/functional/adapter/test_insecure_warnings.py b/tests/functional/adapter/test_insecure_warnings.py new file mode 100644 index 00000000..f35ac554 --- /dev/null +++ b/tests/functional/adapter/test_insecure_warnings.py @@ -0,0 +1,18 @@ +import warnings + +import pytest +from dbt.tests.util import run_dbt +from urllib3.exceptions import InsecureRequestWarning + + +@pytest.mark.skip_profile("trino_starburst") +class TestInsecureWarnings: + def test_table_properties(self, project): + with warnings.catch_warnings(record=True) as w: + dbt_args = ["show", "--inline", "select 1"] + run_dbt(dbt_args) + + # Check if not any InsecureRequestWarning was raised + assert not any( + issubclass(warning.category, InsecureRequestWarning) for warning in w + ), "InsecureRequestWarning was not raised"