)]}'
{"tripleo_common/image/image_uploader.py":[{"author":{"_account_id":3153,"name":"Emilien Macchi","email":"emilien@redhat.com","username":"emilienm"},"change_message_id":"4848c0d9e66aca274ac73485294ae13019fcc18e","unresolved":false,"context_lines":[{"line_number":932,"context_line":""},{"line_number":933,"context_line":"        source_session \u003d self.authenticate("},{"line_number":934,"context_line":"            t.source_image_url,"},{"line_number":935,"context_line":"            check_tls\u003d(t.pull_source not in self.insecure_registries))"},{"line_number":936,"context_line":""},{"line_number":937,"context_line":"        manifest_str \u003d self._fetch_manifest("},{"line_number":938,"context_line":"            t.source_image_url,"}],"source_content_type":"text/x-python","patch_set":3,"id":"9fdfeff1_602ace91","line":935,"range":{"start_line":935,"start_character":23,"end_line":935,"end_character":36},"updated":"2019-02-26 02:45:00.000000000","message":"I briefly tested it and it doesn\u0027t work for me. t.pull_secure is empty.","commit_id":"2a8c5f309eb0513edcaf5c6d322f6ef553004718"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"9685f38dea07e5e8fb3c7e74c932dd81e73679b3","unresolved":false,"context_lines":[{"line_number":932,"context_line":""},{"line_number":933,"context_line":"        source_session \u003d self.authenticate("},{"line_number":934,"context_line":"            t.source_image_url,"},{"line_number":935,"context_line":"            check_tls\u003d(t.pull_source not in self.insecure_registries))"},{"line_number":936,"context_line":""},{"line_number":937,"context_line":"        manifest_str \u003d self._fetch_manifest("},{"line_number":938,"context_line":"            t.source_image_url,"}],"source_content_type":"text/x-python","patch_set":3,"id":"9fdfeff1_abcf377d","line":935,"range":{"start_line":935,"start_character":23,"end_line":935,"end_character":36},"in_reply_to":"9fdfeff1_602ace91","updated":"2019-02-26 03:03:55.000000000","message":"I think this should be (t.source_image_url.netloc not in self.insecure_registries)","commit_id":"2a8c5f309eb0513edcaf5c6d322f6ef553004718"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"ed23668315af6eb5036f23850bfaacaeae59e24d","unresolved":false,"context_lines":[{"line_number":306,"context_line":"        else:"},{"line_number":307,"context_line":"            return True"},{"line_number":308,"context_line":""},{"line_number":309,"context_line":"    @classmethod"},{"line_number":310,"context_line":"    @tenacity.retry(  # Retry up to 5 times with jittered exponential backoff"},{"line_number":311,"context_line":"        reraise\u003dTrue,"},{"line_number":312,"context_line":"        retry\u003dtenacity.retry_if_exception_type("}],"source_content_type":"text/x-python","patch_set":5,"id":"9fdfeff1_84cb331c","line":309,"updated":"2019-02-26 20:07:32.000000000","message":"All the calls to authenticate are via self, so if this is removed then the check_tls logic can all happen within the authenticate method, and you don\u0027t need to add any arguments","commit_id":"393067ded204237cf761f31b3e2cf89eff56be39"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"ed23668315af6eb5036f23850bfaacaeae59e24d","unresolved":false,"context_lines":[{"line_number":319,"context_line":"                     check_tls\u003dTrue):"},{"line_number":320,"context_line":"        image, tag \u003d cls._image_tag_from_url(image_url)"},{"line_number":321,"context_line":"        url \u003d cls._build_url(image_url, path\u003d\u0027/\u0027)"},{"line_number":322,"context_line":"        session \u003d requests.Session()"},{"line_number":323,"context_line":"        r \u003d session.get(url, timeout\u003d30, verify\u003dcheck_tls)"},{"line_number":324,"context_line":"        LOG.debug(\u0027%s status code %s\u0027 % (url, r.status_code))"},{"line_number":325,"context_line":"        if r.status_code \u003d\u003d 200:"}],"source_content_type":"text/x-python","patch_set":5,"id":"9fdfeff1_64bdef66","line":322,"updated":"2019-02-26 20:07:32.000000000","message":"The session is scoped to a registry, so I think you want to set verify on the session instead to every single request. So it looks like all you need is:\n\n  verify \u003d not self.is_insecure_registry(image_url.netloc)\n  session.verify \u003d verify","commit_id":"393067ded204237cf761f31b3e2cf89eff56be39"},{"author":{"_account_id":28223,"name":"Cedric Jeanneret","display_name":"cjeanner (Tengu)","email":"cjeanner@redhat.com","username":"cjeanner"},"change_message_id":"ea5615d1136e6e1fd21410ca12c25514cc2adbf1","unresolved":false,"context_lines":[{"line_number":319,"context_line":"                     check_tls\u003dTrue):"},{"line_number":320,"context_line":"        image, tag \u003d cls._image_tag_from_url(image_url)"},{"line_number":321,"context_line":"        url \u003d cls._build_url(image_url, path\u003d\u0027/\u0027)"},{"line_number":322,"context_line":"        session \u003d requests.Session()"},{"line_number":323,"context_line":"        r \u003d session.get(url, timeout\u003d30, verify\u003dcheck_tls)"},{"line_number":324,"context_line":"        LOG.debug(\u0027%s status code %s\u0027 % (url, r.status_code))"},{"line_number":325,"context_line":"        if r.status_code \u003d\u003d 200:"}],"source_content_type":"text/x-python","patch_set":5,"id":"9fdfeff1_e2c0e252","line":322,"in_reply_to":"9fdfeff1_64bdef66","updated":"2019-02-27 10:34:48.000000000","message":"\"self\" isn\u0027t defined there. \"cls\" doesn\u0027t do either - I\u0027m a bit stuck on that. py27 isn\u0027t happy with the way I\u0027m calling it, while py3x is OK...","commit_id":"393067ded204237cf761f31b3e2cf89eff56be39"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"3848a9d486d0650fe7651a549f3ee43d14ae8d5c","unresolved":false,"context_lines":[{"line_number":319,"context_line":"                     check_tls\u003dTrue):"},{"line_number":320,"context_line":"        image, tag \u003d cls._image_tag_from_url(image_url)"},{"line_number":321,"context_line":"        url \u003d cls._build_url(image_url, path\u003d\u0027/\u0027)"},{"line_number":322,"context_line":"        session \u003d requests.Session()"},{"line_number":323,"context_line":"        r \u003d session.get(url, timeout\u003d30, verify\u003dcheck_tls)"},{"line_number":324,"context_line":"        LOG.debug(\u0027%s status code %s\u0027 % (url, r.status_code))"},{"line_number":325,"context_line":"        if r.status_code \u003d\u003d 200:"}],"source_content_type":"text/x-python","patch_set":5,"id":"9fdfeff1_e6246862","line":322,"in_reply_to":"9fdfeff1_e2c0e252","updated":"2019-02-27 19:19:07.000000000","message":"You need to remove the @classmethod decorator on line #309, then change line #318 to be def authenticate(self, ...)","commit_id":"393067ded204237cf761f31b3e2cf89eff56be39"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"0e323998526344ace4537612b07dd765b4d46157","unresolved":false,"context_lines":[{"line_number":352,"context_line":"    @classmethod"},{"line_number":353,"context_line":"    def _build_url(cls, url, path):"},{"line_number":354,"context_line":"        netloc \u003d url.netloc"},{"line_number":355,"context_line":"        insecure \u003d netloc in cls.insecure_registries"},{"line_number":356,"context_line":"        if netloc in cls.mirrors:"},{"line_number":357,"context_line":"            mirror \u003d cls.mirrors[netloc]"},{"line_number":358,"context_line":"            return \u0027%sv2%s\u0027 % (mirror, path)"}],"source_content_type":"text/x-python","patch_set":5,"id":"9fdfeff1_c7c13d50","line":355,"updated":"2019-02-26 20:32:37.000000000","message":"Right now the code is assuming that insecure means http, so I think a fix is needed here too. We don\u0027t hand the case of https with cert that fails validation.\n\nI think we need 3 modes. insecure, secure, and secure_no_verify. See my comment in is_insecure_registry","commit_id":"393067ded204237cf761f31b3e2cf89eff56be39"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"0e323998526344ace4537612b07dd765b4d46157","unresolved":false,"context_lines":[{"line_number":565,"context_line":"        if registry_host in self.secure_registries:"},{"line_number":566,"context_line":"            return False"},{"line_number":567,"context_line":"        if registry_host in self.insecure_registries:"},{"line_number":568,"context_line":"            return True"},{"line_number":569,"context_line":"        try:"},{"line_number":570,"context_line":"            requests.get(\u0027https://%s/v2\u0027 % registry_host, timeout\u003d30)"},{"line_number":571,"context_line":"        except requests.exceptions.SSLError:"}],"source_content_type":"text/x-python","patch_set":5,"id":"9fdfeff1_c7961d4a","line":568,"updated":"2019-02-26 20:32:37.000000000","message":"I think we need a third memoised set here called secure_no_verify_registries, so:\n\n        if registry_host in self.secure_no_verify_registries:\n            return True","commit_id":"393067ded204237cf761f31b3e2cf89eff56be39"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"0e323998526344ace4537612b07dd765b4d46157","unresolved":false,"context_lines":[{"line_number":568,"context_line":"            return True"},{"line_number":569,"context_line":"        try:"},{"line_number":570,"context_line":"            requests.get(\u0027https://%s/v2\u0027 % registry_host, timeout\u003d30)"},{"line_number":571,"context_line":"        except requests.exceptions.SSLError:"},{"line_number":572,"context_line":"            self.insecure_registries.add(registry_host)"},{"line_number":573,"context_line":"            return True"},{"line_number":574,"context_line":"        except Exception:"}],"source_content_type":"text/x-python","patch_set":5,"id":"9fdfeff1_a772f948","line":571,"updated":"2019-02-26 20:32:37.000000000","message":"In this block, reattempt the get with verify\u003dFalse. If it fails again, assume insecure http registry. If it succeeds add the registry to secure_no_verify_registries and return true","commit_id":"393067ded204237cf761f31b3e2cf89eff56be39"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"0e323998526344ace4537612b07dd765b4d46157","unresolved":false,"context_lines":[{"line_number":598,"context_line":"                target_image_url, image_layers, source_layers)"},{"line_number":599,"context_line":"            return"},{"line_number":600,"context_line":""},{"line_number":601,"context_line":"        if netloc in cls.insecure_registries:"},{"line_number":602,"context_line":"            scheme \u003d \u0027http\u0027"},{"line_number":603,"context_line":"        else:"},{"line_number":604,"context_line":"            scheme \u003d \u0027https\u0027"},{"line_number":605,"context_line":"        url \u003d \u0027%s://%s/v2/%s/blobs/uploads/\u0027 % (scheme, netloc, name)"},{"line_number":606,"context_line":""},{"line_number":607,"context_line":"        for layer in source_layers:"},{"line_number":608,"context_line":"            if layer in image_layers:"}],"source_content_type":"text/x-python","patch_set":5,"id":"9fdfeff1_4799cd6a","line":605,"range":{"start_line":601,"start_character":0,"end_line":605,"end_character":69},"updated":"2019-02-26 20:32:37.000000000","message":"This needs to be converted to a call to _build_url","commit_id":"393067ded204237cf761f31b3e2cf89eff56be39"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"19833f9da258b27d138cacaa0d13f25e9a2ca237","unresolved":false,"context_lines":[{"line_number":308,"context_line":"        else:"},{"line_number":309,"context_line":"            return True"},{"line_number":310,"context_line":""},{"line_number":311,"context_line":"    @classmethod"},{"line_number":312,"context_line":"    @tenacity.retry(  # Retry up to 5 times with jittered exponential backoff"},{"line_number":313,"context_line":"        reraise\u003dTrue,"},{"line_number":314,"context_line":"        retry\u003dtenacity.retry_if_exception_type("}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_e6954833","line":311,"updated":"2019-02-27 19:36:01.000000000","message":"delete this line","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"edebddf788e30a74f748c8ec8c1ef9f20d9e6079","unresolved":false,"context_lines":[{"line_number":308,"context_line":"        else:"},{"line_number":309,"context_line":"            return True"},{"line_number":310,"context_line":""},{"line_number":311,"context_line":"    @classmethod"},{"line_number":312,"context_line":"    @tenacity.retry(  # Retry up to 5 times with jittered exponential backoff"},{"line_number":313,"context_line":"        reraise\u003dTrue,"},{"line_number":314,"context_line":"        retry\u003dtenacity.retry_if_exception_type("}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_2db0ed3f","line":311,"in_reply_to":"9fdfeff1_c90dab8f","updated":"2019-03-01 03:26:06.000000000","message":"Ah, in that case, lets adopt the same args pattern as the upload_task function. I\u0027ll add comments to show how.","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":28223,"name":"Cedric Jeanneret","display_name":"cjeanner (Tengu)","email":"cjeanner@redhat.com","username":"cjeanner"},"change_message_id":"d788d1b8b85fdd18f25598d1499c1123bc036498","unresolved":false,"context_lines":[{"line_number":308,"context_line":"        else:"},{"line_number":309,"context_line":"            return True"},{"line_number":310,"context_line":""},{"line_number":311,"context_line":"    @classmethod"},{"line_number":312,"context_line":"    @tenacity.retry(  # Retry up to 5 times with jittered exponential backoff"},{"line_number":313,"context_line":"        reraise\u003dTrue,"},{"line_number":314,"context_line":"        retry\u003dtenacity.retry_if_exception_type("}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_c90dab8f","line":311,"in_reply_to":"9fdfeff1_e6954833","updated":"2019-02-28 06:24:54.000000000","message":"we can\u0027t. This method is called without an instance, at the far bottom of this file. Must stay a \"classmethod\" due to that call.","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"19833f9da258b27d138cacaa0d13f25e9a2ca237","unresolved":false,"context_lines":[{"line_number":317,"context_line":"        wait\u003dtenacity.wait_random_exponential(multiplier\u003d1, max\u003d10),"},{"line_number":318,"context_line":"        stop\u003dtenacity.stop_after_attempt(5)"},{"line_number":319,"context_line":"    )"},{"line_number":320,"context_line":"    def authenticate(cls, image_url, username\u003dNone, password\u003dNone,"},{"line_number":321,"context_line":"                     no_verif_reg\u003d()):"},{"line_number":322,"context_line":"        netloc \u003d image_url.netloc"},{"line_number":323,"context_line":"        image, tag \u003d cls._image_tag_from_url(image_url)"}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_c69e0453","line":320,"updated":"2019-02-27 19:36:01.000000000","message":"here, rename cls to self","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":28223,"name":"Cedric Jeanneret","display_name":"cjeanner (Tengu)","email":"cjeanner@redhat.com","username":"cjeanner"},"change_message_id":"d788d1b8b85fdd18f25598d1499c1123bc036498","unresolved":false,"context_lines":[{"line_number":317,"context_line":"        wait\u003dtenacity.wait_random_exponential(multiplier\u003d1, max\u003d10),"},{"line_number":318,"context_line":"        stop\u003dtenacity.stop_after_attempt(5)"},{"line_number":319,"context_line":"    )"},{"line_number":320,"context_line":"    def authenticate(cls, image_url, username\u003dNone, password\u003dNone,"},{"line_number":321,"context_line":"                     no_verif_reg\u003d()):"},{"line_number":322,"context_line":"        netloc \u003d image_url.netloc"},{"line_number":323,"context_line":"        image, tag \u003d cls._image_tag_from_url(image_url)"}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_e9f0af69","line":320,"in_reply_to":"9fdfeff1_c69e0453","updated":"2019-02-28 06:24:54.000000000","message":"must stay classmethod, so unable to do that.","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"19833f9da258b27d138cacaa0d13f25e9a2ca237","unresolved":false,"context_lines":[{"line_number":318,"context_line":"        stop\u003dtenacity.stop_after_attempt(5)"},{"line_number":319,"context_line":"    )"},{"line_number":320,"context_line":"    def authenticate(cls, image_url, username\u003dNone, password\u003dNone,"},{"line_number":321,"context_line":"                     no_verif_reg\u003d()):"},{"line_number":322,"context_line":"        netloc \u003d image_url.netloc"},{"line_number":323,"context_line":"        image, tag \u003d cls._image_tag_from_url(image_url)"},{"line_number":324,"context_line":"        url \u003d cls._build_url(image_url, path\u003d\u0027/\u0027)"}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_e6aea87f","line":321,"updated":"2019-02-27 19:36:01.000000000","message":"now you can remove no_verif_reg and have direct access to self.no_verify_registries","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"19833f9da258b27d138cacaa0d13f25e9a2ca237","unresolved":false,"context_lines":[{"line_number":425,"context_line":"        manifest \u003d manifest_r.json()"},{"line_number":426,"context_line":""},{"line_number":427,"context_line":"        if \u0027Docker-Content-Digest\u0027 in manifest_r.headers:"},{"line_number":428,"context_line":"            digest \u003d manifest_r.headers[\u0027Docker-Content-Digest\u0027]"},{"line_number":429,"context_line":"        else:"},{"line_number":430,"context_line":"            digest \u003d manifest[\u0027config\u0027][\u0027digest\u0027]"},{"line_number":431,"context_line":""}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_26def010","line":428,"updated":"2019-02-27 19:36:01.000000000","message":"What registry is failing to set this header?","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":28223,"name":"Cedric Jeanneret","display_name":"cjeanner (Tengu)","email":"cjeanner@redhat.com","username":"cjeanner"},"change_message_id":"d788d1b8b85fdd18f25598d1499c1123bc036498","unresolved":false,"context_lines":[{"line_number":425,"context_line":"        manifest \u003d manifest_r.json()"},{"line_number":426,"context_line":""},{"line_number":427,"context_line":"        if \u0027Docker-Content-Digest\u0027 in manifest_r.headers:"},{"line_number":428,"context_line":"            digest \u003d manifest_r.headers[\u0027Docker-Content-Digest\u0027]"},{"line_number":429,"context_line":"        else:"},{"line_number":430,"context_line":"            digest \u003d manifest[\u0027config\u0027][\u0027digest\u0027]"},{"line_number":431,"context_line":""}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_097df3e5","line":428,"in_reply_to":"9fdfeff1_26def010","updated":"2019-02-28 06:24:54.000000000","message":"MAY be due to my setup - internal RH for rhel8 containers. Was the only way for me to test the whole change.","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"edebddf788e30a74f748c8ec8c1ef9f20d9e6079","unresolved":false,"context_lines":[{"line_number":532,"context_line":""},{"line_number":533,"context_line":"        discover_args \u003d []"},{"line_number":534,"context_line":"        for image in images:"},{"line_number":535,"context_line":"            discover_args.append((image, tag_from_label))"},{"line_number":536,"context_line":"        p \u003d futures.ThreadPoolExecutor(max_workers\u003d16)"},{"line_number":537,"context_line":""},{"line_number":538,"context_line":"        versioned_images \u003d {}"}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_cde9211a","line":535,"updated":"2019-03-01 03:26:06.000000000","message":"(self, image, tag_from_label)","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"19833f9da258b27d138cacaa0d13f25e9a2ca237","unresolved":false,"context_lines":[{"line_number":617,"context_line":"            return verify, netlocs"},{"line_number":618,"context_line":""},{"line_number":619,"context_line":"    # Instance method calling the class method with some love"},{"line_number":620,"context_line":"    def intercept_redirect(self, uri, session\u003dNone):"},{"line_number":621,"context_line":"        if type(uri) is str:"},{"line_number":622,"context_line":"            uri \u003d parse.urlparse(uri)"},{"line_number":623,"context_line":"        self.is_insecure_registry(uri.netloc)"}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_664cf8c7","line":620,"updated":"2019-02-27 19:36:01.000000000","message":"I really hope none if this intercept_redirect will be needed. Can you describe the behavior you\u0027re seeing, and the approach you\u0027re taking to solve it?","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":28223,"name":"Cedric Jeanneret","display_name":"cjeanner (Tengu)","email":"cjeanner@redhat.com","username":"cjeanner"},"change_message_id":"d788d1b8b85fdd18f25598d1499c1123bc036498","unresolved":false,"context_lines":[{"line_number":617,"context_line":"            return verify, netlocs"},{"line_number":618,"context_line":""},{"line_number":619,"context_line":"    # Instance method calling the class method with some love"},{"line_number":620,"context_line":"    def intercept_redirect(self, uri, session\u003dNone):"},{"line_number":621,"context_line":"        if type(uri) is str:"},{"line_number":622,"context_line":"            uri \u003d parse.urlparse(uri)"},{"line_number":623,"context_line":"        self.is_insecure_registry(uri.netloc)"}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_69db5fec","line":620,"in_reply_to":"9fdfeff1_664cf8c7","updated":"2019-02-28 06:24:54.000000000","message":"RH internal registry - we point to somehost:8888 without TLS (it doesn\u0027t support TLS), and we get a redirect later to somehost:443 with TLS and untrusted CA.\nSo we need to get, on the fly, the final location. This method also allows to intercept other involved hosts, and ensure we can connect to all of them, with the right setting (trust CA or not).\nMaybe it\u0027s only a specific use-case, with a weird setup, but... Well, that\u0027s the whole point of this patch: allow to deploy in a dev/test/alpha env.","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"edebddf788e30a74f748c8ec8c1ef9f20d9e6079","unresolved":false,"context_lines":[{"line_number":617,"context_line":"            return verify, netlocs"},{"line_number":618,"context_line":""},{"line_number":619,"context_line":"    # Instance method calling the class method with some love"},{"line_number":620,"context_line":"    def intercept_redirect(self, uri, session\u003dNone):"},{"line_number":621,"context_line":"        if type(uri) is str:"},{"line_number":622,"context_line":"            uri \u003d parse.urlparse(uri)"},{"line_number":623,"context_line":"        self.is_insecure_registry(uri.netloc)"}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_2b953040","line":620,"in_reply_to":"9fdfeff1_69db5fec","updated":"2019-03-01 03:26:06.000000000","message":"OK, in that case it might be better to replace all direct calls to session.get/head... with a wrapper function that handles this situation.\n\nAlso it would be nice to split this commit into a series of 2. The first commit can be just to support an ideal tls-no-verify registry, then the second commit to handle the quirks for that specific downstream registry.","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":4571,"name":"Steve Baker","email":"sbaker@redhat.com","username":"steve-stevebaker"},"change_message_id":"edebddf788e30a74f748c8ec8c1ef9f20d9e6079","unresolved":false,"context_lines":[{"line_number":1761,"context_line":""},{"line_number":1762,"context_line":""},{"line_number":1763,"context_line":"def discover_tag_from_inspect(args):"},{"line_number":1764,"context_line":"    image, tag_from_label \u003d args"},{"line_number":1765,"context_line":"    image_url \u003d BaseImageUploader._image_to_url(image)"},{"line_number":1766,"context_line":"    session \u003d BaseImageUploader.authenticate(image_url)"},{"line_number":1767,"context_line":"    verify, netlocs \u003d BaseImageUploader._intercept_redirect(image_url, session)"}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_4d98d1be","line":1764,"updated":"2019-03-01 03:26:06.000000000","message":"self, image, tag_from_label \u003d args","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":28223,"name":"Cedric Jeanneret","display_name":"cjeanner (Tengu)","email":"cjeanner@redhat.com","username":"cjeanner"},"change_message_id":"d788d1b8b85fdd18f25598d1499c1123bc036498","unresolved":false,"context_lines":[{"line_number":1763,"context_line":"def discover_tag_from_inspect(args):"},{"line_number":1764,"context_line":"    image, tag_from_label \u003d args"},{"line_number":1765,"context_line":"    image_url \u003d BaseImageUploader._image_to_url(image)"},{"line_number":1766,"context_line":"    session \u003d BaseImageUploader.authenticate(image_url)"},{"line_number":1767,"context_line":"    verify, netlocs \u003d BaseImageUploader._intercept_redirect(image_url, session)"},{"line_number":1768,"context_line":"    i \u003d BaseImageUploader._inspect(image_url, session\u003dsession)"},{"line_number":1769,"context_line":"    if \u0027:\u0027 in image_url.path:"}],"source_content_type":"text/x-python","patch_set":8,"id":"9fdfeff1_29e1d79b","line":1766,"updated":"2019-02-28 06:24:54.000000000","message":"So because of this one, we can\u0027t move \"authenticate\" to an instance method. yay.","commit_id":"040c143160e492ee21b0ee20a9582797d3564446"},{"author":{"_account_id":11082,"name":"Kamil Sambor","email":"ksambor@redhat.com","username":"ksambor"},"change_message_id":"f51db8b1da337a5aa371cd275888f2c03a3822c8","unresolved":false,"context_lines":[{"line_number":355,"context_line":"            if insecure:"},{"line_number":356,"context_line":"                scheme \u003d \u0027http\u0027"},{"line_number":357,"context_line":"            # Just to be clear: we DO want TLS for that specific case"},{"line_number":358,"context_line":"            elif tls_verify:"},{"line_number":359,"context_line":"                scheme \u003d \u0027https\u0027"},{"line_number":360,"context_line":"            else:"},{"line_number":361,"context_line":"                scheme \u003d \u0027https\u0027"}],"source_content_type":"text/x-python","patch_set":14,"id":"9fdfeff1_2721c0b6","line":358,"updated":"2019-03-04 07:30:55.000000000","message":"nit: there is no reason to use tls_verify it can be just:\nelif netloc in cls.no_verify_registries: (...)\nor even add only comment about tls and use only \u0027else\u0027 to not overcomplicate logic","commit_id":"611080299958c039e7992bff5b1580b916e5c633"},{"author":{"_account_id":28223,"name":"Cedric Jeanneret","display_name":"cjeanner (Tengu)","email":"cjeanner@redhat.com","username":"cjeanner"},"change_message_id":"433b632259d5c32baf242a97c288a164a30487a3","unresolved":false,"context_lines":[{"line_number":355,"context_line":"            if insecure:"},{"line_number":356,"context_line":"                scheme \u003d \u0027http\u0027"},{"line_number":357,"context_line":"            # Just to be clear: we DO want TLS for that specific case"},{"line_number":358,"context_line":"            elif tls_verify:"},{"line_number":359,"context_line":"                scheme \u003d \u0027https\u0027"},{"line_number":360,"context_line":"            else:"},{"line_number":361,"context_line":"                scheme \u003d \u0027https\u0027"}],"source_content_type":"text/x-python","patch_set":14,"id":"9fdfeff1_eaecddf5","line":358,"in_reply_to":"9fdfeff1_2721c0b6","updated":"2019-03-04 07:55:21.000000000","message":"being explicit might have its good sides imho. This behavior copies the one for \"insecure\" in the end. Might be part of the needed refactoring though.","commit_id":"611080299958c039e7992bff5b1580b916e5c633"},{"author":{"_account_id":11082,"name":"Kamil Sambor","email":"ksambor@redhat.com","username":"ksambor"},"change_message_id":"f51db8b1da337a5aa371cd275888f2c03a3822c8","unresolved":false,"context_lines":[{"line_number":581,"context_line":"            except requests.exceptions.SSLError:"},{"line_number":582,"context_line":"                # So nope, it\u0027s really not a certificate verification issue"},{"line_number":583,"context_line":"                self.insecure_registries.add(registry_host)"},{"line_number":584,"context_line":"                return True"},{"line_number":585,"context_line":"        except Exception:"},{"line_number":586,"context_line":"            # for any other error assume it is a secure registry, because:"},{"line_number":587,"context_line":"            # - it is secure registry"}],"source_content_type":"text/x-python","patch_set":14,"id":"9fdfeff1_47aba41d","line":584,"updated":"2019-03-04 07:30:55.000000000","message":"nit: it will be nicer and more readable with:\nfinally:\n  return True","commit_id":"611080299958c039e7992bff5b1580b916e5c633"},{"author":{"_account_id":28223,"name":"Cedric Jeanneret","display_name":"cjeanner (Tengu)","email":"cjeanner@redhat.com","username":"cjeanner"},"change_message_id":"433b632259d5c32baf242a97c288a164a30487a3","unresolved":false,"context_lines":[{"line_number":581,"context_line":"            except requests.exceptions.SSLError:"},{"line_number":582,"context_line":"                # So nope, it\u0027s really not a certificate verification issue"},{"line_number":583,"context_line":"                self.insecure_registries.add(registry_host)"},{"line_number":584,"context_line":"                return True"},{"line_number":585,"context_line":"        except Exception:"},{"line_number":586,"context_line":"            # for any other error assume it is a secure registry, because:"},{"line_number":587,"context_line":"            # - it is secure registry"}],"source_content_type":"text/x-python","patch_set":14,"id":"9fdfeff1_8ade713c","line":584,"in_reply_to":"9fdfeff1_47aba41d","updated":"2019-03-04 07:55:21.000000000","message":"hmm right. We never really use that poor \"finally\" :)","commit_id":"611080299958c039e7992bff5b1580b916e5c633"},{"author":{"_account_id":11082,"name":"Kamil Sambor","email":"ksambor@redhat.com","username":"ksambor"},"change_message_id":"f51db8b1da337a5aa371cd275888f2c03a3822c8","unresolved":false,"context_lines":[{"line_number":1564,"context_line":""},{"line_number":1565,"context_line":"def discover_tag_from_inspect(args):"},{"line_number":1566,"context_line":"    self, image, tag_from_label \u003d args"},{"line_number":1567,"context_line":"    image_url \u003d BaseImageUploader._image_to_url(image)"},{"line_number":1568,"context_line":"    session \u003d self.authenticate(image_url)"},{"line_number":1569,"context_line":"    i \u003d BaseImageUploader._inspect(image_url, session\u003dsession)"},{"line_number":1570,"context_line":"    if \u0027:\u0027 in image_url.path:"}],"source_content_type":"text/x-python","patch_set":14,"id":"9fdfeff1_07283c95","line":1567,"updated":"2019-03-04 07:30:55.000000000","message":"all BaseImageUploader can be replace now by self","commit_id":"611080299958c039e7992bff5b1580b916e5c633"},{"author":{"_account_id":28223,"name":"Cedric Jeanneret","display_name":"cjeanner (Tengu)","email":"cjeanner@redhat.com","username":"cjeanner"},"change_message_id":"433b632259d5c32baf242a97c288a164a30487a3","unresolved":false,"context_lines":[{"line_number":1564,"context_line":""},{"line_number":1565,"context_line":"def discover_tag_from_inspect(args):"},{"line_number":1566,"context_line":"    self, image, tag_from_label \u003d args"},{"line_number":1567,"context_line":"    image_url \u003d BaseImageUploader._image_to_url(image)"},{"line_number":1568,"context_line":"    session \u003d self.authenticate(image_url)"},{"line_number":1569,"context_line":"    i \u003d BaseImageUploader._inspect(image_url, session\u003dsession)"},{"line_number":1570,"context_line":"    if \u0027:\u0027 in image_url.path:"}],"source_content_type":"text/x-python","patch_set":14,"id":"9fdfeff1_6ad9cd54","line":1567,"in_reply_to":"9fdfeff1_07283c95","updated":"2019-03-04 07:55:21.000000000","message":"the whole file would love some refactoring, that can be made as a second pass I think. It\u0027s listed here: https://bugs.launchpad.net/tripleo/+bug/1818480","commit_id":"611080299958c039e7992bff5b1580b916e5c633"}],"tripleo_common/tests/image/test_image_uploader.py":[{"author":{"_account_id":3153,"name":"Emilien Macchi","email":"emilien@redhat.com","username":"emilienm"},"change_message_id":"4848c0d9e66aca274ac73485294ae13019fcc18e","unresolved":false,"context_lines":[{"line_number":1419,"context_line":"                check_tls\u003dTrue"},{"line_number":1420,"context_line":"            ),"},{"line_number":1421,"context_line":"        ])"},{"line_number":1422,"context_line":""},{"line_number":1423,"context_line":"        _fetch_manifest.assert_called_once_with("},{"line_number":1424,"context_line":"            source_url, session\u003dsource_session)"},{"line_number":1425,"context_line":""}],"source_content_type":"text/x-python","patch_set":3,"id":"9fdfeff1_eb1d3f62","line":1422,"updated":"2019-02-26 02:45:00.000000000","message":"it would be great to add a unit tests with an insecure request (check_tls\u003dFalse).","commit_id":"2a8c5f309eb0513edcaf5c6d322f6ef553004718"}]}