Skip to content

Commit

Permalink
export: use --trusted-host for non HTTPS index
Browse files Browse the repository at this point in the history
Resolves: #1894
  • Loading branch information
estyxx authored and finswimmer committed Jan 30, 2021
1 parent 6d957e6 commit eca5ad8
Show file tree
Hide file tree
Showing 2 changed files with 50 additions and 0 deletions.
4 changes: 4 additions & 0 deletions poetry/utils/exporter.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
from poetry.poetry import Poetry
from poetry.utils._compat import Path
from poetry.utils._compat import decode
from poetry.utils._compat import urlparse


class Exporter(object):
Expand Down Expand Up @@ -139,6 +140,9 @@ def _export_requirements_txt(
url = (
repository.authenticated_url if with_credentials else repository.url
)
parsed_url = urlparse.urlsplit(url)
if parsed_url.scheme == "http":
indexes_header += "--trusted-host {}\n".format(parsed_url.netloc)
indexes_header += "--extra-index-url {}\n".format(url)

content = indexes_header + "\n" + content
Expand Down
46 changes: 46 additions & 0 deletions tests/utils/test_exporter.py
Original file line number Diff line number Diff line change
Expand Up @@ -1028,6 +1028,52 @@ def test_exporter_exports_requirements_txt_with_legacy_packages(tmp_dir, poetry)
assert expected == content


def test_exporter_exports_requirements_txt_with_legacy_packages_trusted_host(
tmp_dir, poetry
):
poetry.pool.add_repository(LegacyRepository("custom", "http://example.com/simple",))
poetry.locker.mock_lock_data(
{
"package": [
{
"name": "bar",
"version": "4.5.6",
"category": "dev",
"optional": False,
"python-versions": "*",
"source": {
"type": "legacy",
"url": "http://example.com/simple",
"reference": "",
},
},
],
"metadata": {
"python-versions": "*",
"content-hash": "123456789",
"hashes": {"bar": ["67890"]},
},
}
)
set_package_requires(poetry)
exporter = Exporter(poetry)

exporter.export("requirements.txt", Path(tmp_dir), "requirements.txt", dev=True)

with (Path(tmp_dir) / "requirements.txt").open(encoding="utf-8") as f:
content = f.read()

expected = """\
--trusted-host example.com
--extra-index-url http://example.com/simple
bar==4.5.6 \\
--hash=sha256:67890
"""

assert expected == content


@pytest.mark.parametrize(
("dev", "expected"),
[
Expand Down

0 comments on commit eca5ad8

Please # to comment.