You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2018/08/19 14:28:36 UTC

[GitHub] XD-DENG edited a comment on issue #3764: [AIRFLOW-2916] Arg `verify` for AwsHook() & S3 sensors/operators

XD-DENG edited a comment on issue #3764: [AIRFLOW-2916] Arg `verify` for AwsHook() & S3 sensors/operators
URL: https://github.com/apache/incubator-airflow/pull/3764#issuecomment-414131118
 
 
   Hi @Fokko . I do agree that we should always have proper SSL certificates. But this feature may be quite necessary when
   - if we want to use a different CA cert bundle than the one used by `botocore` (argument `verify` can be either boolean or string. When it's string, it can be path/to/cert/bundle.pem).
   - for my own case, my infra team didn't set proper SSL for the on-prem UAT S3. Before they set it up for me, I have to use `--no-verify-ssl`, i.e. put `verify` as `False`. I believe I'm not the only one who have this sort of issue.
   
   Regarding default value: In `boto3`, default value of `verify` is `None`, and actually it's equivalent to `True` here (please refer to [boto3 session reference](https://boto3.readthedocs.io/en/latest/reference/core/session.html)). To keep consistent with `boto3`, I also put `None`.
   
   Hope this clarifies.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services