Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change conn.conn_kw's content instead of replacing it #16587

Merged
merged 3 commits into from
Feb 8, 2021

Conversation

jiasli
Copy link
Member

@jiasli jiasli commented Feb 6, 2021

Symptom

Python SDK fails when an HTTPS proxy is used:

from azure.mgmt.compute import ComputeManagementClient
from azure.identity import AzureCliCredential

subscription_id = 'xxx'
proxies = {'https': 'https://127.0.0.1:8888'}

compute_client = ComputeManagementClient(subscription_id=subscription_id, credential=AzureCliCredential(),
                                         proxies=proxies)
compute_client.virtual_machine_scale_sets.get(resource_group_name='xxx', vm_scale_set_name='xxx')
Traceback (most recent call last):
  File "D:/cli/testproj/demo.py", line 12, in <module>
    compute_client.virtual_machine_scale_sets.get(resource_group_name='xxx',
  File "D:\cli\env38\lib\site-packages\azure\mgmt\compute\v2020_06_01\operations\_virtual_machine_scale_sets_operations.py", line 458, in get
    pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs)
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\_base.py", line 211, in run
    return first_node.send(pipeline_request)  # type: ignore
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\_base.py", line 71, in send
    response = self.next.send(request)
  File "D:\cli\env38\lib\site-packages\azure\mgmt\core\policies\_base.py", line 47, in send
    response = self.next.send(request)
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\_base.py", line 71, in send
    response = self.next.send(request)
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\_base.py", line 71, in send
    response = self.next.send(request)
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\_base.py", line 71, in send
    response = self.next.send(request)
  [Previous line repeated 1 more time]
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\policies\_redirect.py", line 158, in send
    response = self.next.send(request)
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\policies\_retry.py", line 435, in send
    response = self.next.send(request)
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\_base.py", line 71, in send
    response = self.next.send(request)
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\_base.py", line 71, in send
    response = self.next.send(request)
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\_base.py", line 71, in send
    response = self.next.send(request)
  [Previous line repeated 2 more times]
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\_base.py", line 103, in send
    self._sender.send(request.http_request, **request.context.options),
  File "D:\cli\env38\lib\site-packages\azure\core\pipeline\transport\_requests_basic.py", line 260, in send
    response = self.session.request(  # type: ignore
  File "D:\cli\env38\lib\site-packages\requests\sessions.py", line 542, in request
    resp = self.send(prep, **send_kwargs)
  File "D:\cli\env38\lib\site-packages\requests\sessions.py", line 655, in send
    r = adapter.send(request, **kwargs)
  File "D:\cli\env38\lib\site-packages\requests\adapters.py", line 439, in send
    resp = conn.urlopen(
  File "D:\cli\env38\lib\site-packages\urllib3\connectionpool.py", line 696, in urlopen
    self._prepare_proxy(conn)
  File "D:\cli\env38\lib\site-packages\urllib3\connectionpool.py", line 964, in _prepare_proxy
    conn.connect()
  File "D:\cli\env38\lib\site-packages\urllib3\connection.py", line 359, in connect
    conn = self._connect_tls_proxy(hostname, conn)
  File "D:\cli\env38\lib\site-packages\urllib3\connection.py", line 476, in _connect_tls_proxy
    ssl_context = proxy_config.ssl_context
AttributeError: 'NoneType' object has no attribute 'ssl_context'

Root cause

#14442 replaces conn.conn_kw with a new dict.

It corrupts the internal logic of urllib3, as conn.conn_kw is not empty. Replacing it causes existing key-values to be discarded.

Example conn.conn_kw when proxy is used:

{
  'socket_options': [], 
  'proxy': Url(scheme='https', auth=None, host='127.0.0.1', port=8888, path=None, query=None, fragment=None), 
  'proxy_config': ProxyConfig(ssl_context=None, use_forwarding_for_https=False)
}

The above error happens because proxy_config from conn.conn_kw is discarded.

Change

This PR changes conn.conn_kw's content instead of replacing it, so that existing values are preserved.

@ghost ghost added the Azure.Core label Feb 6, 2021
@check-enforcer
Copy link

check-enforcer bot commented Feb 6, 2021

This pull request is protected by Check Enforcer.

What is Check Enforcer?

Check Enforcer helps ensure all pull requests are covered by at least one check-run (typically an Azure Pipeline). When all check-runs associated with this pull request pass then Check Enforcer itself will pass.

Why am I getting this message?

You are getting this message because Check Enforcer did not detect any check-runs being associated with this pull request within five minutes. This may indicate that your pull request is not covered by any pipelines and so Check Enforcer is correctly blocking the pull request being merged.

What should I do now?

If the check-enforcer check-run is not passing and all other check-runs associated with this PR are passing (excluding license-cla) then you could try telling Check Enforcer to evaluate your pull request again. You can do this by adding a comment to this pull request as follows:
/check-enforcer evaluate
Typically evaulation only takes a few seconds. If you know that your pull request is not covered by a pipeline and this is expected you can override Check Enforcer using the following command:
/check-enforcer override
Note that using the override command triggers alerts so that follow-up investigations can occur (PRs still need to be approved as normal).

What if I am onboarding a new service?

Often, new services do not have validation pipelines associated with them, in order to bootstrap pipelines for a new service, you can issue the following command as a pull request comment:
/azp run prepare-pipelines
This will run a pipeline that analyzes the source tree and creates the pipelines necessary to build and validate your pull request. Once the pipeline has been created you can trigger the pipeline using the following comment:
/azp run python - [service] - ci

@yonzhan yonzhan requested review from jsntcy and msyyc February 6, 2021 04:33
@sihde
Copy link

sihde commented Feb 6, 2021

I have confirmed that applying this patch against azure-core 1.10.0 allows my tests to pass while they fail without it. Thanks for your help @jiasli and @yonzhan !

@xiangyan99 xiangyan99 merged commit c897b16 into Azure:master Feb 8, 2021
rakshith91 pushed a commit to rakshith91/azure-sdk-for-python that referenced this pull request Feb 8, 2021
* conn.conn_kw

* Update _bigger_block_size_http_adapters.py

Co-authored-by: Xiang Yan <xiangsjtu@gmail.com>
Comment on lines 44 to 45
if not conn.conn_kw:
conne.conn_kw = {}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, conn.conn_kw will never be None as it is created from a function kwargs:

https://github.com/urllib3/urllib3/blob/67111020d9cfc5798bc85f3719b3015e3ff28692/src/urllib3/connectionpool.py#L167

    def __init__(
        self,
        ...
        **conn_kw,

and saved as an attribute later:

https://github.com/urllib3/urllib3/blob/67111020d9cfc5798bc85f3719b3015e3ff28692/src/urllib3/connectionpool.py#L195

        self.conn_kw = conn_kw

@jiasli jiasli deleted the conn_kw branch February 25, 2021 09:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants