From 87340052a56e225e120db0d1630b514069944bfc Mon Sep 17 00:00:00 2001
From: cksac <cs.cksac@gmail.com>
Date: Wed, 25 Nov 2020 18:16:53 +0800
Subject: [PATCH] Allow disabling SSL certificates verification (#256)

Co-authored-by: cksac <cksac@gmail.com>
---
 trains/backend_config/bucket_config.py       | 1 +
 trains/backend_interface/setupuploadmixin.py | 7 +++++--
 trains/storage/helper.py                     | 1 +
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/trains/backend_config/bucket_config.py b/trains/backend_config/bucket_config.py
index d8e860a3..4171ca9e 100644
--- a/trains/backend_config/bucket_config.py
+++ b/trains/backend_config/bucket_config.py
@@ -29,6 +29,7 @@ class S3BucketConfig(object):
     acl = attrib(type=str, converter=_none_to_empty_string, default="")
     secure = attrib(type=bool, default=True)
     region = attrib(type=str, converter=_none_to_empty_string, default="")
+    verify = attrib(type=bool, default=True)
 
     def update(self, key, secret, multipart=True, region=None):
         self.key = key
diff --git a/trains/backend_interface/setupuploadmixin.py b/trains/backend_interface/setupuploadmixin.py
index 423c89ce..82b9e4c2 100644
--- a/trains/backend_interface/setupuploadmixin.py
+++ b/trains/backend_interface/setupuploadmixin.py
@@ -9,7 +9,7 @@ class SetupUploadMixin(object):
     storage_uri = abstractproperty()
 
     def setup_upload(
-            self, bucket_name, host=None, access_key=None, secret_key=None, region=None, multipart=True, https=True):
+            self, bucket_name, host=None, access_key=None, secret_key=None, region=None, multipart=True, https=True, verify=True):
         """
         Setup upload options (currently only S3 is supported)
 
@@ -30,6 +30,8 @@ class SetupUploadMixin(object):
         :type https: bool
         :param region: Bucket region. Required if the bucket doesn't reside in the default region (us-east-1)
         :type region: str
+        :param verify: Whether or not to verify SSL certificates. Only required when using a Non-AWS S3 solution that only supports HTTPS with self-signed certificate.
+        :type verify: bool
         """
         self._bucket_config = S3BucketConfig(
             bucket=bucket_name,
@@ -38,7 +40,8 @@ class SetupUploadMixin(object):
             secret=secret_key,
             multipart=multipart,
             secure=https,
-            region=region
+            region=region,
+            verify=verify
         )
         self.storage_uri = ('s3://%(host)s/%(bucket_name)s' if host else 's3://%(bucket_name)s') % locals()
         StorageHelper.add_configuration(self._bucket_config, log=self.log)
diff --git a/trains/storage/helper.py b/trains/storage/helper.py
index a588a981..45e44aed 100644
--- a/trains/storage/helper.py
+++ b/trains/storage/helper.py
@@ -1236,6 +1236,7 @@ class _Boto3Driver(_Driver):
                     aws_secret_access_key=cfg.secret,
                     endpoint_url=endpoint,
                     use_ssl=cfg.secure,
+                    verify=cfg.verify,
                     config=botocore.client.Config(
                         max_pool_connections=max(
                             _Boto3Driver._min_pool_connections,