Skip to content

Commit

Permalink
Bugfix/pan 2270 fix celery tls (#150)
Browse files Browse the repository at this point in the history
* PAN-2270: Point to certs

* PAN-2270: Set proper path based on broker url

* PAN-2270: Rewrite check

---------

Signed-off-by: jacekv <[email protected]>
  • Loading branch information
jacekv authored Nov 19, 2024
1 parent fd0aa12 commit 7588b32
Showing 1 changed file with 18 additions and 3 deletions.
21 changes: 18 additions & 3 deletions pantos/servicenode/celery.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
"""
import logging
import os
import pathlib
import sys

Expand Down Expand Up @@ -38,13 +39,27 @@ def is_main_module() -> bool:
or any(marker in sys.argv for marker in potential_celery_markers))


def verify_celery_url_has_ssl() -> bool:
"""Determine if the Celery broker URL has SSL enabled.
Returns
-------
bool
True if the Celery broker URL has SSL enabled.
"""
if "CELERY_BROKER" in os.environ:
url_to_check = os.environ["CELERY_BROKER"]
else:
url_to_check = config['celery']['broker']
return url_to_check.startswith('amqps')


if is_main_module(): # pragma: no cover
_logger.info('Initializing the Celery application...')
initialize_application(False)

ca_certs = {} if config['celery']['broker'].startswith('amqp') else {
'ca_certs': certifi.where()
}
ca_certs = {'ca_certs': certifi.where()} if verify_celery_url_has_ssl() else {}

celery_app = celery.Celery(
'pantos.servicenode', broker=config['celery']['broker'],
backend=config['celery']['backend'], include=[
Expand Down

0 comments on commit 7588b32

Please sign in to comment.