bitbake-devel.lists.openembedded.org archive mirror
 help / color / mirror / Atom feed
* [bitbake][PATCHv2] Add NODE_EXTRA_CA_CERTS to export list
@ 2023-02-07 22:10 George Kelly
  2023-02-08 10:14 ` [bitbake-devel] " Luca Ceresoli
  0 siblings, 1 reply; 3+ messages in thread
From: George Kelly @ 2023-02-07 22:10 UTC (permalink / raw)
  To: bitbake-devel; +Cc: George Kelly

If you are behind a corporate proxy, the npm fetcher uses
the proxy IP address already passed in the list of exports.
However, it will error if the proxy injects its own root
CA certificate. Thus, the NODE_EXTRA_CA_CERTS environment
variable must be passed so the user can include their
company's root CA as a trusted CA inside node's
certificate store.

Signed-off-by: George Kelly <george.kelly1097@gmail.com>
---
 lib/bb/fetch2/__init__.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/bb/fetch2/__init__.py b/lib/bb/fetch2/__init__.py
index 5a7a6024..747356df 100644
--- a/lib/bb/fetch2/__init__.py
+++ b/lib/bb/fetch2/__init__.py
@@ -851,6 +851,7 @@ FETCH_EXPORT_VARS = ['HOME', 'PATH',
                      'DBUS_SESSION_BUS_ADDRESS',
                      'P4CONFIG',
                      'SSL_CERT_FILE',
+                     'NODE_EXTRA_CA_CERTS',
                      'AWS_PROFILE',
                      'AWS_ACCESS_KEY_ID',
                      'AWS_SECRET_ACCESS_KEY',
-- 
2.37.2



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [bitbake-devel] [bitbake][PATCHv2] Add NODE_EXTRA_CA_CERTS to export list
  2023-02-07 22:10 [bitbake][PATCHv2] Add NODE_EXTRA_CA_CERTS to export list George Kelly
@ 2023-02-08 10:14 ` Luca Ceresoli
  2023-02-08 10:55   ` Peter Kjellerstedt
  0 siblings, 1 reply; 3+ messages in thread
From: Luca Ceresoli @ 2023-02-08 10:14 UTC (permalink / raw)
  To: George Kelly; +Cc: bitbake-devel

Hello George,

On Tue,  7 Feb 2023 17:10:22 -0500
"George Kelly" <george.kelly1097@gmail.com> wrote:

> If you are behind a corporate proxy, the npm fetcher uses
> the proxy IP address already passed in the list of exports.
> However, it will error if the proxy injects its own root
> CA certificate. Thus, the NODE_EXTRA_CA_CERTS environment
> variable must be passed so the user can include their
> company's root CA as a trusted CA inside node's
> certificate store.
> 
> Signed-off-by: George Kelly <george.kelly1097@gmail.com>

Your subject and commit message looks definitely good now, thanks! I
added your patch to my testing branch.

-- 
Luca Ceresoli, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com


^ permalink raw reply	[flat|nested] 3+ messages in thread

* RE: [bitbake-devel] [bitbake][PATCHv2] Add NODE_EXTRA_CA_CERTS to export list
  2023-02-08 10:14 ` [bitbake-devel] " Luca Ceresoli
@ 2023-02-08 10:55   ` Peter Kjellerstedt
  0 siblings, 0 replies; 3+ messages in thread
From: Peter Kjellerstedt @ 2023-02-08 10:55 UTC (permalink / raw)
  To: luca.ceresoli, George Kelly; +Cc: bitbake-devel

> -----Original Message-----
> From: bitbake-devel@lists.openembedded.org <bitbake-
> devel@lists.openembedded.org> On Behalf Of Luca Ceresoli via
> lists.openembedded.org
> Sent: den 8 februari 2023 11:15
> To: George Kelly <george.kelly1097@gmail.com>
> Cc: bitbake-devel@lists.openembedded.org
> Subject: Re: [bitbake-devel] [bitbake][PATCHv2] Add NODE_EXTRA_CA_CERTS to export list

There should be a prefix for the subject, e.g., "fetch2: "

> 
> Hello George,
> 
> On Tue,  7 Feb 2023 17:10:22 -0500
> "George Kelly" <george.kelly1097@gmail.com> wrote:
> 
> > If you are behind a corporate proxy, the npm fetcher uses
> > the proxy IP address already passed in the list of exports.
> > However, it will error if the proxy injects its own root
> > CA certificate. Thus, the NODE_EXTRA_CA_CERTS environment
> > variable must be passed so the user can include their
> > company's root CA as a trusted CA inside node's
> > certificate store.
> >
> > Signed-off-by: George Kelly <george.kelly1097@gmail.com>
> 
> Your subject and commit message looks definitely good now, thanks! I
> added your patch to my testing branch.
> 
> --
> Luca Ceresoli, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com

//Peter



^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2023-02-08 10:55 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-02-07 22:10 [bitbake][PATCHv2] Add NODE_EXTRA_CA_CERTS to export list George Kelly
2023-02-08 10:14 ` [bitbake-devel] " Luca Ceresoli
2023-02-08 10:55   ` Peter Kjellerstedt

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).