[PULL] [PATCH 0/1] bitbake: fetch2: Add NODE_EXTRA_CA_CERTS to the list of exports

[PULL] [PATCH 0/1] bitbake: fetch2: Add NODE_EXTRA_CA_CERTS to the list of exports

[George Kelly]

From: George Kelly <gkelly@phoenixcontact.com>

if you are behind a corporate proxy, the npm fetcher uses the proxy IP address already passed in the list of exports. However, it will error if the proxy injects its own root CA certificate. Thus, the NODE_EXTRA_CA_CERTS environment variable must be passed so the user can include their company's root CA as a trusted CA inside node's certificate store.

The following changes since commit 61c35514cfd27dda045735695f8960126e0704b5:

  testimage: Fix error message to reflect new syntax (2023-02-02 10:27:30 +0000)

are available in the Git repository at:

  ssh://git@push.yoctoproject.org/poky-contrib gkelly/node-ca-cert

George Kelly (1):
  bitbake: fetch2: Add NODE_EXTRA_CA_CERTS to the list of exports

 bitbake/lib/bb/fetch2/__init__.py | 1 +
 1 file changed, 1 insertion(+)

-- 
2.37.2

[PULL] [PATCH 1/1] bitbake: fetch2: Add NODE_EXTRA_CA_CERTS to the list of exports

[George Kelly]

From: George Kelly <gkelly@phoenixcontact.com>

if you are behind a corporate proxy, the npm fetcher uses the proxy IP address already passed in the list of exports. However, it will error if the proxy injects its own root CA certificate. Thus, the NODE_EXTRA_CA_CERTS environment variable must be passed so the user can include their company's root CA as a trusted CA inside node's certificate store.

Signed-off-by: George Kelly <george.kelly1097@gmail.com>
---
 bitbake/lib/bb/fetch2/__init__.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bitbake/lib/bb/fetch2/__init__.py b/bitbake/lib/bb/fetch2/__init__.py
index 5a7a6024d1..747356dfa1 100644
--- a/bitbake/lib/bb/fetch2/__init__.py
+++ b/bitbake/lib/bb/fetch2/__init__.py
@@ -851,6 +851,7 @@ FETCH_EXPORT_VARS = ['HOME', 'PATH',
                      'DBUS_SESSION_BUS_ADDRESS',
                      'P4CONFIG',
                      'SSL_CERT_FILE',
+                     'NODE_EXTRA_CA_CERTS',
                      'AWS_PROFILE',
                      'AWS_ACCESS_KEY_ID',
                      'AWS_SECRET_ACCESS_KEY',
-- 
2.37.2

Re: [poky] [PULL] [PATCH 1/1] bitbake: fetch2: Add NODE_EXTRA_CA_CERTS to the list of exports

[Alexandre Belloni]

Hello George,

Thanks for the patch, a few things to improve:

On 03/02/2023 15:29:43-0500, George Kelly wrote:
> From: George Kelly <gkelly@phoenixcontact.com>
> 
> if you are behind a corporate proxy, the npm fetcher uses the proxy IP address already passed in the list of exports. However, it will error if the proxy injects its own root CA certificate. Thus, the NODE_EXTRA_CA_CERTS environment variable must be passed so the user can include their company's root CA as a trusted CA inside node's certificate store.

This commit message should be wrapped

> 
> Signed-off-by: George Kelly <george.kelly1097@gmail.com>

The Author and SoB must match.

> ---
>  bitbake/lib/bb/fetch2/__init__.py | 1 +

This is a bitake patch, please base it on the bitbake git repository
(git.openembedded.org/bitbake).
Also, this should be sent to bitbake-devel@lists.openembedded.org

>  1 file changed, 1 insertion(+)
> 
> diff --git a/bitbake/lib/bb/fetch2/__init__.py b/bitbake/lib/bb/fetch2/__init__.py
> index 5a7a6024d1..747356dfa1 100644
> --- a/bitbake/lib/bb/fetch2/__init__.py
> +++ b/bitbake/lib/bb/fetch2/__init__.py
> @@ -851,6 +851,7 @@ FETCH_EXPORT_VARS = ['HOME', 'PATH',
>                       'DBUS_SESSION_BUS_ADDRESS',
>                       'P4CONFIG',
>                       'SSL_CERT_FILE',
> +                     'NODE_EXTRA_CA_CERTS',
>                       'AWS_PROFILE',
>                       'AWS_ACCESS_KEY_ID',
>                       'AWS_SECRET_ACCESS_KEY',
> -- 
> 2.37.2
> 

> 
> 
> 


-- 
Alexandre Belloni, co-owner and COO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com