diff --git a/python/arcticdb/adapters/azure_library_adapter.py b/python/arcticdb/adapters/azure_library_adapter.py index d49a22955f..62ad78fb35 100644 --- a/python/arcticdb/adapters/azure_library_adapter.py +++ b/python/arcticdb/adapters/azure_library_adapter.py @@ -8,6 +8,7 @@ import re import time from typing import Optional +import platform from arcticdb.options import LibraryOptions from arcticc.pb2.storage_pb2 import EnvironmentConfigsMap, LibraryConfig @@ -54,6 +55,8 @@ def __init__(self, uri: str, encoding_version: EncodingVersion, *args, **kwargs) ] ) self._container = self._query_params.Container + if platform.system() == "Windows" and self._query_params.CA_cert_path: + raise ValueError(f"CA_cert_path cannot be set on Windows platform") self._ca_cert_path = self._query_params.CA_cert_path self._encoding_version = encoding_version diff --git a/python/arcticdb/arctic.py b/python/arcticdb/arctic.py index 0b8ea05d2f..457b950441 100644 --- a/python/arcticdb/arctic.py +++ b/python/arcticdb/arctic.py @@ -90,7 +90,7 @@ def __init__(self, uri: str, encoding_version: EncodingVersion = DEFAULT_ENCODIN +---------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Path_prefix | Path within Azure container to use for data storage | +---------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | CA_cert_path | Azure CA certificate path. If not set, default path will be used. | + | CA_cert_path | (Non-Windows platform only) Azure CA certificate path. If not set, default path will be used. | | | Note: For Linux distribution, default path is set to `/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem`. | | | If the certificate cannot be found in the provided path, an Azure exception with no meaningful error code will be thrown. | | | For more details, please see https://github.com/Azure/azure-sdk-for-cpp/issues/4738. | @@ -103,10 +103,11 @@ def __init__(self, uri: str, encoding_version: EncodingVersion = DEFAULT_ENCODIN | | "/etc/pki/tls/cacert.pem" OpenELEC | | | "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem" CentOS/RHEL 7 | | | "/etc/ssl/cert.pem" Alpine Linux | - | | WARNING for WINDOWS USER: Not leaving this empty will switch the backend support of Azure SDK from winhttp to libcurl. If ca cert path is needed to be | - | | specified, set it in Windows setting so winhttp will be used still | +---------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------+ + For Windows user, `CA_cert_path` cannot be set. Please set CA certificate related option on Windows setting. + For details, you may refer to https://learn.microsoft.com/en-us/skype-sdk/sdn/articles/installing-the-trusted-root-certificate + Exception: Azure exceptions message always ends with `{AZURE_SDK_HTTP_STATUS_CODE}:{AZURE_SDK_REASON_PHRASE}`. Please refer to https://github.com/Azure/azure-sdk-for-cpp/blob/24ed290815d8f9dbcd758a60fdc5b6b9205f74e0/sdk/core/azure-core/inc/azure/core/http/http_status_code.hpp for @@ -127,7 +128,7 @@ def __init__(self, uri: str, encoding_version: EncodingVersion = DEFAULT_ENCODIN +---------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Option | Description | +===========================+===============================================================================================================================================================+ - | map_size | LMDB map size (see http://www.lmdb.tech/doc/group__mdb.html#gaa2506ec8dab3d969b0e609cd82e619e5). String. Supported formats are: | | + | map_size | LMDB map size (see http://www.lmdb.tech/doc/group__mdb.html#gaa2506ec8dab3d969b0e609cd82e619e5). String. Supported formats are: | | | | | | "150MB" / "20GB" / "3TB" | | | | diff --git a/python/tests/conftest.py b/python/tests/conftest.py index 10609af17e..0c36e20781 100644 --- a/python/tests/conftest.py +++ b/python/tests/conftest.py @@ -100,7 +100,7 @@ def azure_client_and_create_container(azurite_container, azurite_azure_uri): return client -@pytest.fixture(scope="function") +@pytest.fixture def azure_account_sas_token(azure_client_and_create_container, azurite_azure_test_connection_setting): start_time = datetime.now(timezone.utc) expiry_time = start_time + timedelta(days=1) @@ -109,8 +109,12 @@ def azure_account_sas_token(azure_client_and_create_container, azurite_azure_tes sas_token = generate_account_sas( account_key=credential_key, account_name=credential_name, - resource_types=ResourceTypes.from_string("sco"), - permission=AccountSasPermissions.from_string("rwdlacup"), + resource_types=ResourceTypes.from_string( + "sco" + ), # Each letter stands for one kind of resources; https://github.com/Azure/azure-sdk-for-python/blob/70ace4351ff78c3fe5a6f579132fc30d305fd3c9/sdk/tables/azure-data-tables/azure/data/tables/_models.py#L585 + permission=AccountSasPermissions.from_string( + "rwdlacup" + ), # Each letter stands for one kind of permission; https://github.com/Azure/azure-sdk-for-python/blob/70ace4351ff78c3fe5a6f579132fc30d305fd3c9/sdk/tables/azure-data-tables/azure/data/tables/_models.py#L656 expiry=expiry_time, start=start_time, )