nicolamarangoni commented on issue #25377: URL: https://github.com/apache/airflow/issues/25377#issuecomment-1199614854
Well, it was neither Alpine Linux nor Python 3.10.x. It was pip, but it is only a supposition. Here what happened... Some days ago I had to downgrade 2 providers because the new versions of them were buggy, hier the Dockerfile ``` ... RUN pip install --upgrade pip ... RUN pip install --ignore-installed apache-airflow-providers-postgres==5.0.0 RUN pip install --ignore-installed apache-airflow-providers-oracle==3.1.0 ... ``` Usually python uses the operating system location to load the ssl-certificates `/etc/ssl/certs/ca-certificates.crt,` where our company-certs are maintained by our kubernetes admin in theis base images (that we must use), however after the last builds python was using `/usr/lib/python3.10/site-packages/certifi/cacert.pem`, where our company-ssl-certs are missing. It turned out that the `--ignore-installed` option is guilty, at least in the latest version of pip. It is sufficient to have this option at least in a single pip command in any position in the install script, to make the python interpreter switch certs-file. After removing that option (anyway useless in my build), python and consequently airflow keep using the right certs-file and the SSL issue is gone. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
