You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Traceback (most recent call last):
File "/home/dlovison/miniconda3/envs/pipe-presentation/bin/pip", line 11, in <module>
sys.exit(main())
^^^^^^
File "/home/dlovison/miniconda3/envs/pipe-presentation/lib/python3.11/site-packages/pip/_internal/cli/main.py", line 79, in main
return command.main(cmd_args)
^^^^^^^^^^^^^^^^^^^^^^
File "/home/dlovison/miniconda3/envs/pipe-presentation/lib/python3.11/site-packages/pip/_internal/cli/base_command.py", line 101, in main
return self._main(args)
^^^^^^^^^^^^^^^^
File "/home/dlovison/miniconda3/envs/pipe-presentation/lib/python3.11/site-packages/pip/_internal/cli/base_command.py", line 236, in _main
self.handle_pip_version_check(options)
File "/home/dlovison/miniconda3/envs/pipe-presentation/lib/python3.11/site-packages/pip/_internal/cli/req_command.py", line 177, in handle_pip_version_check
session = self._build_session(
^^^^^^^^^^^^^^^^^^^^
File "/home/dlovison/miniconda3/envs/pipe-presentation/lib/python3.11/site-packages/pip/_internal/cli/req_command.py", line 122, in _build_session
session = PipSession(
^^^^^^^^^^^
File "/home/dlovison/miniconda3/envs/pipe-presentation/lib/python3.11/site-packages/pip/_internal/network/session.py", line 398, in __init__
self.add_trusted_host(host, suppress_logging=True)
File "/home/dlovison/miniconda3/envs/pipe-presentation/lib/python3.11/site-packages/pip/_internal/network/session.py", line 422, in add_trusted_host
parsed_host, parsed_port = parse_netloc(host)
^^^^^^^^^^^^^^^^^^
File "/home/dlovison/miniconda3/envs/pipe-presentation/lib/python3.11/site-packages/pip/_internal/utils/misc.py", line 475, in parse_netloc
parsed = urllib.parse.urlparse(url)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/dlovison/miniconda3/envs/pipe-presentation/lib/python3.11/urllib/parse.py", line 395, in urlparse
splitresult = urlsplit(url, scheme, allow_fragments)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/dlovison/miniconda3/envs/pipe-presentation/lib/python3.11/urllib/parse.py", line 497, in urlsplit
raise ValueError("Invalid IPv6 URL")
ValueError: Invalid IPv6 URL
Materials and Reference
NA
Impacted by this bug? Give it a 👍.
The text was updated successfully, but these errors were encountered:
As we can see in the documentation for pip_index_url , in addition of configuring the indices, the compiler by default set each index as a --trusted-host.
--trusted-host <hostname> Mark this host or host:port pair as trusted, even though it does
not have valid or any HTTPS.
In my opinion, this is a bad practice that could lead into a Man in the Middle attacks
One way to handle this could be to prevent the compiler to automatically set trusted hosts and add a new pip_trusted_hosts parameter in kfp.dsl.component
Environment
kfp 2.7.0
NA
NA
Steps to reproduce
Create a pipeline with
@dsl.component(packages_to_install=['pandas'], pip_index_urls=['https://my-host.com:8433/foo/bar'])
Expected result
A pip command like:
pip install --index-url https://my-host.com:8433/foo/bar --trusted-host my-host.com --no-cache-dir 'pandas'
Actual result
Materials and Reference
NA
Impacted by this bug? Give it a 👍.
The text was updated successfully, but these errors were encountered: