Merge pull request 'feat: add fedora index files' (#3 ) from benvin/fedora_indexes into master

Reviewed-on: #3
feat: add fedora index files
2026-01-10 17:02:58 +11:00 · 2026-01-10 17:01:39 +11:00 · 2026-01-08 23:55:42 +11:00 · 2026-01-08 23:54:39 +11:00 · 2026-01-08 23:07:51 +11:00
2 changed files with 20 additions and 11 deletions
--- a/src/artifactapi/cache.py
+++ b/src/artifactapi/cache.py
@ -24,7 +24,7 @@ class RedisCache:
            or file_path.endswith("Packages.gz")
            or file_path.endswith("repomd.xml")
            or "repodata/" in file_path
-            and file_path.endswith((".xml", ".xml.gz", ".xml.bz2", ".xml.xz"))
+            and file_path.endswith((".xml", ".xml.gz", ".xml.bz2", ".xml.xz", ".xml.zck", ".xml.zst"))
        )

    def get_index_cache_key(self, remote_name: str, path: str) -> str:
--- a/src/artifactapi/storage.py
+++ b/src/artifactapi/storage.py
@ -22,16 +22,25 @@ class S3Storage:
        self.bucket = bucket
        self.secure = secure

-        self.client = boto3.client(
-            "s3",
-            endpoint_url=f"http{'s' if self.secure else ''}://{self.endpoint}",
-            aws_access_key_id=self.access_key,
-            aws_secret_access_key=self.secret_key,
-            config=Config(
-                request_checksum_calculation="when_required",
-                response_checksum_validation="when_required"
-            )
-        )
+        ca_bundle = os.environ.get('REQUESTS_CA_BUNDLE') or os.environ.get('SSL_CERT_FILE')
+        config_kwargs = {
+            "request_checksum_calculation": "when_required",
+            "response_checksum_validation": "when_required"
+        }
+        client_kwargs = {
+            "endpoint_url": f"http{'s' if self.secure else ''}://{self.endpoint}",
+            "aws_access_key_id": self.access_key,
+            "aws_secret_access_key": self.secret_key,
+            "config": Config(**config_kwargs)
+        }
+
+        if ca_bundle and os.path.exists(ca_bundle):
+            client_kwargs["verify"] = ca_bundle
+            print(f"Debug: Using CA bundle: {ca_bundle}")
+        else:
+            print(f"Debug: No CA bundle found. REQUESTS_CA_BUNDLE={os.environ.get('REQUESTS_CA_BUNDLE')}, SSL_CERT_FILE={os.environ.get('SSL_CERT_FILE')}")
+
+        self.client = boto3.client("s3", **client_kwargs)

        # Try to ensure bucket exists, but don't fail if MinIO isn't ready yet
        try:
Author	SHA1	Message	Date
Ben Vincent	f40675f3d2	Merge pull request 'feat: add fedora index files' (#3 ) from benvin/fedora_indexes into master Reviewed-on: #3	2026-01-10 17:02:58 +11:00
Ben Vincent	b54e6c3e0c	feat: add fedora index files - ensure files matching xml.zck and xml.zst are marked as index files	2026-01-10 17:01:39 +11:00
Ben Vincent	79a8553e9c	Merge pull request 'Fix S3 SSL certificate validation and boto3 checksum compatibility' (#2 ) from benvin/boto3_fixes into master Reviewed-on: #2	2026-01-08 23:55:42 +11:00
Ben Vincent	b7205e09a3	Fix S3 SSL certificate validation and boto3 checksum compatibility - Add support for custom CA bundle via REQUESTS_CA_BUNDLE/SSL_CERT_FILE environment variables - Configure boto3 client with custom SSL verification to support Ceph RadosGW through nginx proxy - Maintain boto3 checksum validation configuration for compatibility with third-party S3 providers - Resolves XAmzContentSHA256Mismatch errors when connecting to RadosGW endpoints Fixes #4400 compatibility issue with boto3 v1.36+ stricter checksum validation	2026-01-08 23:54:39 +11:00
Ben Vincent	1fb6b89a5f	Merge pull request 'Fix boto3 XAmzContentSHA256Mismatch errors with Ceph RadosGW' (#1 ) from fix/boto3-checksum-validation into master Reviewed-on: #1	2026-01-08 23:07:51 +11:00