I'm getting insecure platform and sni missing warnings while running pip install. I've been trying to follow the instructions suggested in the error messages below without luck:
https://urllib3.readthedocs.io/en/latest/security.html#insecureplatformwarning https://urllib3.readthedocs.io/en/latest/security.html#snimissingwarning https://urllib3.readthedocs.io/en/latest/user-guide.html#ssl-py2
I wrote up a small Vagrant file & Chef cookbook to demonstrate the issue and maybe get some help. The warnings show up before every install of a pip package. I've also tried various combos of pip install options and varying the version pip (8.1.2 vs 9.0.1). Any help appreciated.
Public GitHub Repo containing the code below: https://github.com/marc-swingler/urllib_issue
Requirements: Vagrant and VirtualBox
To Run: vagrant up
UPDATE:: Found this thread https://github.com/pypa/pip/issues/4098
Turns out pip 9.0.1 doesn't play nice due to libs that come bundled with it. Also, install ndg-httpsclient rather than urllib3 and/or requests. The apt packages mentioned in the user-guide are not required, and no need to build from scratch, you can use wheels. Once ndg-httpsclient is installed the warnings go away and additional pip installs go smoothly. I also have a version of this where I bootstrap pip with the apt python-pip package that works. (I'll post it if anyone is interested.) Apt installs pip v1.5.4 initially. The script then updates to pip 8.1.2 and proceeds similarly to the code below. Just requires removing the "--disable-pip-version-check" option when upgrading pip.
Vagrantfile:
# -*- mode: ruby -*-
# vi: set ft=ruby :
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
config.vm.box = "ubuntu/trusty64"
config.vm.network "private_network", type: "dhcp"
config.ssh.shell = "bash -c 'BASH_ENV=/etc/profile exec bash'"
config.vm.provision "chef_solo" do |chef|
chef.add_recipe("foo")
end
config.vm.provider "virtualbox" do |v|
v.memory = 4096
end
end
cookbooks/foo/recipes/default.rb:
pip_installer_path = '/tmp/get-pip.py'
remote_file "download_pip_installer" do
path pip_installer_path
source 'https://bootstrap.pypa.io/get-pip.py'
owner 'root'
group 'root'
mode '0500'
not_if 'which pip'
end
execute 'bootstrap_pip' do
command "python #{pip_installer_path}"
not_if "which pip"
end
cookbook_file 'delete_pip_installer' do
path pip_installer_path
action :delete
end
pip_packages = {
'pip' => { 'version' => '8.1.2', 'extras' => nil },
'ndg-httpsclient' => { 'version' => '0.4.3', 'extras' => nil },
'botocore' => { 'version' => '1.7.18', 'extras' => nil },
'pystache' => { 'version' => '0.5.4', 'extras' => nil }
}
pip_packages.each do |package_name, package_info|
package_version = package_info['version']
package_extras = package_info['extras']
package_spec = package_name
unless package_extras.nil? or package_extras.length < 1
package_spec = package_spec + '['
package_extras.each do |package_extra|
package_spec = package_spec + package_extra + ','
end
package_spec[-1] = ']'
end
package_spec = package_spec + '==' + package_version
execute package_spec do
command "pip --disable-pip-version-check install -U #{package_spec}"
not_if "test #{package_version} = `pip --disable-pip-version-check list 2>/dev/null | sed -rn 's/^#{package_name} \\(([0-9.]+)\\)/\\1/p'`"
end
end
cookbooks/metadata.rb
name 'foo'
maintainer 'foo'
maintainer_email 'foo@foo.com'
license 'foo'
description 'foo'
long_description 'foo'
version '0.0.0'
As mentioned above I found a solution. https://github.com/marc-swingler/urllib_issue