Fix InsecureRequestWarning for VmwareRestClient based modules (ansibl…

…e-collections#1969) Fix InsecureRequestWarning SUMMARY It looks like we're sometimes running into an InsecureRequestWarning. ISSUE TYPE Bugfix Pull Request COMPONENT NAME plugins/module_utils/vmware_rest_client.py ADDITIONAL INFORMATION Vmware ssl certs (works in one module, not the other!)
mariolenz · Jan 18, 2024 · c954b2f · c954b2f
1 parent 478be64
commit c954b2f
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 1 deletion.
diff --git a/changelogs/fragments/1969-InsecureRequestWarning.yml b/changelogs/fragments/1969-InsecureRequestWarning.yml
@@ -0,0 +1,3 @@
+bugfixes:
+  - Fix InsecureRequestWarning for modules based on the VmwareRestClient module util when setting ``validate_certs`` to ``False``
+    (https://github.com/ansible-collections/community.vmware/pull/1969).
diff --git a/plugins/module_utils/vmware_rest_client.py b/plugins/module_utils/vmware_rest_client.py
@@ -44,6 +44,16 @@
     VSPHERE_IMP_ERR = traceback.format_exc()
     HAS_VSPHERE = False
 
+try:
+    from requests.packages import urllib3
+    HAS_URLLIB3 = True
+except ImportError:
+    try:
+        import urllib3
+        HAS_URLLIB3 = True
+    except ImportError:
+        HAS_URLLIB3 = False
+
 from ansible.module_utils.basic import env_fallback, missing_required_lib
 from ansible.module_utils._text import to_native
 
@@ -131,13 +141,17 @@ def connect_to_vsphere_client(self):
         username = self.params.get('username')
         password = self.params.get('password')
         hostname = self.params.get('hostname')
+        validate_certs = self.params.get('validate_certs')
         port = self.params.get('port')
         session = requests.Session()
-        session.verify = self.params.get('validate_certs')
+        session.verify = validate_certs
         protocol = self.params.get('protocol')
         proxy_host = self.params.get('proxy_host')
         proxy_port = self.params.get('proxy_port')
 
+        if validate_certs is False:
+            if HAS_URLLIB3:
+                urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
         if all([protocol, proxy_host, proxy_port]):
             proxies = {protocol: "{0}://{1}:{2}".format(protocol, proxy_host, proxy_port)}
             session.proxies.update(proxies)