Could not find a suitable TLS CA certificate bundle, when installing dependencies

I am on the latest Poetry version.
I have searched the issues of this repo and believe that this is not a duplicate.
If an exception occurs when executing a command, I executed it again in debug mode (-vvv option).

OS version and name: Docker Image python:3.10
Poetry version: 1.1.14
Link of a Gist with the contents of your pyproject.toml file: pyproject.toml

Issue

Encountering an error when building in docker image with poetry config virtualenvs.create false

#0 3.253    1  /usr/local/lib/python3.10/site-packages/requests/adapters.py:460 in send
#0 3.253
#0 3.253   OSError
#0 3.253
#0 3.253   Could not find a suitable TLS CA certificate bundle, invalid path: /usr/local/lib/python3.10/site-packages/certifi/cacert.pem
#0 3.253
#0 3.253   at /usr/local/lib/python3.10/site-packages/requests/adapters.py:263 in cert_verify

~~Though downgrading to 1.1.13 fixes the problem.~~

~~Looks like similar with #4414 at first glance~~

EDIT: This is related to #1889, when using --no-dev flag in poetry install and virtualenvs.create false it uninstalls some unneeded dependencies which causes certifi to be uninstalled in the system before poetry installs the main dependencies, causing the missing ca cert errors.

The easiest workaround is to poetry add certifi so that the --no-dev flag will not uninstall it.

Issue Analytics

State:
Created a year ago
Reactions:4
Comments:13 (6 by maintainers)

Top GitHub Comments

5reactions

jezenielcommented, Jul 9, 2022

I think I saw what is causing the issue. It is related to #1889. When virtualenvs.create is false, and I ran poetry install with --no-dev flag, it is uninstalling the subdependencies of my dev dependencies in this case certifi.

Adding certifi as my dependency fixes the problem. And as per #1889 last comment this behavior will change in 1.2, I will update this issue, and let me know if my assumption is right so I can close this issue now @dimbleby. Thanks!

0reactions

neersightedcommented, Sep 29, 2022

The recommended install methods are always the same, regardless of containerization. If you install your project and Poetry into the same environment (system or virtual), Poetry will happily break itself as you are asking it to install/manipulate packages that Poetry itself depends on.

You should review the install methods (in particular, the CI recs: https://python-poetry.org/docs/#ci-recommendations) and pick one. All of them will install Poetry into a virtual environment to keep from ‘corrupting’ it by mixing your project in.

Virtual environments are still very useful (and near mandatory, depending) in containers for your project as well. Depending on your base image, you may have Python code mixed in to your Poetry environment than can either cause unexpected behavior or cause Poetry to be unable to install. Isolating the choices of your Python distributor from your application is another important feature of virtual environments, and not one to be discounted (see #6398).