Skip to content

fix: Set SystemLink Server certificate path in JupyterHttpConfiguration, on Windows#222

Merged
AlexDanDuna merged 16 commits into
1.6.xfrom
add-certificate-path-for-sls-notebooks-in-jupyterhttpconfiguration
Jul 15, 2026
Merged

fix: Set SystemLink Server certificate path in JupyterHttpConfiguration, on Windows#222
AlexDanDuna merged 16 commits into
1.6.xfrom
add-certificate-path-for-sls-notebooks-in-jupyterhttpconfiguration

Conversation

@AlexDanDuna

@AlexDanDuna AlexDanDuna commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

What does this Pull Request accomplish?

SystemLink Server 26Q3 restricts notebook executions (by default). Access to the HttpConfigurations folder is
no longer granted for notebooks running under the JupyterHub/NotebookExecution services. Since config files under
HttpConfigurations are no longer readable, creating client objects from this library, from SLS notebooks,
will default to using JupyterHttpConfiguration. However, this does not set a cert_path, so HTTPS
requests will fail.

When running SystemLink Server notebooks (Windows), we will therefore pass the Web Server CA certificate's path as the
cert_path, if the file exists. This will allow clients created with the default configuration to use this CA certificate.
If the file does not exist (when the Web Server is configured in HTTP mode), do not pass it; an invalid cert_path
will lead to errors.

Tracked under:
https://dev.azure.com/ni/DevCentral/_workitems/edit/3961101
and
https://dev.azure.com/ni/DevCentral/_queries/edit/3944027

Why should this Pull Request be merged?

It will allow customers whose notebooks use this library and break after upgrading to SLS 26Q3, to quickly fix them up by having an Administrator bump the library to the patched version that we'll release once this PR is merged.

What testing has been done?

Manual testing in a SLS instance. Verified that this snippet
from nisystemlink.clients.tag import TagManager tag_manager = TagManager() tag_manager.open("tagname")
yields no certificate errors when:

  • Web Server is configured in HTTP mode (no certificate exists under Certificates/http-server)
  • Web Server is configured in HTTPS mode, with a self-signed certificate (certificate exists).

@AlexDanDuna AlexDanDuna changed the title Add certificate path for sls notebooks in jupyterhttpconfiguration fix: Add certificate path for SystemLink Server notebooks, in JupyterHttpConfiguration Jul 15, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates JupyterHttpConfiguration so that SystemLink Server notebooks on Windows can automatically use the SystemLink web server certificate (when present) as cert_path, avoiding HTTPS failures when the default HttpConfigurations directory is not readable in SLS 26Q3 notebook execution contexts.

Changes:

  • Add Windows-only logic in JupyterHttpConfiguration to pass the Skyline web server certificate path as cert_path when the certificate file exists.
  • Add unit tests covering Windows vs. Linux behavior and certificate-present vs. certificate-missing scenarios.
  • Remove a session-level Pydantic validation fixture from conftest.py (appears unrelated to the PR’s stated purpose).

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File Description
nisystemlink/clients/core/_jupyter_http_configuration.py Adds conditional certificate path handling for Windows notebook executions.
tests/core/test_jupyter_http_configuration.py Adds tests validating cert_path behavior across OS/cert-existence permutations.
conftest.py Removes an autouse Pydantic fixture affecting JSON model validation across the test suite.
Comments suppressed due to low confidence (1)

conftest.py:86

  • This PR removes the session-level pydantic_forbid_extra_fields autouse fixture, which changes JSON model validation behavior across the entire test suite (and makes the existing JsonModel/Extra imports unused). Since this behavior change is unrelated to the certificate-path fix, it likely should not be part of this PR.
    if uri and api_key:
        return core.HttpConfiguration(uri, api_key)
    else:
        pytest.skip("--enterprise-uri or --enterprise-api-key setting not found")


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread nisystemlink/clients/core/_jupyter_http_configuration.py
Comment thread tests/core/test_jupyter_http_configuration.py Outdated
Comment thread nisystemlink/clients/core/_jupyter_http_configuration.py Outdated
Comment thread tests/core/test_jupyter_http_configuration.py Outdated
@AlexDanDuna AlexDanDuna changed the title fix: Add certificate path for SystemLink Server notebooks, in JupyterHttpConfiguration fix: Set SystemLink Server certificate path in JupyterHttpConfiguration, on Windows Jul 15, 2026
@AlexDanDuna
AlexDanDuna merged commit 266859e into 1.6.x Jul 15, 2026
8 checks passed
@AlexDanDuna
AlexDanDuna deleted the add-certificate-path-for-sls-notebooks-in-jupyterhttpconfiguration branch July 15, 2026 21:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants