Skip to content

feat(DATAGO-122217): Add ssl_verify config option for A2A proxy #838

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
gregmeldrum wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat(DATAGO-122217): Add ssl_verify config option for A2A proxy #838

gregmeldrum wants to merge 5 commits into from
+154 −5

Conversation

@gregmeldrum
Copy link
Collaborator

@gregmeldrum gregmeldrum commented Jan 19, 2026

What is the purpose of this change?

Add a boolean configuration option (ssl_verify) to disable SSL certificate verification for individual A2A proxied agents. This allows connecting to remote A2A agents using self-signed certificates in development/testing environments.

How was this change implemented?

  • config.py: Added ssl_verify field to A2AProxiedAgentConfig with default value True
  • component.py: Applied ssl_verify setting to httpx clients for both agent card fetching and task invocation
  • proxies.md: Added documentation section on SSL verification with security warnings
  • a2a_proxy_example.yaml: Added commented example showing ssl_verify: false usage

Key Design Decisions

  • Default is True (verify certificates) to maintain security by default
  • Setting applies to both agent card fetching and task invocations for consistency
  • Per-agent configuration allows mixed environments (some verified, some not)

How was this change tested?

  • Unit tests: Added 7 new tests in tests/unit/agent/proxies/a2a/test_config.py
  • Ruff linting: All checks pass
  • Manual testing: Not yet tested with actual self-signed certificate

Is there anything the reviewers should focus on/be aware of?

  • Security documentation warns users about the risks of disabling SSL verification
  • The setting only affects HTTPS connections; HTTP connections are unaffected

gregmeldrum and others added 5 commits January 19, 2026 15:13
@gregmeldrum @claude
feat(a2a-proxy): add ssl_verify config option for self-signed certifi…
104858e 
…cates

Add a boolean configuration option to disable SSL certificate verification
for individual A2A proxied agents. This allows connecting to remote A2A
agents using self-signed certificates in development/testing environments.

Changes:
- Add ssl_verify field to A2AProxiedAgentConfig (default: true)
- Apply ssl_verify to httpx clients for agent card fetching and task invocation
- Add documentation section on SSL verification with security warnings
- Add example configuration in a2a_proxy_example.yaml
- Add unit tests for the new configuration option

Co-Authored-By: Claude <[email protected]>
@gregmeldrum
Merge with main
8956a3d
@gregmeldrum
Fix merge with main
1ec0ee0
@gregmeldrum @claude
fix: Clean up test file formatting after merge
1d00a7a 
Remove duplicate docstring, add missing blank line between classes,
and add trailing newline to satisfy ruff linting.

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@gregmeldrum @claude
fix(DATAGO-122217): add warning log and fix code style
a9d62dc 
- Add warning log when SSL verification is disabled
- Fix missing blank lines between class definitions (PEP 8)

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@sonarqube-solacecloud
Copy link

sonarqube-solacecloud bot commented Feb 12, 2026

Quality Gate failed Quality Gate failed

Failed conditions
B Maintainability Rating on New Code (required ≥ A)

See analysis details on SonarQube

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE SonarQube for IDE

RohanSreelesh
RohanSreelesh approved these changes Feb 12, 2026
View reviewed changes
Copy link
Collaborator

@RohanSreelesh RohanSreelesh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LG

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@RohanSreelesh RohanSreelesh RohanSreelesh approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gregmeldrum @RohanSreelesh