In the middle of functionality testing I found there are bad strings for the new setting:
HTTP(S) proxy Sets a proxy for all outgoing HTTP connections.
HTTP(S) proxy except hosts Set hostnames to which requests are not to be proxied
HTTP(S) Capsule Sets a Capsule for all outgoing HTTP connections.
HTTP(S) Capsule except hosts Set hostnames to which requests are not to be proxied
>>> in downstream http proxy should still read the same "http proxy" instead of wrong "http capsule"
Upstream bug assigned to email@example.com
The bad strings is the different component therefore I filed BZ 1584698 against Branding and switching this BZ back to ONQA.
by the following reproducer/testing:
1) Set setting "HTTP(S) proxy" to authed proxy
2) Create docker registry and see traffic hitting proxy
3) Set setting "HTTP(S) proxy" to unauthed proxy
4) Create docker registry and see traffic hitting unauthed proxy
5) Set setting "HTTP(S) proxy" to non-existing proxy
6) Try to create docker registry and see it failed
(x) Unable to save
Unable to log in to this Docker Registry - Proxied request failed with: getaddrinfo: Name or service not known (SocketError)
7) Check all other stuff is also using proxy (tries to use nonexisting proxy) since this is general http-proxy RFE (ie. not only registries)
Proxied request failed with: getaddrinfo: Name or service not known (SocketError)
Oops, we're sorry but something went wrong Failed to open TCP connection ...
>>> http-proxy is used for all requests
But even for candlepin/katello !!! (ultimate breakage) and even if you set valid proxy since request for candlepin (8443/tcp) cannot be proxied and are refused. Any katello page is throwing "403 Forbidden"
Unless you specify Satellite FQDN in "HTTP(S) proxy except hosts" which is really really tricky and wouldn't be obvoius to many CUs.
Filing new BZ 1585076 with this issue (as discussed with Dev and his Manager)
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.