Description of problem: Clients using insighgts-client connected to Sat6.7 are fialing with sever error 500. The redhat_access plugin does not use the proxy anymore after the sat6.6 to 6.7 upgrade. Grepping the source reveals the problem, the redhat-access plugin uses still the obsolete katello.cdn_proxy setting that is removed. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Disable Internet, and force proxy for Satellite 2. Run insights-client for a hosta connected to satellite 3. Actual results: Failure to checking to cloud.redhat.com Expected results: Success Additional info: Please make sure there are all system tests that are also execute on a system that is 100% isolated and a http proxy. This is standard Setup for entreprises and the insights proxying a critical functionality if RedHat wants to push cloud.redhat.com SaaS solutions.
Based on the code in cdn.rb i created a patch to the new content proxy value. ------------- --- redhat_access-2.2.11/app/services/redhat_access/telemetry/look_ups.rb.200420-1 2020-02-27 16:35:40.000000000 +0000 +++ redhat_access-2.2.11/app/services/redhat_access/telemetry/look_ups.rb 2020-04-20 13:55:50.796387157 +0000 @@ -201,19 +201,8 @@ end def get_portal_http_proxy - proxy = nil - if SETTINGS[:katello][:cdn_proxy] && SETTINGS[:katello][:cdn_proxy][:host] - proxy_config = SETTINGS[:katello][:cdn_proxy] - scheme = URI.parse(proxy_config[:host]).scheme - uri = URI('') - # Ruby's uri parser doesn't handle encoded characters so Katello added two new schemes to handle proxy - # passwords. See https://github.com/Katello/katello/blob/master/app/lib/katello/util/proxy_uri.rb - uri.scheme = 'proxy' if scheme == 'http' - uri.scheme = 'proxys' if scheme == 'https' - uri.host = URI.parse(proxy_config[:host]).host - uri.port = proxy_config[:port] if proxy_config[:port] - uri.user = CGI.escape(proxy_config[:user]) if proxy_config[:user] - uri.password = CGI.escape(proxy_config[:password]) if proxy_config[:password] + if (proxy = ::HttpProxy.default_global_content_proxy) + uri = URI(proxy.url) proxy = uri.to_s end proxy -------------
Bryan, Can you please have a look at this. The insights-client proxying through satellite, that is normally behind a http-proxy, is a mandatory step to upload data to cloud.redhat.com. I checked the github iof the plugin at https://github.com/redhataccess/foreman-plugin/blob/e098d28d60c66d78254ef10f6ff50b0a4e02f952/redhat-access/app/services/redhat_access/telemetry/look_ups.rb but that is also lacking the update for the new proxy setting Peter
Thanks Peter, I sent it along to Shim to take a look at it. I appreciate the patch.
Wanted to confirm that the proposed patch makes logical sense given the changes in 6.7
Careful with the proposed patch - please don't UNDO the fix for proxy passwords with special characters...
(In reply to Rex White from comment #11) > Careful with the proposed patch - please don't UNDO the fix for proxy > passwords with special characters... It appears in the WebUI its already broken on 6.7.0 Won't accept a password with an @ symbol. Works fine from the command line though # hammer http-proxy create --name test123 --url <url> --username=<username> --password=<password with an @ in it> Http proxy created.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: Satellite 6.8 release), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:4366