Project

General

Profile

Actions

Bug #14939

closed

Synchronizing repositories that are published via HTTP and HTTPS should always default to the more secure method available.

Added by Justin Sherrill over 8 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Normal
Category:
Repositories
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1332037
Description of problem:
Synchronizing repositories that are published via HTTP and HTTPS should always default to the more secure method available.
After publishing a Content View with a repository that has both HTTP and HTTPS enabled, the capsule will attempt to synchronize over HTTP rather than HTTPS. Because HTTP is blocked between the Parent and the Capsule, the repository will not sync.

Version-Release number of selected component (if applicable):
Sat:
satellite-6.2.0-8.2.beta.el7sat.noarch
pulp-server-2.8.1.3-1.el7sat.noarch
tfm-rubygem-foreman-tasks-0.7.16-1.fm1_11.el7.noarch
Capsule:
satellite-capsule-6.2.0-8.2.beta.el7sat.noarch

How reproducible:
Everytime

Steps to Reproduce:
1 Sync RHEL7 Kickstart , RHEL 7 7Server and a custom channel

2. Assign Library to your capsule # hammer -u <user> -p <pass> capsule content add-lifecycle-environment \
--organization-id 1 --id 4 --environment-id 1
3. Make the capsule to sync the content # hammer -u <user> -p <pass> capsule content synchronize --id 4

Actual results:
Any repository that has HTTPS enabled will synchronize fine. Any repository that has both HTTP and HTTPS enabled will fail as pulp attempts to use HTTP (least secure)
May 01 09:36:40 <capsule name> pulp6243: requests.packages.urllib3.connectionpool:INFO: Starting new HTTP connection (3): <parent name>
May 01 09:36:40 <capsule name> pulp6245: requests.packages.urllib3.connectionpool:WARNING: Retrying (Retry(total=3, connect=3, read=5, redirect=None)) after connection broken by 'ConnectTimeoutError(<requests.packages.urllib3.connection.HTTPConnection object at 0x452e9d0>, 'Connection to <parent name> timed out. (connect timeout=6.05)')': /pulp/repos/Enterprise_Unix_Engineering/LAB/eue-7-server-x86_64/content/dist/rhel/server/7/7.2/x86_64/kickstart
May 01 09:36:40 <capsule name> pulp6245: requests.packages.urllib3.connectionpool:INFO: Starting new HTTP connection (3): <parent name>
May 01 09:36:50 <capsule name> pulp6245: requests.packages.urllib3.connectionpool:WARNING: Retrying (Retry(total=2, connect=2, read=5, redirect=None)) after connection broken by 'ConnectTimeoutError(<requests.packages.urllib3.connection.HTTPConnection object at 0x452e750>, 'Connection to <parent name> timed out. (connect timeout=6.05)')': /pulp/repos/Enterprise_Unix_Engineering/LAB/eue-7-server-x86_64/content/dist/rhel/server/7/7.2/x86_64/kickstart
May 01 09:36:50 <capsule name> pulp6245: requests.packages.urllib3.connectionpool:INFO: Starting new HTTP connection (4): <parent name>
May 01 09:36:50 <capsule name> pulp6243: requests.packages.urllib3.connectionpool:WARNING: Retrying (Retry(total=2, connect=2, read=5, redirect=None)) after connection broken by 'ConnectTimeoutError(<requests.packages.urllib3.connection.HTTPConnection object at 0x4fd2810>, 'Connection to <parent name> timed out. (connect timeout=6.05)')': /pulp/repos/Enterprise_Unix_Engineering/LAB/eue-7-server-x86_64-cv/content/dist/rhel/server/7/7.2/x86_64/kickstart

Expected results:
All repositories that have 'Publish via HTTPS' and 'Publish via HTTP' should default to HTTPS.

Additional info:

Actions #1

Updated by The Foreman Bot over 8 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Justin Sherrill
  • Pull request https://github.com/Katello/katello/pull/6018 added
Actions #2

Updated by Justin Sherrill over 8 years ago

  • Translation missing: en.field_release set to 144
Actions #3

Updated by Justin Sherrill over 8 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions #4

Updated by Eric Helms over 8 years ago

  • Translation missing: en.field_release changed from 144 to 86
Actions

Also available in: Atom PDF