Project

General

Profile

Bug #23291

Proxy template URL not used for kickstart

Added by Adam Ruzicka 7 months ago. Updated 25 days ago.

Status:
Closed
Priority:
High
Assignee:
Category:
Templates
Target version:
-

Description

Steps to reproduce:
1) Have a smart-proxy with templates feature
2) Set template_url to use http in /etc/smart-proxy/settings.d/templates.yml
3) Assign the proxy to a subnet as template proxy
4) Try to provision a host in subnet from step 3

Actual result:
The host tries to access the proxy over the https and fails because CA used to signed the proxy's certificate is not trusted

Expected result:
template_url is honored and provisioning doesn't fail

After observing the log, we noticed that the base url is trying to access the templateServer API on the wrong URL: https://<proxy>:8443/unattended*/unattended* while it should be https://<proxy>:8443/unattended


Related issues

Has duplicate Foreman - Bug #24787: Templates subnet association renders to Capsule URL and not template_urlDuplicate

Associated revisions

Revision bfca460d (diff)
Added by Arend Lapere 4 months ago

fixes #23291 - fixes double appending of /unattended to proxy url

History

#1 Updated by Arend Lapere 4 months ago

  • Triaged set to No

Hello,

Could it be that you are running into this on 1.18-RC1/2/3?

I've investigated a bit, and seems this patch-set is the culprit:
https://github.com/theforeman/foreman/commit/009e7bbd29f31c3750a8be47b4aecf5278c0db95#diff-1b99c484fd9f41096d5029e5b20d6165

This creates the Template class twice (and appends the "/unattended" string to the URL):
- Once initiated when retrieving Subnet.template_proxy
- This template_proxy is than passed to the second instantiation, done in foreman_url_rendered, which is needed to retrieve actual templateServer from the proxy.

To validate, I've removed the instance in app/models/subnet.rb:181 and simply returned the template variable, after this, all seems to behave as expected.

Although the latter is probably not the answer, as it seems to be more in line with the rest of the modules (e.g. DNS, BMC, ...).

#2 Updated by Arend Lapere 4 months ago

  • Found in Releases 1.18.0-RC1, 1.18.0-RC2, 1.18.0-RC3 added

#3 Updated by Arend Lapere 4 months ago

  • Priority changed from Normal to High
  • Description updated (diff)

#4 Updated by Arend Lapere 4 months ago

I've found a qualitative fix for this issue, I'm writing a test to make sure this one never comes back on our plate.

#5 Updated by Arend Lapere 4 months ago

  • Assignee set to Aaron Stone
  • Pull request https://github.com/theforeman/foreman/pull/5822 added

#6 Updated by Arend Lapere 4 months ago

  • Assignee deleted (Aaron Stone)

#7 Updated by The Foreman Bot 4 months ago

  • Status changed from New to Ready For Testing

#8 Updated by Anonymous 4 months ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed

#9 Updated by Marek Hulán 4 months ago

  • Target version set to 1.20.0
  • Fixed in Releases 1.20.0 added

#10 Updated by The Foreman Bot 4 months ago

  • Pull request https://github.com/theforeman/foreman/pull/5852 added

#11 Updated by The Foreman Bot 4 months ago

  • Pull request https://github.com/theforeman/foreman/pull/5853 added

#12 Updated by Arend Lapere 4 months ago

  • Fixed in Releases 1.18.1, 1.19.0-RC1 added

#13 Updated by Tomer Brisker 4 months ago

  • Assignee set to Arend Lapere

#14 Updated by Tomer Brisker 4 months ago

  • Fixed in Releases 1.19.0 added
  • Fixed in Releases deleted (1.19.0-RC1)

#15 Updated by Tomer Brisker 4 months ago

  • Category set to Templates

#16 Updated by Greg Sutcliffe 3 months ago

  • Fixed in Releases deleted (1.20.0)

#17 Updated by Lukas Zapletal 3 months ago

  • Bugzilla link set to 1624072

#18 Updated by Tomer Brisker about 1 month ago

  • Has duplicate Bug #24787: Templates subnet association renders to Capsule URL and not template_url added

#19 Updated by Tomer Brisker 25 days ago

  • Target version deleted (1.20.0)

Also available in: Atom PDF