Proxy template URL not used for kickstart
Steps to reproduce:
1) Have a smart-proxy with templates feature
2) Set template_url to use http in /etc/smart-proxy/settings.d/templates.yml
3) Assign the proxy to a subnet as template proxy
4) Try to provision a host in subnet from step 3
The host tries to access the proxy over the https and fails because CA used to signed the proxy's certificate is not trusted
template_url is honored and provisioning doesn't fail
After observing the log, we noticed that the base url is trying to access the templateServer API on the wrong URL: https://<proxy>:8443/unattended*/unattended* while it should be https://<proxy>:8443/unattended
#1 Updated by Arend Lapere 7 months ago
- Triaged set to No
Could it be that you are running into this on 1.18-RC1/2/3?
I've investigated a bit, and seems this patch-set is the culprit:
This creates the Template class twice (and appends the "/unattended" string to the URL):
- Once initiated when retrieving Subnet.template_proxy
- This template_proxy is than passed to the second instantiation, done in foreman_url_rendered, which is needed to retrieve actual templateServer from the proxy.
To validate, I've removed the instance in app/models/subnet.rb:181 and simply returned the template variable, after this, all seems to behave as expected.
Although the latter is probably not the answer, as it seems to be more in line with the rest of the modules (e.g. DNS, BMC, ...).