remove claimed restriction about https proxy urls #25438

bparees · 2020-09-11T22:20:04Z

as far as i know this works (it's why we allow you to configure proxy CAs). https proxies do not work with builds for purposes of source retrieval, due to a limitation in the git version we use. That limitation will be going away in 4.6. It's possible that restriction is where this line came from, i'm not sure.

So maybe it's worth noting that restriction in the build docs explicitly, or we just let it go knowing that the problem is going away sooner than later anyway.

bparees · 2020-09-11T22:20:27Z

cc @adambkaplan @danehans @wking

bparees · 2020-09-11T22:22:59Z

@wking i left If this is not specified, then httpProxy is used for both HTTP and HTTPS connections. for now since it sounds like the CVO is going to be fixed to comply w/ this claim and i'm not aware of another component that isn't compliant, but i still don't feel great about it.

bparees · 2020-09-11T22:30:08Z

the actual proxy config validation explicitly allows http+https:
https://github.com/openshift/cluster-network-operator/blob/899cff815b2611100eee370cc8e0cdf9b736e1b9/pkg/controller/proxyconfig/validation.go#L53-L60

bparees · 2020-09-11T22:31:50Z

@openshift/team-documentation ptal

bobfuru · 2020-09-12T00:16:08Z

Cc: @bergerhoffer for review. It looks like this was content added in #16635 for OCP 4.2.

bergerhoffer · 2020-09-14T20:00:05Z

@bparees so are you saying that the text The URL scheme must be http; https is currently not supported. is true for 4.3-4.5, but that restriction is no longer true for 4.6+?

bergerhoffer · 2020-09-14T20:03:56Z

@danehans Can you confirm this as well? The request to add this note was here: #16635 (comment)

bparees · 2020-09-14T20:06:06Z

@bparees so are you saying that the text The URL scheme must be http; https is currently not supported. is true for 4.3-4.5, but that restriction is no longer true for 4.6+?

I don't think it was ever restricted, even 4.2 tolerates both:
https://github.com/openshift/cluster-network-operator/blob/release-4.2/pkg/controller/proxyconfig/validation.go#L55

danehans · 2020-09-22T19:13:24Z

@bergerhoffer I have no objections as long as https://issues.redhat.com/browse/BUILD-68 is completed.

bergerhoffer · 2020-09-22T19:14:20Z

Got ack from @danehans that it's okay to remove this, as long as there is a note about the lack of git clone support when using an https scheme. This is already noted as a known issue the release notes: "Git clone operations that go through an HTTPS proxy fail. Non-TLS (HTTP) proxies can be used successfully. (BZ#1750650)"

bergerhoffer

This LGTM

bergerhoffer · 2020-09-22T19:19:04Z

@gpei or @lihongan - can you please review this? Thanks!

gpei · 2020-09-23T01:14:15Z

The https proxy works well for installer side. @wzheng1 could you please help to provide an ack on this? Considering it's the restriction on BUILD.

wzheng1 · 2020-09-24T11:35:17Z

LGTM, thanks!

bparees · 2020-10-06T14:49:09Z

@bergerhoffer can we merge this?

jboxman · 2020-10-06T16:01:48Z

@bparees did I trip over this by accident?

#26084

Or is this unrelated to https://bugzilla.redhat.com/show_bug.cgi?id=1845929? I don't want to collide if my PR is superseded by this.

Thanks!

bparees · 2020-10-06T16:05:03Z

Or is this unrelated to https://bugzilla.redhat.com/show_bug.cgi?id=1845929?

unrelated.

bergerhoffer · 2020-10-06T16:13:33Z

@bparees Sorry missed the notification. Merging!

bergerhoffer · 2020-10-06T16:13:45Z

/cherrypick enterprise-4.6

bergerhoffer · 2020-10-06T16:13:49Z

/cherrypick enterprise-4.5

bergerhoffer · 2020-10-06T16:13:53Z

/cherrypick enterprise-4.4

openshift-cherrypick-robot · 2020-10-06T16:13:56Z

@bergerhoffer: new pull request created: #26157

Details

In response to this:

/cherrypick enterprise-4.6

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

bergerhoffer · 2020-10-06T16:13:57Z

/cherrypick enterprise-4.3

openshift-cherrypick-robot · 2020-10-06T16:14:00Z

@bergerhoffer: new pull request created: #26158

Details

In response to this:

/cherrypick enterprise-4.5

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

openshift-cherrypick-robot · 2020-10-06T16:14:04Z

@bergerhoffer: new pull request created: #26159

Details

In response to this:

/cherrypick enterprise-4.4

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

openshift-cherrypick-robot · 2020-10-06T16:14:09Z

@bergerhoffer: new pull request created: #26160

Details

In response to this:

/cherrypick enterprise-4.3

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

remove claimed restriction about https proxy urls

2577471

openshift-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Sep 11, 2020

openshift-ci-robot requested a review from vikram-redhat September 11, 2020 22:20

wking approved these changes Sep 11, 2020

View reviewed changes

bergerhoffer added branch/enterprise-4.3 branch/enterprise-4.4 branch/enterprise-4.5 branch/enterprise-4.6 peer-review-done Signifies that the peer review team has reviewed this PR labels Sep 22, 2020

bergerhoffer added this to the Next Release milestone Sep 22, 2020

bergerhoffer reviewed Sep 22, 2020

View reviewed changes

bergerhoffer merged commit 3d854ec into openshift:master Oct 6, 2020

openshift-cherrypick-robot mentioned this pull request Oct 6, 2020

[enterprise-4.6] remove claimed restriction about https proxy urls #26157

Merged

openshift-cherrypick-robot mentioned this pull request Oct 6, 2020

[enterprise-4.5] remove claimed restriction about https proxy urls #26158

Merged

This was referenced Oct 6, 2020

[enterprise-4.4] remove claimed restriction about https proxy urls #26159

Merged

[enterprise-4.3] remove claimed restriction about https proxy urls #26160

Merged

wking mentioned this pull request Oct 12, 2020

modules/*proxy*: httpsProxy supports https:// too #17716

Closed

remove claimed restriction about https proxy urls #25438

remove claimed restriction about https proxy urls #25438

Uh oh!

Conversation

bparees commented Sep 11, 2020

Uh oh!

bparees commented Sep 11, 2020

Uh oh!

bparees commented Sep 11, 2020

Uh oh!

bparees commented Sep 11, 2020

Uh oh!

bparees commented Sep 11, 2020

Uh oh!

bobfuru commented Sep 12, 2020

Uh oh!

bergerhoffer commented Sep 14, 2020

Uh oh!

bergerhoffer commented Sep 14, 2020

Uh oh!

bparees commented Sep 14, 2020

Uh oh!

danehans commented Sep 22, 2020

Uh oh!

bergerhoffer commented Sep 22, 2020

Uh oh!

bergerhoffer left a comment

Choose a reason for hiding this comment

Uh oh!

bergerhoffer commented Sep 22, 2020

Uh oh!

gpei commented Sep 23, 2020

Uh oh!

wzheng1 commented Sep 24, 2020

Uh oh!

bparees commented Oct 6, 2020

Uh oh!

jboxman commented Oct 6, 2020

Uh oh!

bparees commented Oct 6, 2020

Uh oh!

bergerhoffer commented Oct 6, 2020

Uh oh!

bergerhoffer commented Oct 6, 2020

Uh oh!

bergerhoffer commented Oct 6, 2020

Uh oh!

bergerhoffer commented Oct 6, 2020

Uh oh!

openshift-cherrypick-robot commented Oct 6, 2020

Uh oh!

bergerhoffer commented Oct 6, 2020

Uh oh!

openshift-cherrypick-robot commented Oct 6, 2020

Uh oh!

openshift-cherrypick-robot commented Oct 6, 2020

Uh oh!

openshift-cherrypick-robot commented Oct 6, 2020

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

10 participants