Check proxy env vars
If a user is using http_proxy or https_proxy but is not excluding localhost from being proxied via the no_proxy var it can lead to a failure when we try and talk to the heat api. This change adds a check that is used for both the standalone tripleo deploy command and the undercloud install to ensure the end user does not hit this condition. Change-Id: I507d81278097bc3b5e23d53ae35aa26657541bfc Closes-Bug: #1815814
This commit is contained in:
parent
03df1ffe75
commit
281e019676
|
@ -1259,3 +1259,46 @@ class TestCheckHostname(TestCase):
|
|||
def test_hostname_short_fail(self, mock_run):
|
||||
mock_run.side_effect = ['host', 'host']
|
||||
self.assertRaises(RuntimeError, utils.check_hostname)
|
||||
|
||||
|
||||
class TestCheckEnvForProxy(TestCase):
|
||||
def test_no_proxy(self):
|
||||
utils.check_env_for_proxy()
|
||||
|
||||
@mock.patch.dict(os.environ,
|
||||
{'http_proxy': 'foo:1111',
|
||||
'no_proxy': 'foo'})
|
||||
def test_http_proxy_ok(self):
|
||||
utils.check_env_for_proxy(['foo'])
|
||||
|
||||
@mock.patch.dict(os.environ,
|
||||
{'https_proxy': 'bar:1111',
|
||||
'no_proxy': 'foo,bar'})
|
||||
def test_https_proxy_ok(self):
|
||||
utils.check_env_for_proxy(['foo', 'bar'])
|
||||
|
||||
@mock.patch.dict(os.environ,
|
||||
{'http_proxy': 'foo:1111',
|
||||
'https_proxy': 'bar:1111',
|
||||
'no_proxy': 'foobar'})
|
||||
def test_proxy_fail(self):
|
||||
self.assertRaises(RuntimeError,
|
||||
utils.check_env_for_proxy,
|
||||
['foo', 'bar'])
|
||||
|
||||
@mock.patch.dict(os.environ,
|
||||
{'http_proxy': 'foo:1111',
|
||||
'https_proxy': 'bar:1111',
|
||||
'no_proxy': 'foobar'})
|
||||
def test_proxy_fail_partial_match(self):
|
||||
self.assertRaises(RuntimeError,
|
||||
utils.check_env_for_proxy,
|
||||
['foo', 'bar'])
|
||||
|
||||
@mock.patch.dict(os.environ,
|
||||
{'http_proxy': 'foo:1111',
|
||||
'https_proxy': 'bar:1111'})
|
||||
def test_proxy_fail_no_proxy_unset(self):
|
||||
self.assertRaises(RuntimeError,
|
||||
utils.check_env_for_proxy,
|
||||
['foo', 'bar'])
|
||||
|
|
|
@ -1434,3 +1434,26 @@ def check_hostname(fix_etc_hosts=True, logger=None):
|
|||
run_command(args, name='hostname-to-etc-hosts')
|
||||
logger.info('Added hostname %s to /etc/hosts',
|
||||
detected_static_hostname)
|
||||
|
||||
|
||||
def check_env_for_proxy(no_proxy_hosts=None):
|
||||
"""Check env proxy settings
|
||||
|
||||
:param no_proxy_hosts: array of hosts to check if in no_proxy env var
|
||||
"""
|
||||
if no_proxy_hosts is None:
|
||||
no_proxy_hosts = ['127.0.0.1']
|
||||
http_proxy = os.environ.get('http_proxy', None)
|
||||
https_proxy = os.environ.get('https_proxy', None)
|
||||
if os.environ.get('no_proxy'):
|
||||
no_proxy = os.environ.get('no_proxy').split(',')
|
||||
else:
|
||||
no_proxy = []
|
||||
missing_hosts = []
|
||||
if http_proxy or https_proxy:
|
||||
missing_hosts = set(no_proxy_hosts) - set(no_proxy)
|
||||
if missing_hosts:
|
||||
message = _('http_proxy or https_proxy is set but the following local '
|
||||
'addresses "{}" may be missing from the no_proxy '
|
||||
'environment variable').format(','.join(missing_hosts))
|
||||
raise RuntimeError(message)
|
||||
|
|
|
@ -142,6 +142,11 @@ class Deploy(command.Command):
|
|||
# managing that elsewhere during the deployment
|
||||
utils.check_hostname(fix_etc_hosts=False, logger=self.log)
|
||||
|
||||
# Users can use http_proxy and https_proxy as part of the deployment,
|
||||
# however we need localhost to not be proxied because we use it to talk
|
||||
# to our heat api.
|
||||
utils.check_env_for_proxy(no_proxy_hosts=['127.0.0.1'])
|
||||
|
||||
# NOTE(cjeanner) Quick'n'dirty way before we have proper
|
||||
# escalation support through oslo.privsep
|
||||
def _set_data_rights(self, file_name, user=None,
|
||||
|
|
Loading…
Reference in New Issue