Check proxy env vars

If a user is using http_proxy or https_proxy but is not excluding
localhost from being proxied via the no_proxy var it can lead to a
failure when we try and talk to the heat api. This change adds a check
that is used for both the standalone tripleo deploy command and
the undercloud install to ensure the end user does not hit this
condition.

Change-Id: I507d81278097bc3b5e23d53ae35aa26657541bfc
Closes-Bug: #1815814
This commit is contained in:
Alex Schultz 2019-02-13 15:40:05 -07:00
parent 03df1ffe75
commit 281e019676
3 changed files with 71 additions and 0 deletions

View File

@ -1259,3 +1259,46 @@ class TestCheckHostname(TestCase):
def test_hostname_short_fail(self, mock_run):
mock_run.side_effect = ['host', 'host']
self.assertRaises(RuntimeError, utils.check_hostname)
class TestCheckEnvForProxy(TestCase):
def test_no_proxy(self):
utils.check_env_for_proxy()
@mock.patch.dict(os.environ,
{'http_proxy': 'foo:1111',
'no_proxy': 'foo'})
def test_http_proxy_ok(self):
utils.check_env_for_proxy(['foo'])
@mock.patch.dict(os.environ,
{'https_proxy': 'bar:1111',
'no_proxy': 'foo,bar'})
def test_https_proxy_ok(self):
utils.check_env_for_proxy(['foo', 'bar'])
@mock.patch.dict(os.environ,
{'http_proxy': 'foo:1111',
'https_proxy': 'bar:1111',
'no_proxy': 'foobar'})
def test_proxy_fail(self):
self.assertRaises(RuntimeError,
utils.check_env_for_proxy,
['foo', 'bar'])
@mock.patch.dict(os.environ,
{'http_proxy': 'foo:1111',
'https_proxy': 'bar:1111',
'no_proxy': 'foobar'})
def test_proxy_fail_partial_match(self):
self.assertRaises(RuntimeError,
utils.check_env_for_proxy,
['foo', 'bar'])
@mock.patch.dict(os.environ,
{'http_proxy': 'foo:1111',
'https_proxy': 'bar:1111'})
def test_proxy_fail_no_proxy_unset(self):
self.assertRaises(RuntimeError,
utils.check_env_for_proxy,
['foo', 'bar'])

View File

@ -1434,3 +1434,26 @@ def check_hostname(fix_etc_hosts=True, logger=None):
run_command(args, name='hostname-to-etc-hosts')
logger.info('Added hostname %s to /etc/hosts',
detected_static_hostname)
def check_env_for_proxy(no_proxy_hosts=None):
"""Check env proxy settings
:param no_proxy_hosts: array of hosts to check if in no_proxy env var
"""
if no_proxy_hosts is None:
no_proxy_hosts = ['127.0.0.1']
http_proxy = os.environ.get('http_proxy', None)
https_proxy = os.environ.get('https_proxy', None)
if os.environ.get('no_proxy'):
no_proxy = os.environ.get('no_proxy').split(',')
else:
no_proxy = []
missing_hosts = []
if http_proxy or https_proxy:
missing_hosts = set(no_proxy_hosts) - set(no_proxy)
if missing_hosts:
message = _('http_proxy or https_proxy is set but the following local '
'addresses "{}" may be missing from the no_proxy '
'environment variable').format(','.join(missing_hosts))
raise RuntimeError(message)

View File

@ -142,6 +142,11 @@ class Deploy(command.Command):
# managing that elsewhere during the deployment
utils.check_hostname(fix_etc_hosts=False, logger=self.log)
# Users can use http_proxy and https_proxy as part of the deployment,
# however we need localhost to not be proxied because we use it to talk
# to our heat api.
utils.check_env_for_proxy(no_proxy_hosts=['127.0.0.1'])
# NOTE(cjeanner) Quick'n'dirty way before we have proper
# escalation support through oslo.privsep
def _set_data_rights(self, file_name, user=None,