Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

URI module ignores no_proxy with CIDR #52705

Closed
IshwarKanse opened this issue Feb 21, 2019 · 3 comments

Comments

Projects
None yet
3 participants
@IshwarKanse
Copy link
Member

commented Feb 21, 2019

SUMMARY

URI module ignores no_proxy configuration with a CIDR notation. We have to specify individual IP addresses or domain for it to work.

ISSUE TYPE
  • Bug Report
COMPONENT NAME

URI module

ANSIBLE VERSION
ansible 2.7.5
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/var/lib/awx/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /bin/ansible
  python version = 2.7.5 (default, Sep 12 2018, 05:31:16) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]
CONFIGURATION
DEFAULT_ROLES_PATH(/etc/ansible/ansible.cfg) = [u'/etc/ansible/roles', u'/usr/share/ansible/roles']
OS / ENVIRONMENT
Red Hat Enterprise Linux Server release 7.5 (Maipo)
STEPS TO REPRODUCE
- name: Test uri with cidr
  hosts: localhost
  connection: local

  tasks:
  - name: Simple curl
    environment:
      http_proxy: '<proxy_server>:<port>'
      https_proxy: ' '<proxy_server>:<port>
      HTTP_PROXY:  '<proxy_server>:<port>
      HTTPS_PROXY:  '<proxy_server>:<port>
#      NO_PROXY: '<webserver IP>'
#      no_proxy: '<webserver IP>'
      NO_PROXY: '<CIDR which contains webserver IP eg 192.168.1.0/24>'
      no_proxy: '<CIDR which contains webserver IP eg 192.168.1.0/24>'
    uri:
      url: https://<webserver IP>
      validate_certs: no
    register: resultvar

  - debug: 
      var: resultvar
EXPECTED RESULTS

No_proxy with CIDR configuration is honored and connections are directly made to hosts.

ACTUAL RESULTS

no_proxy is ignored and connections goes through proxy server.

@ansibot

This comment has been minimized.

Copy link
Contributor

commented Feb 21, 2019

Files identified in the description:

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

@ansibot

This comment has been minimized.

Copy link
Contributor

commented Feb 21, 2019

@sivel

This comment has been minimized.

Copy link
Member

commented Feb 22, 2019

We rely on the underlying functionality of python to support proxying, and python does not support this formatting of proxy.

As such, you will required to provide a list of all hosts. There is no current functionality to get a full list of IPs in a network via the ipaddr filter, but we would be willing to accept one that could enable you to utilize it for this purpose.

If you have further questions please stop by IRC or the mailing list:

@sivel sivel closed this Feb 22, 2019

@sivel sivel removed the needs_triage label Feb 25, 2019

JonTheNiceGuy added a commit to JonTheNiceGuy/ansible that referenced this issue May 14, 2019

Update uri.py
Added two changes.
1. Note that uri doesn't honor the no_proxy environment variable (due to ansible#52705), and suggest a work around.
2. Added an example showing a test waiting for a URL to become available (using the `until:`, `retries:` and `delay:` settings) - based on https://gist.github.com/mikeifomin/67e233cd461331de16707ef59a07e372#gistcomment-2718587

label: docsite_pr

StephenSorriaux pushed a commit to StephenSorriaux/ansible that referenced this issue May 20, 2019

Update uri.py (ansible#56395)
1. Note that uri doesn't honor the no_proxy environment variable (due to ansible#52705), and suggest a work around.
2. Added an example showing a test waiting for a URL to become available (using the `until:`, `retries:` and `delay:` settings) - based on https://gist.github.com/mikeifomin/67e233cd461331de16707ef59a07e372#gistcomment-2718587

Co-Authored-By: Felix Fontein <felix@fontein.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.