Conda Proxy Error Handling: Better error Message on 403 from Proxy

[a-gerhard]

Checklist

• I added a descriptive title
• I searched open reports and couldn't find a duplicate

What happened?

I used a valid proxy setting in my environment. However, I got the error message from Anaconda:

ProxyError: Conda cannot proceed due to an error in your proxy configuration.
Check for typos and other configuration errors in any '.netrc' file in your home directory,
any environment variables ending in '_PROXY', and any other system-wide proxy
configuration settings.

I did not use a .condarc or .netrc file; proxy setting was done via environment variables.

After a lot of search, I found that the issue was that the proxy server returned a 403 error not because the username/password was wrong, but because conda.anaconda.org was not on the proxy's allowlist.

I think the error message is misleading, because to me it seemed like the error was the local configuration. I was not aware that conda had even tried to fetch data via the proxy, but I thought it has failed just reading the configuration. I think changing the error message to Conda cannot proceed because it encountered a 403 Error from your proxy when fetching [URL] would be much more helpful in debugging such situations than Conda cannot proceed due to an error in your proxy configuration

Conda Info

active environment : None
       user config file : /root/.condarc
 populated config files :
          conda version : 4.12.0
    conda-build version : not installed
         python version : 3.9.12.final.0
       virtual packages : __linux=5.4.0=0
                          __glibc=2.27=0
                          __unix=0=0
                          __archspec=1=x86_64
       base environment : /miniconda  (writable)
      conda av data dir : /miniconda/etc/conda
  conda av metadata url : None
           channel URLs : https://repo.anaconda.com/pkgs/main/linux-64
                          https://repo.anaconda.com/pkgs/main/noarch
                          https://repo.anaconda.com/pkgs/r/linux-64
                          https://repo.anaconda.com/pkgs/r/noarch
          package cache : /miniconda/pkgs
                          /root/.conda/pkgs
       envs directories : /miniconda/envs
                          /root/.conda/envs
               platform : linux-64
             user-agent : conda/4.12.0 requests/2.27.1 CPython/3.9.12 Linux/5.4.0-126-generic ubuntu/18.04.6 glibc/2.27
                UID:GID : 0:0
             netrc file : None
           offline mode : False

Conda Config

No response

Conda list

# packages in environment at /miniconda:
#
# Name                    Version                   Build  Channel
_libgcc_mutex             0.1                        main    defaults
_openmp_mutex             4.5                       1_gnu    defaults
alembic                   1.8.1                    pypi_0    pypi
brotlipy                  0.7.0           py39h27cfd23_1003    defaults
ca-certificates           2022.3.29            h06a4308_1    defaults
certifi                   2021.10.8        py39h06a4308_2    defaults
cffi                      1.15.0           py39hd667e15_1    defaults
charset-normalizer        2.0.4              pyhd3eb1b0_0    defaults
click                     8.1.3                    pypi_0    pypi
cloudpickle               2.2.0                    pypi_0    pypi
colorama                  0.4.4              pyhd3eb1b0_0    defaults
conda                     4.12.0           py39h06a4308_0    defaults
conda-content-trust       0.1.1              pyhd3eb1b0_0    defaults
conda-package-handling    1.8.1            py39h7f8727e_0    defaults
cryptography              36.0.0           py39h9ce1e76_0    defaults
databricks-cli            0.17.3                   pypi_0    pypi
docker                    6.0.1                    pypi_0    pypi
entrypoints               0.4                      pypi_0    pypi
flask                     2.2.2                    pypi_0    pypi
gitdb                     4.0.9                    pypi_0    pypi
gitpython                 3.1.29                   pypi_0    pypi
greenlet                  2.0.1                    pypi_0    pypi
gunicorn                  20.1.0                   pypi_0    pypi
idna                      3.3                pyhd3eb1b0_0    defaults
importlib-metadata        5.0.0                    pypi_0    pypi
itsdangerous              2.1.2                    pypi_0    pypi
jinja2                    3.1.2                    pypi_0    pypi
ld_impl_linux-64          2.35.1               h7274673_9    defaults
libffi                    3.3                  he6710b0_2    defaults
libgcc-ng                 9.3.0               h5101ec6_17    defaults
libgomp                   9.3.0               h5101ec6_17    defaults
libstdcxx-ng              9.3.0               hd4cf53a_17    defaults
mako                      1.2.3                    pypi_0    pypi
markupsafe                2.1.1                    pypi_0    pypi
mlflow                    1.30.0                   pypi_0    pypi
ncurses                   6.3                  h7f8727e_2    defaults
numpy                     1.23.4                   pypi_0    pypi
oauthlib                  3.2.2                    pypi_0    pypi
openssl                   1.1.1n               h7f8727e_0    defaults
packaging                 21.3                     pypi_0    pypi
pandas                    1.5.1                    pypi_0    pypi
pip                       21.2.4           py39h06a4308_0    defaults
prometheus-client         0.15.0                   pypi_0    pypi
prometheus-flask-exporter 0.20.3                   pypi_0    pypi
protobuf                  4.21.9                   pypi_0    pypi
pycosat                   0.6.3            py39h27cfd23_0    defaults
pycparser                 2.21               pyhd3eb1b0_0    defaults
pyjwt                     2.6.0                    pypi_0    pypi
pyopenssl                 22.0.0             pyhd3eb1b0_0    defaults
pyparsing                 3.0.9                    pypi_0    pypi
pysocks                   1.7.1            py39h06a4308_0    defaults
python                    3.9.12               h12debd9_0    defaults
python-dateutil           2.8.2                    pypi_0    pypi
pytz                      2022.6                   pypi_0    pypi
pyyaml                    6.0                      pypi_0    pypi
querystring-parser        1.2.4                    pypi_0    pypi
readline                  8.1.2                h7f8727e_1    defaults
requests                  2.27.1             pyhd3eb1b0_0    defaults
ruamel_yaml               0.15.100         py39h27cfd23_0    defaults
scipy                     1.9.3                    pypi_0    pypi
setuptools                61.2.0           py39h06a4308_0    defaults
six                       1.16.0             pyhd3eb1b0_1    defaults
smmap                     5.0.0                    pypi_0    pypi
sqlalchemy                1.4.43                   pypi_0    pypi
sqlite                    3.38.2               hc218d9a_0    defaults
sqlparse                  0.4.3                    pypi_0    pypi
tabulate                  0.9.0                    pypi_0    pypi
tk                        8.6.11               h1ccaba5_0    defaults
tqdm                      4.63.0             pyhd3eb1b0_0    defaults
tzdata                    2022a                hda174b7_0    defaults
urllib3                   1.26.8             pyhd3eb1b0_0    defaults
websocket-client          1.4.2                    pypi_0    pypi
werkzeug                  2.2.2                    pypi_0    pypi
wheel                     0.37.1             pyhd3eb1b0_0    defaults
xz                        5.2.5                h7b6447c_0    defaults
yaml                      0.2.5                h7b6447c_0    defaults
zipp                      3.10.0                   pypi_0    pypi
zlib                      1.2.12               h7f8727e_1    defaults

Additional Context

The error occurs when building an mlflow docker container for an mlflow model.

The whole thing is running in an extremely restricted internal network, where we are only allowed to access internet resources that are explicitly allowed. It would have been helpful to have a list of servers that need to be allowlisted for conda to work.

[travishathaway]

Hi @a-gerhard,

Thank you for filing this bug report. I am going to add this to a recently created epic regarding user experience.

We cannot promise that we will get to this soon, but we always welcome pull request to make conda better. Therefore, I will mark this issues as a https://github.com/conda/conda/labels/good-first-issue so that it gets some more attention.

Please keep an eye on this issue for any updates.

[github-actions]

Hi there, thank you for your contribution!

This issue has been automatically marked as stale because it has not had recent activity. It will be closed automatically if no further activity occurs.

If you would like this issue to remain open please:

1. Verify that you can still reproduce the issue at hand
2. Comment that the issue is still reproducible and include:
   - What OS and version you reproduced the issue on
   - What steps you followed to reproduce the issue

NOTE: If this issue was closed prematurely, please leave a comment.

Thanks!