-
Notifications
You must be signed in to change notification settings - Fork 982
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixes #35626 - Registration & proxy's registration_url #9464
Conversation
Issues: #35626 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My biggest concern here is that the template URL is HTTP and not HTTPS. Normally registration uses HTTPS, right? Is that intended?
app/controllers/concerns/foreman/controller/registration_commands.rb
Outdated
Show resolved
Hide resolved
I wouldn't say it's intended, but if users use |
It indeed can be HTTPS, but in that case (AFAIK) you can't really kickstart since we don't set up certificates. At least back in the day Anaconda couldn't even retrieve its kickstart over HTTPS. Perhaps that's better now, but that's why it HTTP and not HTTPS. That's why I'd still suggest to introduce a new setting on the registration module. That way users don't have to choose between the two. |
Expanding on this, the suggestion is to add a new setting into registration module (https://github.com/theforeman/smart-proxy/blob/develop/config/settings.d/registration.yml.example) that is named Does the registration workflow hit directly the templates URL? |
Yes, it's used in the end of registration when we are calling back to Foreman to update build status, in host_init_config_default template, nothing else. Having |
Exactly. |
bb131bc
to
77255da
Compare
Use registration_url from Registration SP module for registration command. RFC: https://community.theforeman.org/t/rfc-host-registration-and-load-balancers/30462 Katello: https://projects.theforeman.org/issues/35627 Smart Proxy: https://projects.theforeman.org/issues/35639
db23f79
to
046297f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK on the Ruby side, but I haven't done anything with the JS side for a while so I'd appreciate if someone else could take a look.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me, thanks @stejskalleos 👍🏼
Use SmartProxyAuth for Smart Proxy detection RFC: https://community.theforeman.org/t/rfc-host-registration-and-load-balancers/30462 Foreman: theforeman/foreman#9464 Smart Proxy: https://projects.theforeman.org/issues/35639
Should we try merging Katello/katello#10315, theforeman/smart-proxy#850 all at the same time? any other concerns before merging? |
Katello can wait few days, but smart-proxy should go together with this PR |
Use SmartProxyAuth for Smart Proxy detection RFC: https://community.theforeman.org/t/rfc-host-registration-and-load-balancers/30462 Foreman: theforeman/foreman#9464 Smart Proxy: https://projects.theforeman.org/issues/35639
Use registration_url from Registration SP module
for registration command.
RFC: https://community.theforeman.org/t/rfc-host-registration-and-load-balancers/30462
Katello: https://projects.theforeman.org/issues/35627
Smart Proxy: https://projects.theforeman.org/issues/35639
Installer: TODO