Uploaded image for project: 'Satellite'
  1. Satellite
  2. SAT-39459

Support HTTPS_PROXY in iop-cvemap-download

XMLWordPrintable

    • Known Issue
    • Hide
      Cause:
      Consequence:
      Workaround:
      Result:
      Show
      Cause: Consequence: Workaround: Result:
    • None
    • None

      Description of problem:

      iop-cvemap-download.service fails if the Satellite needs to use a proxy to reach https://security.access.redhat.com

      How reproducible:

      100%

      Is this issue a regression from an earlier version:

      No.

      Steps to Reproduce:

      1.) Install IoP on Satellite that requires proxy to reach external networks.

      satellite-installer --enable-iop --scenario satellite

      2.) systemctl start iop-cvemap-download

      3.) See failed downloads of {{cvemap.xml{}}} in journalctl -xe

       

      Actual behavior:
      Failed downloads.

      Expected behavior:
      Ability to configure a proxy used by the iop-cvemap-download systemd service.

      Business Impact / Additional info:

      Verified that setting environment variables for the systemd service resolves the issue:

      # cat /etc/systemd/system/iop-cvemap-download.service.d/99-proxy.conf 
      [Service]
      Environment = HTTPS_PROXY=http://proxy.example.com:3128
      Environment = NO_PROXY=localhost 

      This can be set up manually, but we'll need some way to manage the setting through the installer.

              Unassigned Unassigned
              rhn-support-tpapaioa Tasos Papaioannou
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: