[upload] Add proxy server details for sos uploads #4158
Conversation
sos/report/__init__.py
Outdated
| 'upload_target': None, | ||
| 'add_preset': '', | ||
| 'del_preset': '', | ||
| <<<<<<< Updated upstream |
There was a problem hiding this comment.
I believe this is one of the issues causing the pylint error. You just need to resolve the conflict with the stashed changes and force push again
| """ | ||
| Determines the correct authenticated HTTP proxy syntax for the local | ||
| Netcat/Ncat executable by running test commands. | ||
There was a problem hiding this comment.
Could you add here (or perhaps as a comment in the gh PR interface) why do we need to determine the syntax?
And what happens if we don't have this function at all?
There was a problem hiding this comment.
I will add in a more verbose comment to try to explain why we use this function and why (I think) it's needed. Basically, if we don't have this function, only certain versions of ncat/nc will work correctly with the proxy command. This function tries to figure out the correct syntax of the proxy command needed based on the installed version of ncat/nc
|
Make sure you add these options to any relevant man page (at least the upload and report ones). |
| raise Exception("connection failed, did you set a user and " | ||
| "password?") | ||
| raise Exception("connection failed, did you set a user" | ||
| " and password?") |
There was a problem hiding this comment.
Any reason for this specific change? Unless I'm mistaken, the original line was within col limit
There was a problem hiding this comment.
I honestly have no idea why I updated that. I can change it back if you want me to.
There was a problem hiding this comment.
No need, I just wasn't sure if I missed something. Doesn't look bad to me, so unless anyone else objects, this change can be kept
dwolstroRH
force-pushed
the
add-proxy-server
branch
from
d56d503 to
c2b17c9
Compare
|
Congratulations! One of the builds has completed. 🍾 You can install the built RPMs by following these steps:
Please note that the RPMs should be used only in a testing environment. |
dwolstroRH
force-pushed
the
add-proxy-server
branch
from
c2b17c9 to
98fd105
Compare
| # --- 3. Fallback (If no standard syntax is found) --- | ||
| # If the system netcat doesn't support an authenticated proxy, | ||
| # you might need to use a dedicated tool like 'corkscrew' or 'connect'. | ||
| return ("Warning: Native authenticated proxy syntax not found for 'nc'. " |
There was a problem hiding this comment.
Minor nit: replace nc by {nc_executable} (and have it as an f-string)?
Currently, you call the method with default nc_executable='nc' only. If you plan this argumet to have different values in future, let be prepared here.
| proxy_grp.add_argument('--proxy-user', | ||
| default=None, | ||
| help='Specify the User for the proxy server') | ||
| proxy_grp.add_argument('--proxy-pass', | ||
| default=None, | ||
| help='Specify the Password for the proxy user') | ||
| proxy_grp.add_argument('--proxy-host', | ||
| default=None, | ||
| help='Specify the host for the proxy server') | ||
| proxy_grp.add_argument('--proxy-port', | ||
| default=None, | ||
| help='Specify the Port for the proxy server') | ||
|
|
There was a problem hiding this comment.
We need to enhance man pages accordingly.
When you will describe --proxy-pass, it is worth mentioning that using the option on cmdline reveals the password to anybody running ps at the same time.
| if self.get_proxy_host(): | ||
| self.generate_proxy_list(use_prompts=True) | ||
| self.ui_log.info('') | ||
| else: | ||
| if self.get_proxy_host(): | ||
| self.generate_proxy_list(use_prompts=False) |
There was a problem hiding this comment.
Code de-duplication: isnt it better to call (after the if not cmdline_opts.batch .. block):
if self.get_proxy_host():
self.generate_proxy_list(use_prompts=(not cmdline_opts.batch and not cmdline_opts.quiet))
?
Well, then the log_info of empty line would be entered before the prompt, not welcomed, I guess?
| self.ui_log.error( | ||
| "Both proxy user and proxy password must be" | ||
| " specified. Proxy server will be ignored." |
There was a problem hiding this comment.
What if I enter empty user and password? That should be allowed, no..?
| return {} | ||
|
|
||
| if self.get_proxy_host() and self.get_proxy_port(): | ||
| proxy = (f"{proxy}{self.get_proxy_host()}:" |
There was a problem hiding this comment.
So proxy stores just credentials so far, which is bit confusing. Worth adding a comment or having proxy_creds variable (up to this point)?
(also a nitpick, you can ignore this comment if you think the code is self-explanatory)
| proxy = (f"{proxy}{self.get_proxy_host()}:" | ||
| f"{self.get_proxy_port()}") | ||
| proxy_list['http'] = f"http://{proxy}" | ||
| proxy_list['https'] = f"http://{proxy}" |
There was a problem hiding this comment.
Shouldnt be there https:// instead of http://? (but I am not an expert on the syntax here..)
There was a problem hiding this comment.
Great catch! thanks
arif-ali
left a comment
arif-ali
left a comment
There was a problem hiding this comment.
primarily around if we don't have a user/password, but just a proxy, we should be able to use the proxy on its own
| try: | ||
| session = ftplib.FTP(url, user, password, timeout=15) | ||
| if self.use_proxy_server: | ||
| proxy_formatted_user = f"{user}@{url} {self.proxy_user}" |
There was a problem hiding this comment.
What if a user and password is not provided, and is actually not needed for the proxy. I have seen in at least one environment where a proxy user/password is not required to upload a sos.
| session.connect(self.get_proxy_host(), self.get_proxy_port()) | ||
|
|
||
| session.login(proxy_formatted_user, self.proxy_password, | ||
| password) |
There was a problem hiding this comment.
same comment applies, what if it is anonymous FTP, but still need a proxy without username/password?
Can you send me the link to where it is explained how to do this? I've never updated a man page before. (is it on the source)? |
|
I don't think there's a link that explains how to do it, neither here nor on the source, but I may have missed it.
You should add these options to at least the sos-upload.1 man page, but I imagine having them in sos-report.1 could be necessary as well. |
Related: RHEL-2356 Signed-off-by: David Wolstromer <dwolstro@redhat.com>
dwolstroRH
force-pushed
the
add-proxy-server
branch
from
98fd105 to
f8d63f9
Compare
|
Congratulations! One of the builds has completed. 🍾 You can install the built RPMs by following these steps:
Please note that the RPMs should be used only in a testing environment. |
1 similar comment
|
Congratulations! One of the builds has completed. 🍾 You can install the built RPMs by following these steps:
Please note that the RPMs should be used only in a testing environment. |
4 participants
Related: RHEL-2356
Please place an 'X' inside each '[]' to confirm you adhere to our Contributor Guidelines