From d6adef8e4ca5ba135277ec6c5c1721870e9e8776 Mon Sep 17 00:00:00 2001 From: Justin Sherrill Date: Thu, 2 Dec 2021 08:47:13 -0500 Subject: [PATCH] Fixes #34070 - fix container registry with azure plugin a previous fix switched to using filenames for certs if the Faraday default adapter was set to :excon, however this broke the container registry proxy, as its using rest_client, but is still using this same piece of code --- app/lib/katello/resources/registry.rb | 2 +- app/models/katello/concerns/smart_proxy_extensions.rb | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/app/lib/katello/resources/registry.rb b/app/lib/katello/resources/registry.rb index 4d9cd85bed3..61e16d77163 100644 --- a/app/lib/katello/resources/registry.rb +++ b/app/lib/katello/resources/registry.rb @@ -32,7 +32,7 @@ def load_class self.prefix = "/pulpcore_registry/" self.site = "#{uri.scheme}://#{uri.host}:#{uri.port}" self.ca_cert_file = Setting[:ssl_ca_file] - pulp_primary.pulp3_ssl_configuration(self) + pulp_primary.pulp3_ssl_configuration(self, :net_http) self end diff --git a/app/models/katello/concerns/smart_proxy_extensions.rb b/app/models/katello/concerns/smart_proxy_extensions.rb index c6668529ff0..771aa630426 100644 --- a/app/models/katello/concerns/smart_proxy_extensions.rb +++ b/app/models/katello/concerns/smart_proxy_extensions.rb @@ -185,17 +185,17 @@ def pulp3_configuration(config_class) end end - def pulp3_ssl_configuration(config) + def pulp3_ssl_configuration(config, connection_adapter = Faraday.default_adapter) legacy_pulp_cert = !self.setting(PULP3_FEATURE, 'client_authentication')&.include?('client_certificate') - if Faraday.default_adapter == :excon + if connection_adapter == :excon config.ssl_client_cert = ::Cert::Certs.ssl_client_cert_filename(use_admin_as_cn_cert: legacy_pulp_cert) config.ssl_client_key = ::Cert::Certs.ssl_client_key_filename(use_admin_as_cn_cert: legacy_pulp_cert) - elsif Faraday.default_adapter == :net_http + elsif connection_adapter == :net_http config.ssl_client_cert = ::Cert::Certs.ssl_client_cert(use_admin_as_cn_cert: legacy_pulp_cert) config.ssl_client_key = ::Cert::Certs.ssl_client_key(use_admin_as_cn_cert: legacy_pulp_cert) else - fail "Unexpected faraday default_adapter #{Faraday.default_adapter}! Cannot continue, this is likely a bug." + fail "Unexpected connection_adapter #{Faraday.default_adapter}! Cannot continue, this is likely a bug." end end