Story #8167
closedAs a user, I have proxy_password and proxy_username available on all remotes.
100%
Description
Motivation¶
For proxy authorization to be sent to proxies using the PROXY-AUTHORIZATION
header, we need to set that data on the aiohttp session. Currently the only way to specify proxy authorization is in embedded in the proxy_url.
Implementation¶
- Add a
proxy_username
andproxy_password
fields to the Remote MasterModel. These are optional fields. - Ensure that if one is specified, they both are specified (this is at the serializer level).
- Have the
DownloaderFactory
read these values and set them on the aiohttp session correctly.
Moving proxy credentials out of proxy_url¶
As part of this story proxy credentials will no longer be allow to be stored on the proxy_url. So for this story the following also needs to be done:
-
Validation needs to be added for proxy_url that disallows users to put a username and/or password in the proxy_url. If the user does it should fail validation and they should be directed to use the
proxy_username
andproxy_password
setting. -
A data migration needs to be made which will remove any credentials stored in existing remotes and move them to the
proxy_username
andproxy_password
fields at migration time.
Notes¶
Use the proxy_pass
parameter on the aiohttp session like the example below from the aiohttp
client proxy config docs:
async with aiohttp.ClientSession() as session:
proxy_auth = aiohttp.BasicAuth('user', 'pass')
async with session.get("http://python.org",
proxy="http://proxy.com",
proxy_auth=proxy_auth) as resp:
print(resp.status)
Related issues
Add proxy username and password to remote
fixes #8167 https://pulp.plan.io/issues/8167