Flavor: foreman-proxy-content#571
Conversation
019e1bb to
b367887
Compare
|
There are definitely some good nuggets of changes that would make for good, go-ahead, stand-alone PRs to get added. This also points to the need for |
|
I have been facing one issue which i already have a workaround implemented but i wanted to know if we should solve it properly? so we have a static What about exposting a |
b199850 to
90c6bcf
Compare
56349d9 to
bb71f97
Compare
bb71f97 to
b709d6f
Compare
Gauravtalreja1
left a comment
There was a problem hiding this comment.
ACK, tested with foremanctl-3.0.0.develop-2.20260701164348391310.pr571.89.g56349d9.el9.noarch 🍏
Tested deploy-proxy with foreman-proxy-content flavor on a two-node setup (quadlet + proxy).
Certificate sources tested:
- Default (internal CA)
- Custom server certificates (generated via Robottelo scripts)
Validated:
- Proxy deploys successfully with both cert sources
- Only expected services running on proxy (pulp-api, pulp-content, pulp-worker, postgresql, valkey, httpd, foreman-proxy) (no foreman, candlepin, or dynflow)
- PostgreSQL has only pulp database and user on proxy (no foreman/candlepin)
- HTTPS endpoints working: /pulp/api/v3/status/ (200), /pulp/content/ (200), /rhsm (proxied to server), /katello/api/v2/repositories/ (proxied to server)
- Pulp mirror mode enabled on proxy (mirror: true, client_authentication: ["client_certificate"])
- Smart proxy capabilities include all expected features (core, smart_proxy, rpm, deb, ansible, python, container, file, certguard)
- Trusted hosts includes only foreman server FQDN
Issues found:
Why are you introducing these changes? (Problem description, related links)
What are the changes introduced in this pull request?
deploy-proxysub-command to deploy proxy specific flavors(ex:foreman-proxy-content)deploy-proxyex: certs tar file and foreman fqdnpull-imagesflavor-aware instead of hardcoded to katello--flavorpytest option, and proxy CI jobHow to test this pull request
./foremanctl deploy./foremanctl certificate-bundle proxy.example.comto generate bundle./foremanctl deploy-proxy --flavor foreman-proxy-content --certificate-bundle /path-to-tar --foreman-fqdn quadlet.example.comObserve only relevent services are deployed
Steps to reproduce:
./foremanctl deploy-proxy --flavor foreman-proxy-content --certificate-bundle /path-to-tar --foreman-fqdn quadlet.example.comChecklist