lxc deployed units don't support https APT repositories

Bug #993034 reported by Thomas Herve
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
pyjuju
Fix Released
Medium
David Britton
juju (Ubuntu)
Fix Released
Medium
Unassigned
Precise
Fix Released
Medium
Unassigned

Bug Description

[Impact]
Charms written to use https based APT sources (such as private PPA's) will fail on the local provider because of the required connection through apt-cacher-ng.

[Dev Fix]
apt should be configured not to proxy HTTPS based sources through apt-cacher-ng

[Stable Fix]
Backport of the dev fix.

[Test Case]
1. Create a charm whic adds an HTTPS based APT source with a valid certificate.
2. Deploy said charm in a 'type: local' environment.
3. Affected juju will fail with a 'PROXY CONNECT' error. Fixed juju will succeed.

[Regression Potential]
Very low. Fix has been upstream for some time. Very simple change, and any regression would be contained to apt use of HTTPS urls in local provider, which seems to have been totally broken as well.

==== Original Bug Description ====

I tried to use a repository over HTTPS in a charm testing locally, and it was failing with a PROXY CONNECT error. It seems we try to use apt-cacher-ng for it and it doesn't work.

Adding Acquire::https { Proxy "false"; }; to /etc/apt/apt.conf.d/02juju-apt-proxy (done in ./juju/lib/lxc/data/juju-create) seems to fix the issue.

Related branches

Thomas Herve (therve)
description: updated
David Britton (dpb)
Changed in juju:
assignee: nobody → David Britton (davidpbritton)
Changed in juju:
status: New → Confirmed
importance: Undecided → Medium
Changed in juju:
milestone: none → galapagos
Changed in juju:
status: Confirmed → Fix Released
Changed in juju (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
description: updated
Changed in juju (Ubuntu Precise):
status: New → Triaged
importance: Undecided → Medium
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package juju - 0.5+bzr538-0ubuntu1

---------------
juju (0.5+bzr538-0ubuntu1) quantal; urgency=low

  * New upstream snapshot (LP: #993034, LP: #926550)
 -- Clint Byrum <email address hidden> Tue, 29 May 2012 22:36:40 -0700

Changed in juju (Ubuntu):
status: Triaged → Fix Released
Revision history for this message
Chris Halse Rogers (raof) wrote : Please test proposed package

Hello Thomas, or anyone else affected,

Accepted juju into precise-proposed. The package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in juju (Ubuntu Precise):
status: Triaged → Fix Committed
tags: added: verification-needed
Revision history for this message
Clint Byrum (clint-fewbar) wrote :

Cannot test this one as it is blocked on upstream bug #1007657. A fix is pending, and will need to be pushed into precise-proposed before this can be verified.

James Page (james-page)
Changed in juju (Ubuntu Precise):
milestone: none → ubuntu-12.04.1
Revision history for this message
Clint Byrum (clint-fewbar) wrote :

Result of trying this is that the bug is fixed, but it exposes another existing and known bug in juju. Because local instances are built with minimal ubuntu, charms that work on EC2 won't always have all the same packages in a local instance. So the package 'apt-transport-https' must be added.

But, once that is also installed, https works perfectly.

tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package juju - 0.5+bzr531-0ubuntu1.2

---------------
juju (0.5+bzr531-0ubuntu1.2) precise-proposed; urgency=low

  * d/p/upstream-541-542.patch: fix shell script to make proposed work
    for local provider. (LP: #1007657)

juju (0.5+bzr531-0ubuntu1.1) precise-proposed; urgency=low

  * d/p/upstream-532.patch: use proper whitespace separation in
    relation-ids. (LP: #988065)
  * d/p/upstream-533.patch: workaround to suppress Zookeeper logging
    which goes out of control in local provider on Reboot.(LP: #958312)
  * d/p/upstream-534.patch: fix to stop juju-log and relation-set commands
    outputting "{}" to stdout, which can break some programs and makes it
    difficult to use them in a debug-hooks session. (LP: #915506)
  * d/p/upstream-537.patch: make HTTPS apt sources usable inside local
    provider. (LP: #993034)
  * d/p/upstream-538.patch: Add support to install juju from proposed
    pocket to test proposed SRU's. (LP: #926550)
 -- Clint Byrum <email address hidden> Mon, 18 Jun 2012 14:00:56 -0700

Changed in juju (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers