On 11/05/16 15:12, Karanbir Singh wrote: > On 10/05/16 19:43, Fabian Arrotin wrote: >> On 10/05/16 20:37, Jason Brooks wrote: >>> On Tue, May 10, 2016 at 6:47 AM, Fabian Arrotin <arrfab at centos.org> wrote: >>>> On 10/05/16 15:38, Colin Walters wrote: >>>>> >>>>> >>>>> On Tue, May 10, 2016, at 09:35 AM, Colin Walters wrote: >>>>>> ``` >>>>>> [atomic-sig at slave01 ~]$ host cbs.centos.org >>>>>> cbs.centos.org has address 172.20.1.15 >>>>>> [atomic-sig at slave01 ~]$ curl https://cbs.centos.org/repos/virt7-docker-common-candidate/x86_64/os/ >>>>>> ^C >>>>>> ``` >>>>>> >>>>>> Just times out >>>>> >>>>> Argh! It turns out it's https:// vs http://. I broke it with: >>>>> https://github.com/CentOS/sig-atomic-buildscripts/pull/68 >>>>> >>>>> I can work around this for now by sed'ing the repo to use >>>>> http just inside the CI infra. >>>> >>>> CI environment is located in the same DC as cbs, but in a different >>>> subnet/vlan and with ip/port filtering at the gw level. Initially we >>>> only opened http from ci to cbs, but I now added https too. >>> >>> I'm getting a similar-looking issue w/ https from the ci artifacts location: >>> >>> https://ci.centos.org/artifacts/sig-atomic/rdgo/centos-continuous/build/ >>> >>> I'm trying to pull pkgs built in the ci and stored there in another ci job... >>> >>> Jason >>> >> >> Different issue as artifact node is internal and that has been discussed >> some time ago : >> https://lists.centos.org/pipermail/ci-users/2016-January/000093.html >> (and people confirmed that the solution worked for them) >> And the wiki/doc was also adapted to only show one url that works both >> internally and externally : >> https://wiki.centos.org/QaWiki/CI/GettingStarted#head-a46ee49e8818ef9b50225c4e9d429f7a079758d2 >> http://artifacts.ci.centos.org/ >> > > options on how the https:// might work on the CDN for buildlogs ? > > Well, buildlogs is external but also internal copy (yeah ....) but we'd be able to setup proper https support for that, but the automatic http->https redirection is what needs to be tested and how yum follows the redirection for the repomd.xml file (if that works) Something added on the TODO list, but not priority #1 this week though OTOH, it's true that it was also discussed that people needing a lot of artifacts file should ask those to be published on the CDN, and not retrieved from CI network at all (but can be problematic if people want the same test to work inside and outside too) -- Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/ci-users/attachments/20160511/f25ea924/attachment-0003.sig>