Maven dependency proxy: invalid urls in HEADs
🔥 Problem
From &3610 (comment 1980577476).
So here is the current logic of the maven dependency proxy:
- if the package is not in the registry, we will get it from the upstream and upload it to the package registry (+ return it to the client
- if the package is in the registry, we will check with upstream if the one we have is the same.
For (1.) and (2.), we use the exact same function to "build" the upstream file url. Basically, we read the dependency proxy settings to get the upstream base url and we will append the path for the file. We will also set the authentication part.
The only difference is that (1.) is a GET
request and (2.) is a HEAD
request but the url is exactly the same.
So why (1.) is passing and (2.) is not, I'm not sure. It could be related to credentials. Still, this is
Kibana search (internal).
🚒 Solution
Investigate this problem to find the root cause.
Possible leads:
* try to reproduce it locally.
* look at how workhorse and the head service sends the credentials.
The problem is that Addressable::URI
uses inline basic auth without escaping characters which can lead to urls like: http://me@email.com:password@test.org/test
. From the above logs, the GitLab http client doesn't like that at all (invalid url).
Solution: set the Authorization
header when calling this service instead of relying on the inline basic auth.