RedHat contentviews are not lised in the url https://dev.foreman.com/pulp/content/

Problem:
All the RedHat RedHat contentviews are not lised in the url https://dev.foreman.com/pulp/content/

Expected outcome:
Custom RedHat contentviews to be visible.

Foreman and Proxy versions:

Installed Packages

  • ansible-collection-theforeman-foreman-4.0.0-2.el8.noarch
  • candlepin-4.3.12-1.el8.noarch
  • candlepin-selinux-4.3.12-1.el8.noarch
  • foreman-3.10.0-1.el8.noarch
  • foreman-cli-3.10.0-1.el8.noarch
  • foreman-debug-3.10.0-1.el8.noarch
  • foreman-dynflow-sidekiq-3.10.0-1.el8.noarch
  • foreman-installer-3.10.0-1.el8.noarch
  • foreman-installer-katello-3.10.0-1.el8.noarch
  • foreman-obsolete-packages-1.6-1.el8.noarch
  • foreman-postgresql-3.10.0-1.el8.noarch
  • foreman-proxy-3.10.0-1.el8.noarch
  • foreman-proxy-content-4.12.1-1.el8.noarch
  • foreman-redis-3.10.0-1.el8.noarch
  • foreman-release-3.10.0-1.el8.noarch
  • foreman-selinux-3.10.0-1.el8.noarch
  • foreman-service-3.10.0-1.el8.noarch
  • foreman-vmware-3.10.0-1.el8.noarch
  • ingbtcpic6vl324.code1.emi.philips.com-foreman-client-1.0-1.noarch
  • ingbtcpic6vl324.code1.emi.philips.com-foreman-proxy-1.0-1.noarch
  • ingbtcpic6vl324.code1.emi.philips.com-foreman-proxy-client-1.0-1.noarch
  • katello-4.12.1-1.el8.noarch
  • katello-certs-tools-2.9.0-2.el8.noarch
  • katello-client-bootstrap-1.7.9-2.el8.noarch
  • katello-common-4.12.1-1.el8.noarch
  • katello-debug-4.12.1-1.el8.noarch
  • katello-default-ca-1.0-1.noarch
  • katello-repos-4.12.1-1.el8.noarch
  • katello-selinux-5.0.2-1.el8.noarch
  • katello-server-ca-1.0-1.noarch
  • pulp-client-1.0-1.noarch
  • pulpcore-obsolete-packages-1.0-9.el8.noarch
  • pulpcore-selinux-2.0.1-1.el8.x86_64
  • python3.11-pulp-ansible-0.20.2-3.el8.noarch
  • python3.11-pulp-certguard-1.7.1-2.el8.noarch
  • python3.11-pulp-cli-0.21.2-5.el8.noarch
  • python3.11-pulp-container-2.16.4-1.el8.noarch
  • python3.11-pulp-deb-3.0.1-1.el8.noarch
  • python3.11-pulp-file-1.15.1-2.el8.noarch
  • python3.11-pulp-glue-0.21.2-3.el8.noarch
  • python3.11-pulp-ostree-2.1.3-3.el8.noarch
  • python3.11-pulp-python-3.10.0-3.el8.noarch
  • python3.11-pulp-rpm-3.23.3-1.el8.noarch
  • python3.11-pulpcore-3.39.11-1.el8.noarch
  • rubygem-foreman-tasks-9.1.1-1.fm3_11.el8.noarch
  • rubygem-foreman_ansible-14.0.0-1.fm3_11.el8.noarch
  • rubygem-foreman_discovery-24.0.1-1.fm3_10.el8.noarch
  • rubygem-foreman_maintain-1.5.1-1.el8.noarch
  • rubygem-foreman_openscap-7.1.1-2.fm3_10.el8.noarch
  • rubygem-foreman_puppet-6.2.0-1.fm3_10.el8.noarch
  • rubygem-foreman_remote_execution-13.0.0-1.fm3_11.el8.noarch
  • rubygem-foreman_remote_execution-cockpit-13.0.0-1.fm3_11.el8.noarch
  • rubygem-foreman_setup-8.0.1-2.fm3_9.el8.noarch
  • rubygem-hammer_cli-3.10.0-1.el8.noarch
  • rubygem-hammer_cli_foreman-3.10.0-1.el8.noarch
  • rubygem-hammer_cli_foreman_discovery-1.2.0-1.fm3_10.el8.noarch
  • rubygem-hammer_cli_foreman_puppet-0.0.7-1.fm3_10.el8.noarch
  • rubygem-hammer_cli_foreman_remote_execution-0.3.0-1.fm3_10.el8.noarch
  • rubygem-hammer_cli_foreman_tasks-0.0.20-1.fm3_10.el8.noarch
  • rubygem-hammer_cli_katello-1.12.0-0.1.pre.master.20240122184453git9a6ae05.el8.noarch
  • rubygem-katello-4.12.1-1.el8.noarch
  • rubygem-pulp_ansible_client-0.20.3-1.el8.noarch
  • rubygem-pulp_certguard_client-1.6.5-1.el8.noarch
  • rubygem-pulp_container_client-2.16.4-1.el8.noarch
  • rubygem-pulp_deb_client-3.0.1-1.el8.noarch
  • rubygem-pulp_file_client-1.15.1-1.el8.noarch
  • rubygem-pulp_ostree_client-2.1.3-1.el8.noarch
  • rubygem-pulp_python_client-3.10.0-1.el8.noarch
  • rubygem-pulp_rpm_client-3.23.2-1.el8.noarch
  • rubygem-pulpcore_client-3.39.9-1.el8.noarch
  • rubygem-smart_proxy_pulp-3.3.0-1.fm3_10.el8.noarch

Foreman and Proxy plugin versions:

Distribution and version:
NAME=“Red Hat Enterprise Linux”
VERSION=“8.10 (Ootpa)”
ID=“rhel”
ID_LIKE=“fedora”
VERSION_ID=“8.10”
PLATFORM_ID=“platform:el8”
PRETTY_NAME=“Red Hat Enterprise Linux 8.10 (Ootpa)”
ANSI_COLOR=“0;31”
CPE_NAME=“cpe:/o:redhat:enterprise_linux:8::baseos”
HOME_URL=“https://www.redhat.com/
DOCUMENTATION_URL=“Red Hat Enterprise Linux | Red Hat Product Documentation
BUG_REPORT_URL=“https://bugzilla.redhat.com/

REDHAT_BUGZILLA_PRODUCT=“Red Hat Enterprise Linux 8”
REDHAT_BUGZILLA_PRODUCT_VERSION=8.10
REDHAT_SUPPORT_PRODUCT=“Red Hat Enterprise Linux”
REDHAT_SUPPORT_PRODUCT_VERSION=“8.10”

Other relevant data:

Red Hat repositories, besides kickstart ones, are always protected. They can only be accessed via certificates handed out to clients. Protected repositories also happen to be hidden in from the file listing so they cannot be discovered. Only the entitled hosts will know they’re there.

Hi,

I already have the certificates downloaded and installed on the windows system were I look for the RedHat content views.

Is there a way to verify there is not issues at the database side?

Regards
Naranthiran Duraisamy

Hi @Naranthiran ,

If Pulp isn’t adding the protected repositories to the file listing on the web server, the browser won’t be able to see the repositories even if you have the proper certificates.

In the past I thought you could see the paths at least, but they’d always throw a 400 unless you had the proper certificates. Unless I’m recalling from the old Pulp 2 days, I wonder if this changed at some point. @dralley might know.

Regardless, assuming that the protected content should indeed by hidden by browser, my recommendation for whatever you’re trying to accomplish would be to use your certificates to download the repositories’ repodata files. From there, you should know the links to the actual content.

The repodata listing file (repomd.xml) should always be at a calculable path: {Published at URL}/repodata. For example, https://foreman.com/pulp/content/Default_Organization/Library/RHEL_8_View/content/dist/rhel8/8.10/x86_64/appstream/kickstart/repodata/repomd.xml

The “Published at” for content views isn’t as easily discovered, but it always follows the scheme /pulp/content/organization/lifecycle_environment/content_view/content/…

If there is something specific you’re trying to accomplish by browsing the repository, let us know and there might be a better alternative way to do it.

Hi @iballou ,

Thanks for your reply !

The reason for browsing the RedHat repo is to verify the content view published.

I was also trying to download the debug certificate Administer > Organizations I am not able to generate or download it.

Is there any service which manages the certificate.

Regards
Naranthiran Duraisamy

There was a brief period when Pulp 3 wasn’t hiding protected repositories from the file listing, but that is no longer the case.

1 Like

Thanks @dralley !

@Naranthiran I gotcha, yeah the best to verify besides trying a download with a registered host would be to grab that repomd.xml file.

As for the debug cert, the only thing I could see stopping you from downloading it would be permissions. Perhaps try as admin?

Hi @iballou

I have admin access. After restarting the foreman service, I was able to generated a certificate and import to the browser.

But still was not able to view only the RedHat content views.

Regards
Naranthiran Duraisamy

Hi @iballou

What could be the reason for RedHat repo are not visible.

Its it because of proxy/certificate/ or any other service.

Can any one help me to resolve the issue. I a blocked with this issue…

Regards
Naranthiran Duraisamy

@Naranthiran ,

The comments above explain why the protected Red Hat repositories are not visible. It’s on purpose.
The only way to discover what content is available will be to construct the URL to the repomd.xml file and go from there.