stack/caucase: Disable always failing promise
The principle of deployment on slapos is once the instance is read to use the all the promises must work and buildout would stop to run for a while. This Promise is been disable because it assumes the user must use the instance first them the promise will be green, which can cause endless failure. This fail until user do something makes tests and resilience fail, as there is no automation to emulate a user take some action. This problem MUST be reimplemented on the current way, and not assume user will do any action. Others promises can be added into monitor (but not this one like this).
I do not understand why this promise requires user action to work. Both http and https are supposed to become available without user intervention, with https only becomming available "shortly" after http as the former requires the latter to work to bootstrap its own certificate. So I also do not understand why you would only disable http promise but leave https promise enabled.
@vpelletier the promise don't require user action to work. This is a bug caused by the fact that the first login redirect to the configuration page which allow to set the password. But the page is disalowed in HTTP (only HTTPS is used for user interface with password). So went the password is not set promise in http redirect to
admin/configureand return 404. See: https://lab.nexedi.com/nexedi/slapos/blob/master/stack/caucase/ca-nginx.conf.in#L74
I wouldn't say that the promise require user action. Yes, user must set the password on first login but the promise is not supposed to fail because the password is not set. I'm thinking how to solve, a simpler solution is to change promise http url from
http://[IPv6]:port/crt/ca.crt.pemso that there will be no redirection.
I like the idea of fetching the ca.crt, indeed.