chore: allow usage of `https` in URL for distro tree

[JohnVillalovos]

When specifying the URL for the location of the distro for a lab controller, allow usage of https URLs.

Previously you could add an https URL, but then when provisioning the system it would fail with the error: Command 1234566 aborted: No usable URL found for distro tree 123 in lab lab1.example.com

[StykMartin]

This is definitely not a chore, and I'm not fully on board with this change in its current form. Changes to the implementation will favor HTTPs over HTTP. This can create a huge blast radius if HTTPs is present but hidden behind self-signed certificates or even public CAs with recent changes to the certificate chain (e.g. recent changes to DigiCert).

This code explicitly uses all non-TLS variants to make sure we can actually spin up resources. From my perspective, this looks like a feature flag that needs to be explicitly enabled by the Beaker owner, as they need to make sure HTTPs is usable in their infrastructure.

WDYT @p3ck

[p3ck]

This is definitely not a chore, and I'm not fully on board with this change in its current form. Changes to the implementation will favor HTTPs over HTTP. This can create a huge blast radius if HTTPs is present but hidden behind self-signed certificates or even public CAs with recent changes to the certificate chain (e.g. recent changes to DigiCert).

This code explicitly uses all non-TLS variants to make sure we can actually spin up resources. From my perspective, this looks like a feature flag that needs to be explicitly enabled by the Beaker owner, as they need to make sure HTTPs is usable in their infrastructure.

WDYT @p3ck

I agree that this should be turned on via a config flag.

Maybe support a config option to specify http_schemes

Default

config.http_schemes = ['http']

config.http_schemes = ['https','http']