-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTP proxy support #125
Comments
Hello @cbartz, thank you for opening this issue. You are correct that httprequest does not read or do anything with this juju level config. We will have to investigate the value and effort related to implementing this feature. Is this something that is needed for an existing use case? |
It would be better to have a charm config for proxy instead of using |
allegedly effort should be small in this case @gruyaume |
I'm not sure I agree that this should be separate charm configuration. In the IS DevOps team we've certainly been working on the understanding that if a charm needs to support a proxy the right way for us to do that is to use model-config proxy variables. This way it's consistent across every charm rather than being done differently in different places. |
@mthaddon do you have example of charms who handle this in the way you recommend? |
@mthaddon Makes sense. I was thinking of the scenario: 1 application needs proxy, other should not use proxy (on the same model). |
For example:
And probably more... |
Fixed by canonical/lego-base-k8s-operator#143 and #178 |
Describe the bug
The charm does not respect the juju http proxy variables when making requests to lets encrypt.
To Reproduce
We assume an environment where http requests have to go through a proxy and are otherwise blocked by the firewall.
juju model-config juju-http-proxy="http-proxy-address"
tls-certificate
integration (e.g. with annginx-ingress-integrator
application)juju debug-logs
that the request tohttps://acme-v02.api.letsencrypt.org/directory
times out.Expected behavior
The lego request uses the http proxy, so either the request succeeds or the proxy returns a 403 forbidden.
It seems that LEGO supports http proxy via env variables (go-acme/lego#840).
Logs
Environment
juju --version
):kubectl version --short
):The text was updated successfully, but these errors were encountered: