[kots]: add proxy server configuration

Simon Emms · Simon Emms · commit 4c3637c06abb · 2022-09-07T11:52:02.000Z
diff --git a/install/kots/manifests/gitpod-installer-job.yaml b/install/kots/manifests/gitpod-installer-job.yaml
@@ -39,7 +39,7 @@ spec:
       containers:
         - name: installer
           # This will normally be the release tag
-          image: "eu.gcr.io/gitpod-core-dev/build/installer:sje-move-kots-bash-script.28"
+          image: "eu.gcr.io/gitpod-core-dev/build/installer:sje-installer-proxy-config.3"
           volumeMounts:
             - mountPath: /config-patch
               name: config-patch
diff --git a/install/kots/manifests/gitpod-proxy-server.yaml b/install/kots/manifests/gitpod-proxy-server.yaml
@@ -0,0 +1,16 @@
+# Copyright (c) 2022 Gitpod GmbH. All rights reserved.
+# Licensed under the MIT License. See License-MIT.txt in the project root for license information.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: proxy-server # Name set in /install/installer/pkg/common/constants.go
+  labels:
+    app: gitpod
+    component: gitpod-installer
+  # annotations:
+  #   kots.io/when: '{{repl ConfigOptionEquals "proxy_server_enabled" "1" }}'
+data:
+  httpProxy: '{{repl (ConfigOption "proxy_server_http_proxy" | default (HTTPProxy)) }}'
+  httpsProxy: '{{repl ConfigOption "proxy_server_https_proxy" | default (HTTPSProxy) }}'
+  noProxy: '{{repl NoProxy }},{{repl ConfigOption "proxy_server_no_proxy" }}' # Merge the KOTS NO_PROXY so we don't lose the ability to talk to it
diff --git a/install/kots/manifests/kots-config.yaml b/install/kots/manifests/kots-config.yaml
@@ -382,6 +382,37 @@ spec:
 
             Add the domain only (eg, `gitpod.io`). Separate multiple domains with spaces.
 
+    - name: proxy_server
+      title: Proxy server
+      description: Route your access through a proxy server
+      items:
+        - name: proxy_server_enabled
+          title: Route through a proxy server
+          type: bool
+          default: "0"
+          help_text: Configure proxy access to the Internet
+
+        - name: proxy_server_http_proxy
+          title: HTTP proxy
+          type: text
+          default: '{{repl HTTPProxy }}'
+          when: '{{repl ConfigOptionEquals "proxy_server_enabled" "1" }}'
+          help_text: Configure HTTP proxy server to route all traffic through. This should be in the format "user:password@proxy.domain.com:1234"
+
+        - name: proxy_server_https_proxy
+          title: HTTPS proxy
+          type: text
+          default: '{{repl HTTPSProxy }}'
+          when: '{{repl ConfigOptionEquals "proxy_server_enabled" "1" }}'
+          help_text: Configure HTTPS proxy server to route all traffic through. This should be in the format "user:password@proxy.domain.com:1234"
+
+        - name: proxy_server_no_proxy
+          title: No proxy
+          type: text
+          default: '{{repl NoProxy }}'
+          when: '{{repl ConfigOptionEquals "proxy_server_enabled" "1" }}'
+          help_text: Configure URLs that bypass the proxy. This should be a CSV in the format "domain1.com,domain2.com".
+
     - name: advanced
       title: Advanced Options
       description: Here are advanced options that you should only make use of in coordination with us or when you know what you are doing.
diff --git a/install/kots/manifests/kots-preflight.yaml b/install/kots/manifests/kots-preflight.yaml
@@ -77,6 +77,13 @@ spec:
           - |
             CONNECTION="error"
 
+            export http_proxy="{{repl HTTPProxy }}"
+            export HTTP_PROXY="{{repl HTTPProxy }}"
+            export https_proxy="{{repl HTTPSProxy }}"
+            export HTTPS_PROXY="{{repl HTTPSProxy }}"
+            export no_proxy="{{repl NoProxy }}"
+            export NO_PROXY="{{repl NoProxy }}"
+
             if [ '{{repl HasLocalRegistry }}' = "true" ];
             then
               # Don't test for airgapped
