From dee75355d0630d1833cd9227263c71a6a33977ca Mon Sep 17 00:00:00 2001 From: Christian Brauchli Date: Fri, 17 Sep 2021 09:32:36 +0200 Subject: [PATCH 1/4] FIX: enable http_proxy environment variable --- pkg/registry/http.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/registry/http.go b/pkg/registry/http.go index 73bcbc8..273d972 100644 --- a/pkg/registry/http.go +++ b/pkg/registry/http.go @@ -28,6 +28,7 @@ func newHTTPRegistry(schemaPathTemplate string, cacheFolder string, strict bool, MaxIdleConns: 100, IdleConnTimeout: 3 * time.Second, DisableCompression: true, + Proxy: http.ProxyFromEnvironment, } if skipTLS { From 4e8380097995ec01c41dbef271df368ac5af1d4b Mon Sep 17 00:00:00 2001 From: Yann Hamon Date: Sun, 26 Sep 2021 11:58:09 +0200 Subject: [PATCH 2/4] gofmt --- pkg/registry/http.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/registry/http.go b/pkg/registry/http.go index 273d972..7bfbf44 100644 --- a/pkg/registry/http.go +++ b/pkg/registry/http.go @@ -28,7 +28,7 @@ func newHTTPRegistry(schemaPathTemplate string, cacheFolder string, strict bool, MaxIdleConns: 100, IdleConnTimeout: 3 * time.Second, DisableCompression: true, - Proxy: http.ProxyFromEnvironment, + Proxy: http.ProxyFromEnvironment, } if skipTLS { From 73f65d7530bb039f1a0984e3e0e01263bdb6cf21 Mon Sep 17 00:00:00 2001 From: Yann Hamon Date: Sun, 26 Sep 2021 12:11:42 +0200 Subject: [PATCH 3/4] Add acceptance test for HTTPS_PROXY support --- acceptance.bats | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/acceptance.bats b/acceptance.bats index 2f963b0..7958b82 100755 --- a/acceptance.bats +++ b/acceptance.bats @@ -281,3 +281,10 @@ resetCacheFolder() { [ "$status" -eq 0 ] [ "$output" = 'Summary: 2 resources found in 1 file - Valid: 2, Invalid: 0, Errors: 0, Skipped: 0' ] } + +@test "Should support HTTPS_PROXY" { + # This only tests that the HTTPS_PROXY variable is picked up and that it tries to use it + run bash -c "HTTPS_PROXY=127.0.0.1:1234 bin/kubeconform fixtures/valid.yaml" + [ "$status" -eq 1 ] + [[ "$output" == *"proxyconnect tcp: dial tcp 127.0.0.1:1234: connect: connection refused"* ]] +} From 54e0b8f5bbcdb95872a5d9a4b356f9c7ecf13b32 Mon Sep 17 00:00:00 2001 From: Yann Hamon Date: Sun, 26 Sep 2021 12:14:53 +0200 Subject: [PATCH 4/4] Update README.md with Proxy support infos --- Readme.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Readme.md b/Readme.md index 60ea79e..1067d3d 100644 --- a/Readme.md +++ b/Readme.md @@ -231,6 +231,13 @@ bandwidth costs might be applicable. Since bandwidth from Github Packages within Github Container Registry to also be usable for free within Github Actions in the future. If that were not to be the case, I might publish the Docker image to a different platform. +### Proxy support + +Kubeconform will respect the HTTPS_PROXY variable when downloading schema files. + +``` +$ HTTPS_PROXY=proxy.local bin/kubeconform fixtures/valid.yaml +``` ### Speed comparison with Kubeval Running on a pretty large kubeconfigs setup, on a laptop with 4 cores: