fix runner GitHub egress proxy defaults

This commit is contained in:
AgentRun Codex
2026-06-12 05:08:44 +08:00
parent 216c2edf9c
commit 418b4df4de
4 changed files with 6 additions and 13 deletions
-5
View File
@@ -7,11 +7,6 @@ export const defaultGitLowSpeedTimeSeconds = 15;
export const defaultGitHttpVersion = "HTTP/1.1"; export const defaultGitHttpVersion = "HTTP/1.1";
export const defaultGitDirectHosts = Object.freeze([ export const defaultGitDirectHosts = Object.freeze([
"github.com",
"api.github.com",
"codeload.github.com",
"objects.githubusercontent.com",
"raw.githubusercontent.com",
"registry.npmjs.org", "registry.npmjs.org",
"registry.npmmirror.com", "registry.npmmirror.com",
]); ]);
-5
View File
@@ -24,11 +24,6 @@ const defaultRunnerNoProxy = [
"g14-provider-egress-proxy.unidesk", "g14-provider-egress-proxy.unidesk",
"g14-provider-egress-proxy.unidesk.svc", "g14-provider-egress-proxy.unidesk.svc",
"g14-provider-egress-proxy.unidesk.svc.cluster.local", "g14-provider-egress-proxy.unidesk.svc.cluster.local",
"github.com",
"api.github.com",
"codeload.github.com",
"objects.githubusercontent.com",
"raw.githubusercontent.com",
"registry.npmjs.org", "registry.npmjs.org",
"registry.npmmirror.com", "registry.npmmirror.com",
"g14-tcp-egress-gateway", "g14-tcp-egress-gateway",
+5 -2
View File
@@ -362,6 +362,8 @@ function assertRunnerJobUsesG14EgressProxy(manifest: JsonRecord): void {
assert.ok(noProxy.includes("hyueapi.com"), "NO_PROXY must keep hyueapi.com direct"); assert.ok(noProxy.includes("hyueapi.com"), "NO_PROXY must keep hyueapi.com direct");
assert.ok(noProxy.includes(".hyueapi.com"), "NO_PROXY must keep .hyueapi.com direct"); assert.ok(noProxy.includes(".hyueapi.com"), "NO_PROXY must keep .hyueapi.com direct");
assert.ok(noProxy.includes("g14-provider-egress-proxy.unidesk.svc.cluster.local"), "NO_PROXY must include the proxy Service itself"); assert.ok(noProxy.includes("g14-provider-egress-proxy.unidesk.svc.cluster.local"), "NO_PROXY must include the proxy Service itself");
assert.equal(noProxy.includes("github.com"), false, "GitHub HTTPS traffic must use the configured runner egress proxy");
assert.equal(noProxy.includes("codeload.github.com"), false, "codeload downloads must use the configured runner egress proxy");
assert.ok(noProxy.includes("registry.npmjs.org"), "NO_PROXY must keep registry.npmjs.org direct"); assert.ok(noProxy.includes("registry.npmjs.org"), "NO_PROXY must keep registry.npmjs.org direct");
assert.ok(noProxy.includes("registry.npmmirror.com"), "NO_PROXY must keep registry.npmmirror.com direct"); assert.ok(noProxy.includes("registry.npmmirror.com"), "NO_PROXY must keep registry.npmmirror.com direct");
assert.ok(noProxy.includes(".svc"), "NO_PROXY must include Kubernetes Service domains"); assert.ok(noProxy.includes(".svc"), "NO_PROXY must include Kubernetes Service domains");
@@ -376,8 +378,9 @@ function assertRunnerJobUsesBoundedGitTransport(rendered: JsonRecord): void {
assert.equal(runnerEnvValue(manifest, "AGENTRUN_GIT_DEFAULT_TIMEOUT_MS"), "60000"); assert.equal(runnerEnvValue(manifest, "AGENTRUN_GIT_DEFAULT_TIMEOUT_MS"), "60000");
assert.equal(runnerEnvValue(manifest, "AGENTRUN_GIT_CREDENTIAL_HELPER"), "gh-auth-setup-git"); assert.equal(runnerEnvValue(manifest, "AGENTRUN_GIT_CREDENTIAL_HELPER"), "gh-auth-setup-git");
const directHosts = String(runnerEnvValue(manifest, "AGENTRUN_GIT_DIRECT_HOSTS")); const directHosts = String(runnerEnvValue(manifest, "AGENTRUN_GIT_DIRECT_HOSTS"));
assert.ok(directHosts.includes("github.com"), "GitHub HTTPS transport should be eligible for direct fallback"); assert.equal(directHosts.includes("github.com"), false, "GitHub HTTPS transport should use the runner egress proxy by default");
assert.ok(directHosts.includes("codeload.github.com"), "codeload downloads should be eligible for direct fallback"); assert.equal(directHosts.includes("codeload.github.com"), false, "codeload downloads should use the runner egress proxy by default");
assert.ok(directHosts.includes("registry.npmjs.org"), "registry.npmjs.org remains eligible for direct fallback");
const summary = rendered.gitTransport as JsonRecord; const summary = rendered.gitTransport as JsonRecord;
assert.equal(summary.valuesPrinted, false); assert.equal(summary.valuesPrinted, false);
assert.equal(summary.terminalPrompt, false); assert.equal(summary.terminalPrompt, false);
+1 -1
View File
@@ -10,7 +10,7 @@ const defaultConnectTimeoutSeconds = Number(process.env.AGENTRUN_GIT_CONNECT_TIM
const defaultLowSpeedLimit = Number(process.env.GIT_HTTP_LOW_SPEED_LIMIT || 1_024); const defaultLowSpeedLimit = Number(process.env.GIT_HTTP_LOW_SPEED_LIMIT || 1_024);
const defaultLowSpeedTime = Number(process.env.GIT_HTTP_LOW_SPEED_TIME || 15); const defaultLowSpeedTime = Number(process.env.GIT_HTTP_LOW_SPEED_TIME || 15);
const defaultHttpVersion = process.env.AGENTRUN_GIT_HTTP_VERSION || process.env.GIT_HTTP_VERSION || "HTTP/1.1"; const defaultHttpVersion = process.env.AGENTRUN_GIT_HTTP_VERSION || process.env.GIT_HTTP_VERSION || "HTTP/1.1";
const defaultDirectHosts = ["github.com", "api.github.com", "codeload.github.com", "objects.githubusercontent.com", "raw.githubusercontent.com", "registry.npmjs.org", "registry.npmmirror.com"]; const defaultDirectHosts = ["registry.npmjs.org", "registry.npmmirror.com"];
function help() { function help() {
return { return {