fix runner GitHub egress proxy defaults
This commit is contained in:
@@ -7,11 +7,6 @@ export const defaultGitLowSpeedTimeSeconds = 15;
|
||||
export const defaultGitHttpVersion = "HTTP/1.1";
|
||||
|
||||
export const defaultGitDirectHosts = Object.freeze([
|
||||
"github.com",
|
||||
"api.github.com",
|
||||
"codeload.github.com",
|
||||
"objects.githubusercontent.com",
|
||||
"raw.githubusercontent.com",
|
||||
"registry.npmjs.org",
|
||||
"registry.npmmirror.com",
|
||||
]);
|
||||
|
||||
@@ -24,11 +24,6 @@ const defaultRunnerNoProxy = [
|
||||
"g14-provider-egress-proxy.unidesk",
|
||||
"g14-provider-egress-proxy.unidesk.svc",
|
||||
"g14-provider-egress-proxy.unidesk.svc.cluster.local",
|
||||
"github.com",
|
||||
"api.github.com",
|
||||
"codeload.github.com",
|
||||
"objects.githubusercontent.com",
|
||||
"raw.githubusercontent.com",
|
||||
"registry.npmjs.org",
|
||||
"registry.npmmirror.com",
|
||||
"g14-tcp-egress-gateway",
|
||||
|
||||
@@ -362,6 +362,8 @@ function assertRunnerJobUsesG14EgressProxy(manifest: JsonRecord): void {
|
||||
assert.ok(noProxy.includes("hyueapi.com"), "NO_PROXY must keep hyueapi.com direct");
|
||||
assert.ok(noProxy.includes(".hyueapi.com"), "NO_PROXY must keep .hyueapi.com direct");
|
||||
assert.ok(noProxy.includes("g14-provider-egress-proxy.unidesk.svc.cluster.local"), "NO_PROXY must include the proxy Service itself");
|
||||
assert.equal(noProxy.includes("github.com"), false, "GitHub HTTPS traffic must use the configured runner egress proxy");
|
||||
assert.equal(noProxy.includes("codeload.github.com"), false, "codeload downloads must use the configured runner egress proxy");
|
||||
assert.ok(noProxy.includes("registry.npmjs.org"), "NO_PROXY must keep registry.npmjs.org direct");
|
||||
assert.ok(noProxy.includes("registry.npmmirror.com"), "NO_PROXY must keep registry.npmmirror.com direct");
|
||||
assert.ok(noProxy.includes(".svc"), "NO_PROXY must include Kubernetes Service domains");
|
||||
@@ -376,8 +378,9 @@ function assertRunnerJobUsesBoundedGitTransport(rendered: JsonRecord): void {
|
||||
assert.equal(runnerEnvValue(manifest, "AGENTRUN_GIT_DEFAULT_TIMEOUT_MS"), "60000");
|
||||
assert.equal(runnerEnvValue(manifest, "AGENTRUN_GIT_CREDENTIAL_HELPER"), "gh-auth-setup-git");
|
||||
const directHosts = String(runnerEnvValue(manifest, "AGENTRUN_GIT_DIRECT_HOSTS"));
|
||||
assert.ok(directHosts.includes("github.com"), "GitHub HTTPS transport should be eligible for direct fallback");
|
||||
assert.ok(directHosts.includes("codeload.github.com"), "codeload downloads should be eligible for direct fallback");
|
||||
assert.equal(directHosts.includes("github.com"), false, "GitHub HTTPS transport should use the runner egress proxy by default");
|
||||
assert.equal(directHosts.includes("codeload.github.com"), false, "codeload downloads should use the runner egress proxy by default");
|
||||
assert.ok(directHosts.includes("registry.npmjs.org"), "registry.npmjs.org remains eligible for direct fallback");
|
||||
const summary = rendered.gitTransport as JsonRecord;
|
||||
assert.equal(summary.valuesPrinted, false);
|
||||
assert.equal(summary.terminalPrompt, false);
|
||||
|
||||
+1
-1
@@ -10,7 +10,7 @@ const defaultConnectTimeoutSeconds = Number(process.env.AGENTRUN_GIT_CONNECT_TIM
|
||||
const defaultLowSpeedLimit = Number(process.env.GIT_HTTP_LOW_SPEED_LIMIT || 1_024);
|
||||
const defaultLowSpeedTime = Number(process.env.GIT_HTTP_LOW_SPEED_TIME || 15);
|
||||
const defaultHttpVersion = process.env.AGENTRUN_GIT_HTTP_VERSION || process.env.GIT_HTTP_VERSION || "HTTP/1.1";
|
||||
const defaultDirectHosts = ["github.com", "api.github.com", "codeload.github.com", "objects.githubusercontent.com", "raw.githubusercontent.com", "registry.npmjs.org", "registry.npmmirror.com"];
|
||||
const defaultDirectHosts = ["registry.npmjs.org", "registry.npmmirror.com"];
|
||||
|
||||
function help() {
|
||||
return {
|
||||
|
||||
Reference in New Issue
Block a user