fix: allow runner egress proxy override
This commit is contained in:
+37
-11
@@ -7,8 +7,8 @@ import { gitTransportSummary, runnerGitTransportEnvVars } from "../common/git-tr
|
||||
const defaultBootRepoUrl = "http://git-mirror-http.devops-infra.svc.cluster.local/pikasTech/agentrun.git";
|
||||
const defaultResourceBinPath = "/usr/local/bin";
|
||||
const defaultCodexShellSandbox = "danger-full-access";
|
||||
const defaultRunnerEgressProxyUrl = "http://g14-provider-egress-proxy.unidesk.svc.cluster.local:18789";
|
||||
const defaultRunnerNoProxy = [
|
||||
const fallbackRunnerEgressProxyUrl = "http://g14-provider-egress-proxy.unidesk.svc.cluster.local:18789";
|
||||
const defaultRunnerNoProxyItems = [
|
||||
"localhost",
|
||||
"127.0.0.1",
|
||||
"::1",
|
||||
@@ -36,7 +36,7 @@ const defaultRunnerNoProxy = [
|
||||
"10.43.0.0/16",
|
||||
".svc",
|
||||
".cluster.local",
|
||||
].join(",");
|
||||
];
|
||||
|
||||
export interface RunnerJobRenderOptions {
|
||||
run: RunRecord;
|
||||
@@ -331,18 +331,44 @@ function transientEnvVars(items: RunnerTransientEnv[]): JsonRecord[] {
|
||||
}
|
||||
|
||||
function runnerEgressProxyEnvVars(): JsonRecord[] {
|
||||
const proxyUrl = runnerEgressProxyUrl(process.env);
|
||||
const noProxy = runnerNoProxy(process.env, proxyUrl);
|
||||
return [
|
||||
{ name: "HTTP_PROXY", value: defaultRunnerEgressProxyUrl },
|
||||
{ name: "HTTPS_PROXY", value: defaultRunnerEgressProxyUrl },
|
||||
{ name: "ALL_PROXY", value: defaultRunnerEgressProxyUrl },
|
||||
{ name: "NO_PROXY", value: defaultRunnerNoProxy },
|
||||
{ name: "http_proxy", value: defaultRunnerEgressProxyUrl },
|
||||
{ name: "https_proxy", value: defaultRunnerEgressProxyUrl },
|
||||
{ name: "all_proxy", value: defaultRunnerEgressProxyUrl },
|
||||
{ name: "no_proxy", value: defaultRunnerNoProxy },
|
||||
{ name: "HTTP_PROXY", value: proxyUrl },
|
||||
{ name: "HTTPS_PROXY", value: proxyUrl },
|
||||
{ name: "ALL_PROXY", value: proxyUrl },
|
||||
{ name: "NO_PROXY", value: noProxy },
|
||||
{ name: "http_proxy", value: proxyUrl },
|
||||
{ name: "https_proxy", value: proxyUrl },
|
||||
{ name: "all_proxy", value: proxyUrl },
|
||||
{ name: "no_proxy", value: noProxy },
|
||||
];
|
||||
}
|
||||
|
||||
function runnerEgressProxyUrl(env: NodeJS.ProcessEnv): string {
|
||||
const value = env.AGENTRUN_RUNNER_EGRESS_PROXY_URL?.trim();
|
||||
return value && value.length > 0 ? value : fallbackRunnerEgressProxyUrl;
|
||||
}
|
||||
|
||||
function runnerNoProxy(env: NodeJS.ProcessEnv, proxyUrl: string): string {
|
||||
const items = new Set(defaultRunnerNoProxyItems);
|
||||
const proxyHost = hostFromUrl(proxyUrl);
|
||||
if (proxyHost) items.add(proxyHost);
|
||||
for (const item of (env.AGENTRUN_RUNNER_NO_PROXY_EXTRA ?? "").split(",")) {
|
||||
const value = item.trim();
|
||||
if (value.length > 0) items.add(value);
|
||||
}
|
||||
return [...items].join(",");
|
||||
}
|
||||
|
||||
function hostFromUrl(value: string): string | null {
|
||||
try {
|
||||
return new URL(value).hostname || null;
|
||||
} catch {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
function dedupeEnvVars(items: JsonRecord[]): JsonRecord[] {
|
||||
const order: string[] = [];
|
||||
const byName = new Map<string, JsonRecord>();
|
||||
|
||||
Reference in New Issue
Block a user